Dernières vulnérabilités du Vendredi 1 Septembre 2023

Dernières vulnérabilités du Vendredi 1 Septembre 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 01/09/2023 à 23:58:01

(3) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : ubuntu.com

Vulnérabilité ID : CVE-2023-1523

Première publication le : 01-09-2023 19:15:42
Dernière modification le : 01-09-2023 21:15:30

Description :
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.

CVE ID : CVE-2023-1523
Source : security@ubuntu.com
Score CVSS : 10.0

Références :
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1523 | source : security@ubuntu.com
https://github.com/snapcore/snapd/pull/12849 | source : security@ubuntu.com
https://marc.info/?l=oss-security&m=167879021709955&w=2 | source : security@ubuntu.com
https://ubuntu.com/security/notices/USN-6125-1 | source : security@ubuntu.com


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4696

Première publication le : 01-09-2023 01:15:08
Dernière modification le : 01-09-2023 13:06:59

Description :
Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.

CVE ID : CVE-2023-4696
Source : security@huntr.dev
Score CVSS : 9.8

Références :
https://github.com/usememos/memos/commit/c9aa2eeb9852047e4f41915eb30726bd25f07ecd | source : security@huntr.dev
https://huntr.dev/bounties/4747a485-77c3-4bb5-aab0-21253ef303ca | source : security@huntr.dev

Vulnérabilité : CWE-284

Produit vulnérable : cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:*


Vulnérabilité ID : CVE-2023-4695

Première publication le : 01-09-2023 01:15:07
Dernière modification le : 01-09-2023 07:32:13

Description :
Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-4695
Source : security@huntr.dev
Score CVSS : 9.6

Références :
https://github.com/pkp/pkp-lib/commit/e5e7e543887fe77708aa31e07b18fe85f9b5a3b5 | source : security@huntr.dev
https://huntr.dev/bounties/887c7fc7-70c8-482d-b570-350533af4702 | source : security@huntr.dev

Vulnérabilité : CWE-1241


(10) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : huntr.dev

Vulnérabilité ID : CVE-2023-4697

Première publication le : 01-09-2023 01:15:09
Dernière modification le : 01-09-2023 13:07:07

Description :
Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2.

CVE ID : CVE-2023-4697
Source : security@huntr.dev
Score CVSS : 8.8

Références :
https://github.com/usememos/memos/commit/c9aa2eeb9852047e4f41915eb30726bd25f07ecd | source : security@huntr.dev
https://huntr.dev/bounties/3ff3325a-1dcb-4da7-894d-81a9cf726d81 | source : security@huntr.dev

Vulnérabilité : CWE-269

Vulnérabilité : CWE-269

Produit vulnérable : cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:*


Vulnérabilité ID : CVE-2023-4704

Première publication le : 01-09-2023 10:15:08
Dernière modification le : 01-09-2023 11:47:50

Description :
External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git.

CVE ID : CVE-2023-4704
Source : security@huntr.dev
Score CVSS : 8.8

Références :
https://github.com/instantsoft/icms2/commit/bc22d89691fdaf38055eba13dda8d959b16fa731 | source : security@huntr.dev
https://huntr.dev/bounties/4a54134d-df1f-43d4-9b14-45f023cd654a | source : security@huntr.dev

Vulnérabilité : CWE-15


Vulnérabilité ID : CVE-2023-4698

Première publication le : 01-09-2023 01:15:09
Dernière modification le : 01-09-2023 13:07:30

Description :
Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2.

