Dernières vulnérabilités du Mercredi 5 Juillet 2023

Dernières vulnérabilités du Mercredi 5 Juillet 2023
{{titre}}

Dernière mise à jour efféctuée le 05/07/2023 à 23:58:02

(0) Vulnérabilité(s) CRITICAL [9.0, 10.0]

(15) Vulnérabilité(s) HIGH [7.0, 8.9]

Vulnérabilité ID : CVE-2023-35971

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
A vulnerability in the ArubaOS web-based management interface could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.

CVE ID : CVE-2023-35971
Source : security-alert@hpe.com
Score CVSS : 8.8

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-35924

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
GLPI is a free asset and IT management software package. Starting in version 10.0.0 and prior to version 10.0.8, GLPI inventory endpoint can be used to drive a SQL injection attack. By default, GLPI inventory endpoint requires no authentication. Version 10.0.8 has a patch for this issue. As a workaround, one may disable native inventory.

CVE ID : CVE-2023-35924
Source : security-advisories@github.com
Score CVSS : 8.6

Références :
https://github.com/glpi-project/glpi/releases/tag/10.0.8 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-gxh4-j63w-8jmm | source : security-advisories@github.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-36808

Première publication le : 05-07-2023 21:15:10
Dernière modification le : 05-07-2023 21:15:10

Description :
GLPI is a free asset and IT management software package. Starting in version 0.80 and prior to version 10.0.8, Computer Virtual Machine form and GLPI inventory request can be used to perform a SQL injection attack. Version 10.0.8 has a patch for this issue. As a workaround, one may disable native inventory.

CVE ID : CVE-2023-36808
Source : security-advisories@github.com
Score CVSS : 8.6

Références :
https://github.com/glpi-project/glpi/releases/tag/10.0.8 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-vf5h-jh9q-2gjm | source : security-advisories@github.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-27390

Première publication le : 05-07-2023 16:15:09
Dernière modification le : 05-07-2023 18:15:09

Description :
A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger this vulnerability.

CVE ID : CVE-2023-27390
Source : talos-cna@cisco.com
Score CVSS : 8.4

Références :
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1744 | source : talos-cna@cisco.com
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1744 | source : talos-cna@cisco.com

Vulnérabilité : CWE-122


Vulnérabilité ID : CVE-2023-35939

Première publication le : 05-07-2023 21:15:09
Dernière modification le : 05-07-2023 21:15:09

Description :
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.8, an incorrect rights check on a on a file accessible by an authenticated user (or not for certain actions), allows a threat actor to interact, modify, or see Dashboard data. Version 10.0.8 contains a patch for this issue.

CVE ID : CVE-2023-35939
Source : security-advisories@github.com
Score CVSS : 8.1

Références :
https://github.com/glpi-project/glpi/releases/tag/10.0.8 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-cjcx-pwcx-v34c | source : security-advisories@github.com

Vulnérabilité : CWE-284Vulnérabilité : CWE-863


Vulnérabilité ID : CVE-2023-31248

Première publication le : 05-07-2023 19:15:09
Dernière modification le : 05-07-2023 21:15:09

Description :
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace

CVE ID : CVE-2023-31248
Source : security@ubuntu.com
Score CVSS : 7.8

Références :
http://www.openwall.com/lists/oss-security/2023/07/05/2 | source : security@ubuntu.com
https://lore.kernel.org/netfilter-devel/20230705121627.GC19489@breakpoint.cc/T/ | source : security@ubuntu.com
https://www.openwall.com/lists/oss-security/2023/07/05/2 | source : security@ubuntu.com

Vulnérabilité : CWE-416


Vulnérabilité ID : CVE-2023-35001

Première publication le : 05-07-2023 19:15:10
Dernière modification le : 05-07-2023 21:15:09

Description :
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace

CVE ID : CVE-2023-35001
Source : security@ubuntu.com
Score CVSS : 7.8

Références :
http://www.openwall.com/lists/oss-security/2023/07/05/3 | source : security@ubuntu.com
https://lore.kernel.org/netfilter-devel/20230705121515.747251-1-cascardo@canonical.com/T/ | source : security@ubuntu.com
https://www.openwall.com/lists/oss-security/2023/07/05/3 | source : security@ubuntu.com

Vulnérabilité : CWE-787


Vulnérabilité ID : CVE-2023-34337

Première publication le : 05-07-2023 19:15:09
Dernière modification le : 05-07-2023 20:14:23

Description :
AMI SPx contains a vulnerability in the BMC where a user may cause an inadequate encryption strength by hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.