CVE ID : CVE-2023-4698
Source : security@huntr.dev
Score CVSS : 7.5

Références :
https://github.com/usememos/memos/commit/c9aa2eeb9852047e4f41915eb30726bd25f07ecd | source : security@huntr.dev
https://huntr.dev/bounties/e1107d79-1d63-4238-90b7-5cc150512654 | source : security@huntr.dev

Vulnérabilité : CWE-20

Produit vulnérable : cpe:2.3:a:usememos:memos:*:*:*:*:*:*:*:*


Source : ubuntu.com

Vulnérabilité ID : CVE-2023-3297

Première publication le : 01-09-2023 21:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

CVE ID : CVE-2023-3297
Source : security@ubuntu.com
Score CVSS : 8.1

Références :
https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/2024182 | source : security@ubuntu.com
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3297 | source : security@ubuntu.com
https://securitylab.github.com/advisories/GHSL-2023-139_accountsservice/ | source : security@ubuntu.com
https://ubuntu.com/security/notices/USN-6190-1 | source : security@ubuntu.com

Vulnérabilité : CWE-416


Source : juniper.net

Vulnérabilité ID : CVE-2023-4481

Première publication le : 01-09-2023 00:15:08
Dernière modification le : 01-09-2023 07:32:13

Description :
An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When certain specific crafted BGP UPDATE messages are received over an established BGP session, one BGP session may be torn down with an UPDATE message error, or the issue may propagate beyond the local system which will remain non-impacted, but may affect one or more remote systems. This issue is exploitable remotely as the crafted UPDATE message can propagate through unaffected systems and intermediate BGP speakers. Continuous receipt of the crafted BGP UPDATE messages will create a sustained Denial of Service (DoS) condition for impacted devices. This issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations. This issue requires a remote attacker to have at least one established BGP session.

CVE ID : CVE-2023-4481
Source : sirt@juniper.net
Score CVSS : 7.5

Références :
https://kb.juniper.net/JSA72510 | source : sirt@juniper.net
https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/topic-map/bgp-error-messages.html | source : sirt@juniper.net
https://www.rfc-editor.org/rfc/rfc4271 | source : sirt@juniper.net
https://www.rfc-editor.org/rfc/rfc7606 | source : sirt@juniper.net

Vulnérabilité : CWE-20


Source : github.com

Vulnérabilité ID : CVE-2023-41049

Première publication le : 01-09-2023 20:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
@dcl/single-sign-on-client is an open source npm library which deals with single sign on authentication flows. Improper input validation in the `init` function allows arbitrary javascript to be executed using the `javascript:` prefix. This vulnerability has been patched on version `0.1.0`. Users are advised to upgrade. Users unable to upgrade should limit untrusted user input to the `init` function.

CVE ID : CVE-2023-41049
Source : security-advisories@github.com
Score CVSS : 7.5

Références :
https://github.com/decentraland/single-sign-on-client/commit/bd20ea9533d0cda30809d929db85b1b76cef855a | source : security-advisories@github.com
https://github.com/decentraland/single-sign-on-client/security/advisories/GHSA-vp4f-wxgw-7x8x | source : security-advisories@github.com

Vulnérabilité : CWE-79


Source : gitlab.com

Vulnérabilité ID : CVE-2023-3915

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 21:14:01

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 16.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. If an external user is given an owner role on any group, that external user may escalate their privileges on the instance by creating a service account in that group. This service account is not classified as external and may be used to access internal projects.

CVE ID : CVE-2023-3915
Source : cve@gitlab.com
Score CVSS : 7.2

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/417664 | source : cve@gitlab.com
https://hackerone.com/reports/2040834 | source : cve@gitlab.com

Vulnérabilité : CWE-732

Vulnérabilité : CWE-279

Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*


Source : patchstack.com

Vulnérabilité ID : CVE-2023-34011

Première publication le : 01-09-2023 12:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ShopConstruct plugin <= 1.1.2 versions.

CVE ID : CVE-2023-34011
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/shopconstruct/wordpress-shopconstruct-plugin-1-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37893

Première publication le : 01-09-2023 12:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chop-Chop Coming Soon Chop Chop plugin <= 2.2.4 versions.

CVE ID : CVE-2023-37893
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/cc-coming-soon/wordpress-coming-soon-chop-chop-plugin-2-2-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37997

Première publication le : 01-09-2023 12:15:09
Dernière modification le : 01-09-2023 13:39:55

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dharmesh Patel Post List With Featured Image plugin <= 1.2 versions.

CVE ID : CVE-2023-37997
Source : audit@patchstack.com
Score CVSS : 7.1

Références :
https://patchstack.com/database/vulnerability/post-list-with-featured-image/wordpress-post-list-with-featured-image-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


(28) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : gitlab.com

Vulnérabilité ID : CVE-2023-3205

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 21:13:41

Description :
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.

CVE ID : CVE-2023-3205
Source : cve@gitlab.com
Score CVSS : 6.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/415067 | source : cve@gitlab.com
https://hackerone.com/reports/2011464 | source : cve@gitlab.com

Vulnérabilité : CWE-400

Vulnérabilité : CWE-400

Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*


Vulnérabilité ID : CVE-2023-3210

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 21:13:51

Description :
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. An authenticated user could trigger a denial of service when importing or cloning malicious content.

CVE ID : CVE-2023-3210
Source : cve@gitlab.com
Score CVSS : 6.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/415074 | source : cve@gitlab.com
https://hackerone.com/reports/2011474 | source : cve@gitlab.com

Vulnérabilité : CWE-400

Vulnérabilité : CWE-400

Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*


Vulnérabilité ID : CVE-2023-4378

Première publication le : 01-09-2023 11:15:43
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the configured URL in the Sentry error tracking settings page. This was as a result of an incomplete fix for CVE-2022-4365.

CVE ID : CVE-2023-4378
Source : cve@gitlab.com
Score CVSS : 5.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/422134 | source : cve@gitlab.com
https://hackerone.com/reports/2104591 | source : cve@gitlab.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-4647

Première publication le : 01-09-2023 11:15:43
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on certain instances.

CVE ID : CVE-2023-4647
Source : cve@gitlab.com
Score CVSS : 5.3

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/414502 | source : cve@gitlab.com

Vulnérabilité : CWE-400


Vulnérabilité ID : CVE-2022-4343

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which a project member can leak credentials stored in site profile.

CVE ID : CVE-2022-4343
Source : cve@gitlab.com
Score CVSS : 5.0

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/385124 | source : cve@gitlab.com
https://hackerone.com/reports/1767797 | source : cve@gitlab.com

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-4018

Première publication le : 01-09-2023 11:15:43
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.

CVE ID : CVE-2023-4018
Source : cve@gitlab.com
Score CVSS : 4.3

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/420301 | source : cve@gitlab.com
https://hackerone.com/reports/2083440 | source : cve@gitlab.com

Vulnérabilité : CWE-284


Source : patchstack.com

Vulnérabilité ID : CVE-2023-37994

Première publication le : 01-09-2023 12:15:09
Dernière modification le : 01-09-2023 13:39:55

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Artem Abramovich Art Decoration Shortcode plugin <= 1.5.6 versions.

CVE ID : CVE-2023-37994
Source : audit@patchstack.com
Score CVSS : 6.5

Références :
https://patchstack.com/database/vulnerability/art-decoration-shortcode/wordpress-art-decoration-shortcode-plugin-1-5-6-cross-site-scripting-xss?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25477

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 11:47:43

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yotuwp Video Gallery plugin <= 1.3.12 versions.

CVE ID : CVE-2023-25477
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/yotuwp-easy-youtube-embed/wordpress-video-gallery-youtube-playlist-channel-gallery-by-yotuwp-plugin-1-3-12-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25488

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 11:47:43

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Duc Bui Quang WP Default Feature Image plugin <= 1.0.1.1 versions.

CVE ID : CVE-2023-25488
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/wp-default-feature-image/wordpress-wp-default-feature-image-plugin-1-0-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-37986

Première publication le : 01-09-2023 12:15:09
Dernière modification le : 01-09-2023 13:39:55

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in miniOrange YourMembership Single Sign On – YM SSO Login plugin <= 1.1.3 versions.