CVE ID : CVE-2023-34337
Source : biossecurity@ami.com
Score CVSS : 7.6

Références :
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf | source : biossecurity@ami.com

Vulnérabilité : CWE-326


Vulnérabilité ID : CVE-2023-2880

Première publication le : 05-07-2023 10:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
Frauscher Sensortechnik GmbH FDS001 for FAdC/FAdCi v1.3.3 and all previous versions are vulnerable to a path traversal vulnerability of the web interface by a crafted URL without authentication. This enables an remote attacker to read all files on the filesystem of the FDS001 device.

CVE ID : CVE-2023-2880
Source : info@cert.vde.com
Score CVSS : 7.5

Références :
https://cert.vde.com/en/advisories/VDE-2023-011/ | source : info@cert.vde.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-35940

Première publication le : 05-07-2023 21:15:09
Dernière modification le : 05-07-2023 21:15:09

Description :
GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to version 10.0.8, an incorrect rights check on a file allows an unauthenticated user to be able to access dashboards data. Version 10.0.8 contains a patch for this issue.

CVE ID : CVE-2023-35940
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/glpi-project/glpi/releases/tag/10.0.8 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-qrh8-rg45-45fw | source : security-advisories@github.com

Vulnérabilité : CWE-284Vulnérabilité : CWE-287


Vulnérabilité ID : CVE-2023-35972

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
An authenticated remote command injection vulnerability exists in the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in the ability to execute arbitrary commands as a privileged user on the underlying operating system. This allows an attacker to fully compromise the underlying operating system on the device running ArubaOS.

CVE ID : CVE-2023-35972
Source : security-alert@hpe.com
Score CVSS : 7.2

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-35973

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

CVE ID : CVE-2023-35973
Source : security-alert@hpe.com
Score CVSS : 7.2

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-35974

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary commands as a privileged user on the underlying operating system.

CVE ID : CVE-2023-35974
Source : security-alert@hpe.com
Score CVSS : 7.2

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-34338

Première publication le : 05-07-2023 19:15:09
Dernière modification le : 05-07-2023 20:14:23

Description :
AMI SPx contains a vulnerability in the BMC where an Attacker may cause a use of hard-coded cryptographic key by a hard-coded certificate. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.

CVE ID : CVE-2023-34338
Source : biossecurity@ami.com
Score CVSS : 7.1

Références :
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf | source : biossecurity@ami.com

Vulnérabilité : CWE-321


Vulnérabilité ID : CVE-2023-3089

Première publication le : 05-07-2023 13:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated.

CVE ID : CVE-2023-3089
Source : secalert@redhat.com
Score CVSS : 7.0

Références :
https://access.redhat.com/security/cve/CVE-2023-3089 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2212085 | source : secalert@redhat.com


(20) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Vulnérabilité ID : CVE-2023-34473

Première publication le : 05-07-2023 19:15:10
Dernière modification le : 05-07-2023 20:14:23

Description :
AMI SPx contains a vulnerability in the BMC where a valid user may cause a use of hard-coded credentials. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity, and availability.

CVE ID : CVE-2023-34473
Source : biossecurity@ami.com
Score CVSS : 6.6

Références :
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf | source : biossecurity@ami.com

Vulnérabilité : CWE-798


Vulnérabilité ID : CVE-2023-34150

Première publication le : 05-07-2023 08:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
** UNSUPPORTED WHEN ASSIGNED ** Use of TikaEncodingDetector in Apache Any23 can cause excessive memory usage.

CVE ID : CVE-2023-34150
Source : security@apache.org
Score CVSS : 6.5

Références :
https://lists.apache.org/thread/713tk23khbtbg940pb2ql8ggd4cvh6j1 | source : security@apache.org

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-35975

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
An authenticated path traversal vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in the ability to delete arbitrary files in the underlying operating system.

CVE ID : CVE-2023-35975
Source : security-alert@hpe.com
Score CVSS : 6.5

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-35976

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.