CVE ID : CVE-2023-37986
Source : audit@patchstack.com
Score CVSS : 5.9

Références :
https://patchstack.com/database/vulnerability/login-with-yourmembership/wordpress-yourmembership-single-sign-on-plugin-1-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-24412

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 20:28:44

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Web-Settler Image Social Feed plugin <= 1.7.6 versions.

CVE ID : CVE-2023-24412
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/add-instagram/wordpress-image-social-feed-plugin-plugin-1-7-6-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:web-settler:image_social_feed:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 1.7.6


Vulnérabilité ID : CVE-2023-25042

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 20:47:28

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Liam Gladdy (Storm Consultancy) oAuth Twitter Feed for Developers plugin <= 2.3.0 versions.

CVE ID : CVE-2023-25042
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/oauth-twitter-feed-for-developers/wordpress-oauth-twitter-feed-for-developers-plugin-2-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:stormconsultancy:oauth_twitter_feed_for_developers:*:*:*:*:*:wordpress:*:*
Version(s) vulnérable(s) : 2.3.0


Vulnérabilité ID : CVE-2023-25044

Première publication le : 01-09-2023 11:15:41
Dernière modification le : 01-09-2023 20:47:45

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sumo Social Share Boost plugin <= 4.4 versions.

CVE ID : CVE-2023-25044
Source : audit@patchstack.com
Score CVSS : 4.8

Références :
https://patchstack.com/database/vulnerability/social-share-boost/wordpress-social-share-boost-plugin-4-4-cross-site-scripting-xss-vulnerability-2?_s_id=cve | source : audit@patchstack.com

Vulnérabilité : CWE-79

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:sumo:social_share_boost:*:*:*:*:*:wordpress:*:*


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4708

Première publication le : 01-09-2023 18:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-238571. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4708
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://vuldb.com/?ctiid.238571 | source : cna@vuldb.com
https://vuldb.com/?id.238571 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4712

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238575. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4712
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/wpay65249519/cve/blob/main/SQL_injection.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238575 | source : cna@vuldb.com
https://vuldb.com/?id.238575 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4713

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function addComment of the file ?r=weibo/comment/addcomment. The manipulation of the argument touid leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238576. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4713
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/13aiZe1/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238576 | source : cna@vuldb.com
https://vuldb.com/?id.238576 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-4711

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-238574 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4711
Source : cna@vuldb.com
Score CVSS : 5.0

Références :
https://github.com/TinkAnet/cve/blob/main/rce.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.238574 | source : cna@vuldb.com
https://vuldb.com/?id.238574 | source : cna@vuldb.com

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-4709

Première publication le : 01-09-2023 19:15:43
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-238572. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4709
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
https://vuldb.com/?ctiid.238572 | source : cna@vuldb.com
https://vuldb.com/?id.238572 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4710

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability classified as problematic was found in TOTVS RM 12.1. Affected by this vulnerability is an unknown functionality of the component Portal. The manipulation of the argument d leads to cross site scripting. The attack can be launched remotely. The identifier VDB-238573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4710
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
https://vuldb.com/?ctiid.238573 | source : cna@vuldb.com
https://vuldb.com/?id.238573 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-4714

Première publication le : 01-09-2023 20:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The identifier VDB-238577 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4714
Source : cna@vuldb.com
Score CVSS : 4.3

Références :
https://vuldb.com/?ctiid.238577 | source : cna@vuldb.com
https://vuldb.com/?id.238577 | source : cna@vuldb.com

Vulnérabilité : CWE-200


Source : github.com

Vulnérabilité ID : CVE-2023-41046

Première publication le : 01-09-2023 20:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible in XWiki to execute Velocity code without having script right by creating an XClass with a property of type "TextArea" and content type "VelocityCode" or "VelocityWiki". For the former, the syntax of the document needs to be set the `xwiki/1.0` (this syntax doesn't need to be installed). In both cases, when adding the property to an object, the Velocity code is executed regardless of the rights of the author of the property (edit right is still required, though). In both cases, the code is executed with the correct context author so no privileged APIs can be accessed. However, Velocity still grants access to otherwise inaccessible data and APIs that could allow further privilege escalation. At least for "VelocityCode", this behavior is most likely very old but only since XWiki 7.2, script right is a separate right, before that version all users were allowed to execute Velocity and thus this was expected and not a security issue. This has been patched in XWiki 14.10.10 and 15.4 RC1. Users are advised to upgrade. There are no known workarounds.

CVE ID : CVE-2023-41046
Source : security-advisories@github.com
Score CVSS : 6.3

Références :
https://github.com/xwiki/xwiki-platform/commit/edc52579eeaab1b4514785c134044671a1ecd839 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-m5m2-h6h9-p2c8 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20847 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20848 | source : security-advisories@github.com

Vulnérabilité : CWE-862


Vulnérabilité ID : CVE-2023-23763

Première publication le : 01-09-2023 15:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.10.0 and was fixed in versions 3.9.4, 3.8.9, 3.7.16 and 3.6.18. This vulnerability was reported via the GitHub Bug Bounty program.

CVE ID : CVE-2023-23763
Source : product-cna@github.com
Score CVSS : 5.3

Références :
https://docs.github.com/en/enterprise-server@3.6/admin/release-notes#3.6.18-security-fixes | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.7/admin/release-notes#3.7.16-security-fixes | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.9-security-fixes | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.4-security-fixes | source : product-cna@github.com

Vulnérabilité : CWE-200


Source : huntr.dev

Vulnérabilité ID : CVE-2023-4721

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4721
Source : security@huntr.dev
Score CVSS : 5.9

Références :
https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63 | source : security@huntr.dev
https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc | source : security@huntr.dev

Vulnérabilité : CWE-125


Vulnérabilité ID : CVE-2023-4722

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4722
Source : security@huntr.dev
Score CVSS : 5.9

Références :
https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76 | source : security@huntr.dev
https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830 | source : security@huntr.dev

Vulnérabilité : CWE-190


Vulnérabilité ID : CVE-2023-4720

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.

CVE ID : CVE-2023-4720
Source : security@huntr.dev
Score CVSS : 4.0

Références :
https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a | source : security@huntr.dev
https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad | source : security@huntr.dev

Vulnérabilité : CWE-1077


Source : fortinet.com

Vulnérabilité ID : CVE-2022-22305

Première publication le : 01-09-2023 12:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.

CVE ID : CVE-2022-22305
Source : psirt@fortinet.com
Score CVSS : 5.4

Références :
https://fortiguard.com/psirt/FG-IR-18-292 | source : psirt@fortinet.com


Source : lenovo.com

Vulnérabilité ID : CVE-2022-3407

Première publication le : 01-09-2023 17:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
I some cases, when the device is USB-tethered to a host PC, and the device is sharing its mobile network connection with the host PC, if the user originates a call on the device, then the device's modem may reset and cause the phone call to not succeed. This may block the user from dialing emergency services. This patch resolves the device's modem reset issue.

CVE ID : CVE-2022-3407
Source : psirt@lenovo.com
Score CVSS : 4.9

Références :
https://en-us.support.motorola.com/app/answers/detail/a_id/175354 | source : psirt@lenovo.com

Vulnérabilité : CWE-404


Source : mitre.org

Vulnérabilité ID : CVE-2023-24675

Première publication le : 01-09-2023 10:15:08
Dernière modification le : 01-09-2023 20:28:00

Description :
Cross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL.