CVE ID : CVE-2023-35976
Source : security-alert@hpe.com
Score CVSS : 6.5

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-35977

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
Vulnerabilities exist which allow an authenticated attacker to access sensitive information on the ArubaOS command line interface. Successful exploitation could allow access to data beyond what is authorized by the users existing privilege level.

CVE ID : CVE-2023-35977
Source : security-alert@hpe.com
Score CVSS : 6.5

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-34106

Première publication le : 05-07-2023 18:15:10
Dernière modification le : 05-07-2023 20:14:23

Description :
GLPI is a free asset and IT management software package. Versions of the software starting with 0.68 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user. This allows access to the list of all users and their personal information. Users should upgrade to version 10.0.8 to receive a patch.

CVE ID : CVE-2023-34106
Source : security-advisories@github.com
Score CVSS : 6.5

Références :
https://github.com/glpi-project/glpi/releases/tag/10.0.8 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-923r-hqh4-wj7c | source : security-advisories@github.com

Vulnérabilité : CWE-284Vulnérabilité : CWE-863


Vulnérabilité ID : CVE-2023-34107

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
GLPI is a free asset and IT management software package. Versions of the software starting with 9.2.0 and prior to 10.0.8 have an incorrect rights check on a on a file accessible by an authenticated user, allows access to the view all KnowbaseItems. Version 10.0.8 has a patch for this issue.

CVE ID : CVE-2023-34107
Source : security-advisories@github.com
Score CVSS : 6.5

Références :
https://github.com/glpi-project/glpi/releases/tag/10.0.8 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-966h-xrf5-pmj4 | source : security-advisories@github.com

Vulnérabilité : CWE-284Vulnérabilité : CWE-863


Vulnérabilité ID : CVE-2023-34244

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
GLPI is a free asset and IT management software package. Starting in version 9.4.0 and prior to version 10.0.8, a malicious link can be crafted by an unauthenticated user that can exploit a reflected XSS in case any authenticated user opens the crafted link. Users should upgrade to version 10.0.8 to receive a patch.

CVE ID : CVE-2023-34244
Source : security-advisories@github.com
Score CVSS : 6.5

Références :
https://github.com/glpi-project/glpi/releases/tag/10.0.8 | source : security-advisories@github.com
https://github.com/glpi-project/glpi/security/advisories/GHSA-p93p-pwg9-w95w | source : security-advisories@github.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-2538

Première publication le : 05-07-2023 13:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
A CWE-552 "Files or Directories Accessible to External Parties” in the web interface of the Tyan S5552 BMC version 3.00 allows an unauthenticated remote attacker to retrieve the private key of the TLS certificate in use by the BMC via forced browsing. This can then be abused to perform Man-in-the-Middle (MitM) attacks against victims that access the web interface through HTTPS.

CVE ID : CVE-2023-2538
Source : prodsec@nozominetworks.com
Score CVSS : 6.3

Références :
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2023-2538/ | source : prodsec@nozominetworks.com

Vulnérabilité : CWE-552


Vulnérabilité ID : CVE-2023-34471

Première publication le : 05-07-2023 19:15:09
Dernière modification le : 05-07-2023 20:14:23

Description :
AMI SPx contains a vulnerability in the BMC where a user may cause a missing cryptographic step by generating a hash-based message authentication code (HMAC). A successful exploit of this vulnerability may lead to the loss confidentiality, integrity, and authentication.

CVE ID : CVE-2023-34471
Source : biossecurity@ami.com
Score CVSS : 6.3

Références :
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf | source : biossecurity@ami.com

Vulnérabilité : CWE-325


Vulnérabilité ID : CVE-2023-36457

Première publication le : 05-07-2023 21:15:09
Dernière modification le : 05-07-2023 21:15:09

Description :
1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payload to achieve command injection when adding container repositories. The vulnerability has been fixed in v1.3.6.

CVE ID : CVE-2023-36457
Source : security-advisories@github.com
Score CVSS : 6.3

Références :
https://github.com/1Panel-dev/1Panel/releases/tag/v1.3.6 | source : security-advisories@github.com
https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-q2mx-gpjf-3h8x | source : security-advisories@github.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-36458

Première publication le : 05-07-2023 21:15:09
Dernière modification le : 05-07-2023 21:15:09

Description :
1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payloads to achieve command injection when entering the container terminal. The vulnerability has been fixed in v1.3.6.