CVE ID : CVE-2023-24675
Source : cve@mitre.org
Score CVSS : 4.8

Références :
https://cupc4k3.medium.com/cve-2023-24674-uncovering-a-privilege-escalation-vulnerability-in-bludit-cms-dcf86c41107 | source : cve@mitre.org
https://medium.com/@cupc4k3/xss-stored-in-friendly-url-field-on-bludit-cms-641a9dd653f | source : cve@mitre.org

Vulnérabilité : CWE-79

Produit vulnérable : cpe:2.3:a:bludit:bludit:3.14.1:*:*:*:*:*:*:*


(6) Vulnérabilité(s) LOW [0.1, 3.9]

Source : gitlab.com

Vulnérabilité ID : CVE-2023-3950

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 21:14:48

Description :
An information disclosure issue in GitLab EE affecting all versions from 16.2 prior to 16.2.5, and 16.3 prior to 16.3.1 allowed other Group Owners to see the Public Key for a Google Cloud Logging audit event streaming destination, if configured. Owners can now only write the key, not read it.

CVE ID : CVE-2023-3950
Source : cve@gitlab.com
Score CVSS : 3.8

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/419675 | source : cve@gitlab.com
https://hackerone.com/reports/2079154 | source : cve@gitlab.com

Vulnérabilité : CWE-312

Vulnérabilité : CWE-312

Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:community:*:*:*
Produit vulnérable : cpe:2.3:a:gitlab:gitlab:16.3.0:*:*:*:enterprise:*:*:*


Vulnérabilité ID : CVE-2023-0120

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 10.0 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to edit labels description by an unauthorised user.

CVE ID : CVE-2023-0120
Source : cve@gitlab.com
Score CVSS : 3.5

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/387531 | source : cve@gitlab.com
https://hackerone.com/reports/1818425 | source : cve@gitlab.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-1555

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A namespace-level banned user can access the API.

CVE ID : CVE-2023-1555
Source : cve@gitlab.com
Score CVSS : 2.7

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/398587 | source : cve@gitlab.com
https://hackerone.com/reports/1911908 | source : cve@gitlab.com

Vulnérabilité : CWE-284


Vulnérabilité ID : CVE-2023-1279

Première publication le : 01-09-2023 11:15:40
Dernière modification le : 01-09-2023 11:47:43

Description :
An issue has been discovered in GitLab affecting all versions starting from 4.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 where it was possible to create a URL that would redirect to a different project.

CVE ID : CVE-2023-1279
Source : cve@gitlab.com
Score CVSS : 2.6

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/395437 | source : cve@gitlab.com
https://hackerone.com/reports/1889230 | source : cve@gitlab.com

Vulnérabilité : CWE-138


Source : vuldb.com

Vulnérabilité ID : CVE-2023-4707

Première publication le : 01-09-2023 18:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-4707
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://vuldb.com/?ctiid.238570 | source : cna@vuldb.com
https://vuldb.com/?id.238570 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Source : github.com

Vulnérabilité ID : CVE-2023-41051

Première publication le : 01-09-2023 19:15:42
Dernière modification le : 01-09-2023 21:15:30

Description :
In a typical Virtual Machine Monitor (VMM) there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memory providers. An issue was discovered in the default implementations of the `VolatileMemory::{get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, get_array_ref}` trait functions, which allows out-of-bounds memory access if the `VolatileMemory::get_slice` function returns a `VolatileSlice` whose length is less than the function’s `count` argument. No implementations of `get_slice` provided in `vm_memory` are affected. Users of custom `VolatileMemory` implementations may be impacted if the custom implementation does not adhere to `get_slice`'s documentation. The issue started in version 0.1.0 but was fixed in version 0.12.2 by inserting a check that verifies that the `VolatileSlice` returned by `get_slice` is of the correct length. Users are advised to upgrade. There are no known workarounds for this issue.

CVE ID : CVE-2023-41051
Source : security-advisories@github.com
Score CVSS : 2.5

Références :
https://crates.io/crates/vm-memory/0.12.2 | source : security-advisories@github.com
https://github.com/rust-vmm/vm-memory/commit/aff1dd4a5259f7deba56692840f7a2d9ca34c9c8 | source : security-advisories@github.com
https://github.com/rust-vmm/vm-memory/security/advisories/GHSA-49hh-fprx-m68g | source : security-advisories@github.com

Vulnérabilité : CWE-125


(33) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2022-44349

Première publication le : 01-09-2023 10:15:07
Dernière modification le : 01-09-2023 11:47:50

Description :
NAVBLUE S.A.S N-Ops & Crew 22.5-rc.50 is vulnerable to Cross Site Scripting (XSS).