CVE ID : CVE-2023-36458
Source : security-advisories@github.com
Score CVSS : 6.3

Références :
https://github.com/1Panel-dev/1Panel/releases/tag/v1.3.6 | source : security-advisories@github.com
https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-7x2c-fgx6-xf9h | source : security-advisories@github.com

Vulnérabilité : CWE-77


Vulnérabilité ID : CVE-2023-35978

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
A vulnerability in ArubaOS could allow an unauthenticated remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface. A successful exploit could allow an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.

CVE ID : CVE-2023-35978
Source : security-alert@hpe.com
Score CVSS : 6.1

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-35936

Première publication le : 05-07-2023 21:15:09
Dernière modification le : 05-07-2023 21:15:09

Description :
Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafted image element in the input when generating files using the `--extract-media` option or outputting to PDF format. This vulnerability allows an attacker to create or overwrite arbitrary files on the system ,depending on the privileges of the process running pandoc. It only affects systems that pass untrusted user input to pandoc and allow pandoc to be used to produce a PDF or with the `--extract-media` option. The fix is to unescape the percent-encoding prior to checking that the resource is not above the working directory, and prior to extracting the extension. Some code for checking that the path is below the working directory was flawed in a similar way and has also been fixed. Note that the `--sandbox` option, which only affects IO done by readers and writers themselves, does not block this vulnerability. The vulnerability is patched in pandoc 3.1.4. As a workaround, audit the pandoc command and disallow PDF output and the `--extract-media` option.

CVE ID : CVE-2023-35936
Source : security-advisories@github.com
Score CVSS : 6.1

Références :
https://github.com/jgm/pandoc/security/advisories/GHSA-xj5q-fv23-575g | source : security-advisories@github.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-34457

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
MechanicalSoup is a Python library for automating interaction with websites. Starting in version 0.2.0 and prior to version 1.3.0, a malicious web server can read arbitrary files on the client using a `<input type="file" ...>` inside HTML form. All users of MechanicalSoup's form submission are affected, unless they took very specific (and manual) steps to reset HTML form field values. Version 1.3.0 contains a patch for this issue.

CVE ID : CVE-2023-34457
Source : security-advisories@github.com
Score CVSS : 5.9

Références :
https://github.com/MechanicalSoup/MechanicalSoup/commit/d57c4a269bba3b9a0c5bfa20292955b849006d9e | source : security-advisories@github.com
https://github.com/MechanicalSoup/MechanicalSoup/releases/tag/v1.3.0 | source : security-advisories@github.com
https://github.com/MechanicalSoup/MechanicalSoup/security/advisories/GHSA-x456-3ccm-m6j4 | source : security-advisories@github.com

Vulnérabilité : CWE-20


Vulnérabilité ID : CVE-2023-34472

Première publication le : 05-07-2023 19:15:10
Dernière modification le : 05-07-2023 20:14:23

Description :
AMI SPx contains a vulnerability in the BMC where an Attacker may cause an improper neutralization of CRLF sequences in HTTP Headers. A successful exploit of this vulnerability may lead to a loss of integrity.

CVE ID : CVE-2023-34472
Source : biossecurity@ami.com
Score CVSS : 5.7

Références :
https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/AMI-SA-2023006.pdf | source : biossecurity@ami.com

Vulnérabilité : CWE-113Vulnérabilité : CWE-93


Vulnérabilité ID : CVE-2023-3336

Première publication le : 05-07-2023 10:15:10
Dernière modification le : 05-07-2023 13:00:26

Description :
TN-5900 Series version 3.3 and prior versions is vulnearble to user enumeration vulnerability. The vulnerability may allow a remote attacker to determine whether a user is valid during password recovery through the web login page and enable a brute force attack with valid users.

CVE ID : CVE-2023-3336
Source : psirt@moxa.com
Score CVSS : 5.3

Références :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230401-tn-5900-series-user-enumeration-vulnerability | source : psirt@moxa.com

Vulnérabilité : CWE-204


Vulnérabilité ID : CVE-2023-35979

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
There is an unauthenticated buffer overflow vulnerability in the process controlling the ArubaOS web-based management interface. Successful exploitation of this vulnerability results in a Denial-of-Service (DoS) condition affecting the web-based management interface of the controller.

CVE ID : CVE-2023-35979
Source : security-alert@hpe.com
Score CVSS : 5.3

Références :
https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-008.txt | source : security-alert@hpe.com


Vulnérabilité ID : CVE-2023-30607

Première publication le : 05-07-2023 18:15:10
Dernière modification le : 05-07-2023 20:14:23

Description :
icingaweb2-module-jira provides integration with Atlassian Jira. Starting in version 1.3.0 and prior to version 1.3.2, template and field configuration forms perform the deletion action before user input is validated, including the cross site request forgery token. This issue is fixed in version 1.3.2. There are no known workarounds.

CVE ID : CVE-2023-30607
Source : security-advisories@github.com
Score CVSS : 5.0

Références :
https://github.com/Icinga/icingaweb2-module-jira/commit/7f0c53b7a3e87be2f4c2e8840805d7b7c9762424 | source : security-advisories@github.com
https://github.com/Icinga/icingaweb2-module-jira/releases/tag/v1.3.2 | source : security-advisories@github.com
https://github.com/Icinga/icingaweb2-module-jira/security/advisories/GHSA-gh7w-7f7j-gwp5 | source : security-advisories@github.com

Vulnérabilité : CWE-352


Vulnérabilité ID : CVE-2023-31194

Première publication le : 05-07-2023 16:15:09
Dernière modification le : 05-07-2023 18:15:10

Description :
An access violation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger this vulnerability.

CVE ID : CVE-2023-31194
Source : talos-cna@cisco.com
Score CVSS : 4.0

Références :
https://talosintelligence.com/vulnerability_reports/TALOS-2023-1745 | source : talos-cna@cisco.com
https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1745 | source : talos-cna@cisco.com

Vulnérabilité : CWE-122


(1) Vulnérabilité(s) LOW [0.1, 3.9]

Vulnérabilité ID : CVE-2023-3515

Première publication le : 05-07-2023 15:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4.

CVE ID : CVE-2023-3515
Source : security@huntr.dev
Score CVSS : 3.0

Références :
https://github.com/go-gitea/gitea/commit/9aaaf980f0ba15611f30568bd67bce3ec12954e2 | source : security@huntr.dev
https://huntr.dev/bounties/e335cd18-bc4d-4585-adb7-426c817ed053 | source : security@huntr.dev

Vulnérabilité : CWE-601


(37) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Vulnérabilité ID : CVE-2022-42175

Première publication le : 05-07-2023 03:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker to change the password and hostname of other customer servers without authorization.

CVE ID : CVE-2022-42175
Source : cve@mitre.org
Score CVSS : /

Références :
http://soluslabs.com | source : cve@mitre.org
http://solusvm.com | source : cve@mitre.org
https://gist.github.com/mr404ntf/9c8728ee8f35d9744feec3828df1085d | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33201

Première publication le : 05-07-2023 03:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
Bouncy Castle For Java before 1.74 is affected by an LDAP injection vulnerability. The vulnerability only affects applications that use an LDAP CertStore from Bouncy Castle to validate X.509 certificates. During the certificate validation process, Bouncy Castle inserts the certificate's Subject Name into an LDAP search filter without any escaping, which leads to an LDAP injection vulnerability.

CVE ID : CVE-2023-33201
Source : cve@mitre.org
Score CVSS : /

Références :
https://bouncycastle.org | source : cve@mitre.org
https://github.com/bcgit/bc-java/commit/e8c409a8389c815ea3fda5e8b94c92fdfe583bcc | source : cve@mitre.org
https://github.com/bcgit/bc-java/wiki/CVE-2023-33201 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-35786

Première publication le : 05-07-2023 06:15:21
Dernière modification le : 05-07-2023 13:00:26

Description :
Zoho ManageEngine ADManager Plus before 7183 allows admin users to exploit an XXE issue to view files.

CVE ID : CVE-2023-35786
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.manageengine.com/products/ad-manager/admanager-kb/cve-2023-35786.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37201

Première publication le : 05-07-2023 09:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
An attacker could have triggered a use-after-free condition when creating a WebRTC connection over HTTPS. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE ID : CVE-2023-37201
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1826002 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-23/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-24/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37202

Première publication le : 05-07-2023 09:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
Cross-compartment wrappers wrapping a scripted proxy could have caused objects from other compartments to be stored in the main compartment resulting in a use-after-free. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE ID : CVE-2023-37202
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1834711 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-23/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-24/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37207

Première publication le : 05-07-2023 09:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
A website could have obscured the fullscreen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE ID : CVE-2023-37207
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1816287 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-23/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-24/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37208

Première publication le : 05-07-2023 09:15:10
Dernière modification le : 05-07-2023 13:00:26

Description :
When opening Diagcab files, Firefox did not warn the user that these files may contain malicious code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE ID : CVE-2023-37208
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1837675 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-23/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-24/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37203

Première publication le : 05-07-2023 10:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
Insufficient validation in the Drag and Drop API in conjunction with social engineering, may have allowed an attacker to trick end-users into creating a shortcut to local system files. This could have been leveraged to execute arbitrary code. This vulnerability affects Firefox < 115.

CVE ID : CVE-2023-37203
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=291640 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37204

Première publication le : 05-07-2023 10:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
A website could have obscured the fullscreen notification by using an option element by introducing lag via an expensive computational function. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115.

CVE ID : CVE-2023-37204
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1832195 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37205

Première publication le : 05-07-2023 10:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
The use of RTL Arabic characters in the address bar may have allowed for URL spoofing. This vulnerability affects Firefox < 115.

CVE ID : CVE-2023-37205
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1704420 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37206

Première publication le : 05-07-2023 10:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
Uploading files which contain symlinks may have allowed an attacker to trick a user into submitting sensitive data to a malicious website. This vulnerability affects Firefox < 115.

CVE ID : CVE-2023-37206
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1813299 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37209

Première publication le : 05-07-2023 10:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
A use-after-free condition existed in `NotifyOnHistoryReload` where a `LoadingSessionHistoryEntry` object was freed and a reference to that object remained. This resulted in a potentially exploitable condition when the reference to that object was later reused. This vulnerability affects Firefox < 115.

CVE ID : CVE-2023-37209
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1837993 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37210

Première publication le : 05-07-2023 10:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
A website could prevent a user from exiting full-screen mode via alert and prompt calls. This could lead to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 115.

CVE ID : CVE-2023-37210
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1821886 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37211

Première publication le : 05-07-2023 10:15:10
Dernière modification le : 05-07-2023 13:00:26

Description :
Memory safety bugs present in Firefox 114, Firefox ESR 102.12, and Thunderbird 102.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115, Firefox ESR < 102.13, and Thunderbird < 102.13.

CVE ID : CVE-2023-37211
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1832306%2C1834862%2C1835886%2C1836550%2C1837450 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-23/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-24/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-37212

Première publication le : 05-07-2023 10:15:10
Dernière modification le : 05-07-2023 13:00:26

Description :
Memory safety bugs present in Firefox 114. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 115.

CVE ID : CVE-2023-37212
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1750870%2C1825552%2C1826206%2C1827076%2C1828690%2C1833503%2C1835710%2C1838587 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2023-3482

Première publication le : 05-07-2023 10:15:10
Dernière modification le : 05-07-2023 13:00:26

Description :
When Firefox is configured to block storage of all cookies, it was still possible to store data in localstorage by using an iframe with a source of 'about:blank'. This could have led to malicious websites storing tracking data without permission. This vulnerability affects Firefox < 115.

CVE ID : CVE-2023-3482
Source : security@mozilla.org
Score CVSS : /

Références :
https://bugzilla.mozilla.org/show_bug.cgi?id=1839464 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2023-22/ | source : security@mozilla.org


Vulnérabilité ID : CVE-2021-46890

Première publication le : 05-07-2023 12:15:09
Dernière modification le : 05-07-2023 13:00:26

Description :
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

CVE ID : CVE-2021-46890
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/7/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | source : psirt@huawei.com


Vulnérabilité ID : CVE-2021-46891

Première publication le : 05-07-2023 13:15:09
Dernière modification le : 05-07-2023 16:25:43

Description :
Vulnerability of incomplete read and write permission verification in the GPU module. Successful exploitation of this vulnerability may affect service confidentiality, integrity, and availability.

CVE ID : CVE-2021-46891
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/7/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | source : psirt@huawei.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2021-46893

Première publication le : 05-07-2023 13:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
Vulnerability of unstrict data verification and parameter check. Successful exploitation of this vulnerability may affect integrity.

CVE ID : CVE-2021-46893
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/7/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | source : psirt@huawei.com


Vulnérabilité ID : CVE-2023-3455

Première publication le : 05-07-2023 13:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity.

CVE ID : CVE-2023-3455
Source : psirt@huawei.com
Score CVSS : /

Références :
https://consumer.huawei.com/en/support/bulletin/2023/7/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202307-0000001587168858 | source : psirt@huawei.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-36665

Première publication le : 05-07-2023 14:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
protobuf.js (aka protobufjs) 6.10.0 through 7.x before 7.2.4 allows Prototype Pollution, a different vulnerability than CVE-2022-25878. A user-controlled protobuf message can be used by an attacker to pollute the prototype of Object.prototype by adding and overwriting its data and functions. Exploitation can involve: (1) using the function parse to parse protobuf messages on the fly, (2) loading .proto files by using load/loadSync functions, or (3) providing untrusted input to the functions ReflectionObject.setParsedOption and util.setProperty. NOTE: this CVE Record is about "Object.constructor.prototype.<new-property> = ...;" whereas CVE-2022-25878 was about "Object.__proto__.<new-property> = ...;" instead.

CVE ID : CVE-2023-36665
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/protobufjs/protobuf.js/commit/e66379f451b0393c27d87b37fa7d271619e16b0d | source : cve@mitre.org
https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.2.3...protobufjs-v7.2.4 | source : cve@mitre.org
https://github.com/protobufjs/protobuf.js/pull/1899 | source : cve@mitre.org
https://github.com/protobufjs/protobuf.js/releases/tag/protobufjs-v7.2.4 | source : cve@mitre.org
https://www.code-intelligence.com/blog/cve-protobufjs-prototype-pollution-cve-2023-36665 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36932

Première publication le : 05-07-2023 16:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), multiple SQL injection vulnerabilities have been identified in the MOVEit Transfer web application that could allow an authenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content.

CVE ID : CVE-2023-36932
Source : cve@mitre.org
Score CVSS : /

Références :
https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023 | source : cve@mitre.org
https://www.progress.com/moveit | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36933

Première publication le : 05-07-2023 16:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
In Progress MOVEit Transfer before 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), it is possible for an attacker to invoke a method that results in an unhandled exception. Triggering this workflow can cause the MOVEit Transfer application to terminate unexpectedly.

CVE ID : CVE-2023-36933
Source : cve@mitre.org
Score CVSS : /

Références :
https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023 | source : cve@mitre.org
https://www.progress.com/moveit | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36934

Première publication le : 05-07-2023 16:15:09
Dernière modification le : 05-07-2023 16:25:41

Description :
In Progress MOVEit Transfer before 2020.1.11 (12.1.11), 2021.0.9 (13.0.9), 2021.1.7 (13.1.7), 2022.0.7 (14.0.7), 2022.1.8 (14.1.8), and 2023.0.4 (15.0.4), a SQL injection vulnerability has been identified in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to the MOVEit Transfer database. An attacker could submit a crafted payload to a MOVEit Transfer application endpoint that could result in modification and disclosure of MOVEit database content.

CVE ID : CVE-2023-36934
Source : cve@mitre.org
Score CVSS : /

Références :
https://community.progress.com/s/article/MOVEit-Transfer-2020-1-Service-Pack-July-2023 | source : cve@mitre.org
https://www.progress.com/moveit | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-25969

Première publication le : 05-07-2023 17:15:09
Dernière modification le : 05-07-2023 20:14:23

Description :
gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest().

CVE ID : CVE-2020-25969
Source : cve@mitre.org
Score CVSS : /

Références :
https://sourceforge.net/p/gnuplot/bugs/2311/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-25399

Première publication le : 05-07-2023 17:15:09
Dernière modification le : 05-07-2023 20:14:23

Description :
A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function.

CVE ID : CVE-2023-25399
Source : cve@mitre.org
Score CVSS : /

Références :
http://www.square16.org/achievement/cve-2023-25399/ | source : cve@mitre.org
https://github.com/scipy/scipy/issues/16235 | source : cve@mitre.org
https://github.com/scipy/scipy/pull/16397 | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-23452

Première publication le : 05-07-2023 18:15:09
Dernière modification le : 05-07-2023 20:14:23

Description :
A cross-site scripting (XSS) vulnerability in Selenium Grid v3.141.59 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hub parameter under the /grid/console page.

CVE ID : CVE-2020-23452
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/SeleniumHQ/selenium/issues/8259 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-33335

Première publication le : 05-07-2023 18:15:10
Dernière modification le : 05-07-2023 20:14:23

Description :
Cross Site Scripting (XSS) in Sophos Sophos iView (The EOL was December 31st 2020) in grpname parameter that allows arbitrary script to be executed.

CVE ID : CVE-2023-33335
Source : cve@mitre.org
Score CVSS : /

Références :
https://inf0seq.github.io/cve/2023/05/03/Cross-Site-scripting-(XSS)-in-Sophos-iView.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-35863

Première publication le : 05-07-2023 18:15:10
Dernière modification le : 05-07-2023 20:14:23

Description :
In MADEFORNET HTTP Debugger through 9.12, the Windows service does not set the seclevel registry key before launching the driver. Thus, it is possible for an unprivileged application to obtain a handle to the NetFilterSDK wrapper before the service obtains exclusive access.

CVE ID : CVE-2023-35863
Source : cve@mitre.org
Score CVSS : /

Références :
https://ctrl-c.club/~blue/nfsdk.html | source : cve@mitre.org
https://www.madefornet.com/products.html | source : cve@mitre.org
https://www.michaelrowley.dev/research/posts/nfsdk/nfsdk.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-27197

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow an attacker to gain root access by running a crafted binary leveraging an exported function from a shared library. The attacker must have shell access to the device in order to exploit this vulnerability.

CVE ID : CVE-2023-27197
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27197.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-27198

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
PAX A930 device with PayDroid_7.1.1_Virgo_V04.5.02_20220722 can allow the execution of arbitrary commands by using the exec service and including a specific word in the command to be executed. The attacker must have physical USB access to the device in order to exploit this vulnerability.

CVE ID : CVE-2023-27198
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27198.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-27199

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
PAX Technology A930 PayDroid_7.1.1_Virgo_V04.5.02_20220722 allows attackers to compile a malicious shared library and use LD_PRELOAD to bypass authorization checks.

CVE ID : CVE-2023-27199
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/wr3nchsr/PAX-Paydroid-Advisories/blob/master/advisories/2023/CVEs/CVE-2023-27199.md | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-34654

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
taocms <=3.0.2 is vulnerable to Cross Site Scripting (XSS).

CVE ID : CVE-2023-34654
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/ae6e361b/b7f162eba1a91df3ad9dc71ec9935960 | source : cve@mitre.org
https://github.com/ae6e361b/taocms-XSS | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36622

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter.

CVE ID : CVE-2023-36622
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-012.txt | source : cve@mitre.org
https://www.syss.de/pentest-blog/root-zugang-zu-smarthome-server-loxone-miniserver-go-gen-2-syss-2023-004/-012/-013 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36623

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
The root password of the Loxone Miniserver Go Gen.2 before 14.2 is calculated using hard-coded secrets and the MAC address. This allows a local user to calculate the root password and escalate privileges.

CVE ID : CVE-2023-36623
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-013.txt | source : cve@mitre.org
https://www.syss.de/pentest-blog/root-zugang-zu-smarthome-server-loxone-miniserver-go-gen-2-syss-2023-004/-012/-013 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36624

Première publication le : 05-07-2023 20:15:10
Dernière modification le : 05-07-2023 20:31:30

Description :
Loxone Miniserver Go Gen.2 through 14.0.3.28 allows an authenticated operating system user to escalate privileges via the Sudo configuration. This allows the elevated execution of binaries without a password requirement.

CVE ID : CVE-2023-36624
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-004.txt | source : cve@mitre.org
https://www.syss.de/pentest-blog/root-zugang-zu-smarthome-server-loxone-miniserver-go-gen-2-syss-2023-004/-012/-013 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-30207

Première publication le : 05-07-2023 21:15:09
Dernière modification le : 05-07-2023 21:15:09

Description :
A divide by zero issue discovered in Kodi Home Theater Software 19.5 and earlier allows attackers to cause a denial of service via use of crafted mp3 file.

CVE ID : CVE-2023-30207
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/xbmc/xbmc/commit/dbc00c500f4c4830049cc040a61c439c580eea73 | source : cve@mitre.org
https://github.com/xbmc/xbmc/issues/22378 | source : cve@mitre.org
https://github.com/xbmc/xbmc/pull/22391 | source : cve@mitre.org


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.