CVE ID : CVE-2022-44349
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/MVRC-ITSEC/CVEs/blob/main/CVE-2022-44349 | source : cve@mitre.org
https://www.navblue.aero/product/n-crew-planning/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-24674

Première publication le : 01-09-2023 10:15:07
Dernière modification le : 01-09-2023 11:47:50

Description :
Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter.

CVE ID : CVE-2023-24674
Source : cve@mitre.org
Score CVSS : /

Références :
https://cupc4k3.medium.com/cve-2023-24674-uncovering-a-privilege-escalation-vulnerability-in-bludit-cms-dcf86c41107 | source : cve@mitre.org
https://medium.com/@cupc4k3/privilege-scalation-in-bludit-cms-dcf86c41107 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39685

Première publication le : 01-09-2023 10:15:08
Dernière modification le : 01-09-2023 11:47:50

Description :
An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted JSON string.

CVE ID : CVE-2023-39685
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/hjson/hjson-java/issues/27 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41364

Première publication le : 01-09-2023 10:15:08
Dernière modification le : 01-09-2023 11:47:50

Description :
In tine through 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection.

CVE ID : CVE-2023-41364
Source : cve@mitre.org
Score CVSS : /

Références :
https://herolab.usd.de/security-advisories/ | source : cve@mitre.org
https://herolab.usd.de/security-advisories/usd-2023-0002/ | source : cve@mitre.org
https://www.tine-groupware.de/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2022-46527

Première publication le : 01-09-2023 11:15:39
Dernière modification le : 01-09-2023 11:47:43

Description :
ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a buffer overflow via the NFC data parser.

CVE ID : CVE-2022-46527
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2022-46527.pdf | source : cve@mitre.org
https://www.elsys.se/en/ers-sound/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40239

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 11:47:43

Description :
Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.*.P246, i.e., '*' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.

CVE ID : CVE-2023-40239
Source : cve@mitre.org
Score CVSS : /

Références :
https://publications.lexmark.com/publications/security-alerts/CVE-2023-40239.pdf | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40969

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 11:47:43

Description :
Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via admin/modules/bibliography/pop_p2p.php.

CVE ID : CVE-2023-40969
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SSRF-pop_p2p.md | source : cve@mitre.org
https://github.com/slims/slims9_bulian/issues/204 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40970

Première publication le : 01-09-2023 11:15:42
Dernière modification le : 01-09-2023 11:47:43

Description :
Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loan_rules.php.

CVE ID : CVE-2023-40970
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SQLI-loan_rules.md | source : cve@mitre.org
https://github.com/slims/slims9_bulian/issues/205 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37826

Première publication le : 01-09-2023 13:15:07
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fieldname parameter.

CVE ID : CVE-2023-37826
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37826 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37827

Première publication le : 01-09-2023 13:15:07
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the executionBlockName parameter.

CVE ID : CVE-2023-37827
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37827 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37828

Première publication le : 01-09-2023 13:15:07
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tasktyp parameter.

CVE ID : CVE-2023-37828
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37828 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37829

Première publication le : 01-09-2023 13:15:07
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter.

CVE ID : CVE-2023-37829
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37829 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37830

Première publication le : 01-09-2023 13:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.

CVE ID : CVE-2023-37830
Source : cve@mitre.org
Score CVSS : /

Références :
https://case.contwise.com/php/portal_case.php | source : cve@mitre.org
https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37830 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39703

Première publication le : 01-09-2023 13:15:08
Dernière modification le : 01-09-2023 13:39:55

Description :
A cross site scripting (XSS) vulnerability in the Markdown Editor component of Typora v1.6.7 allows attackers to execute arbitrary code via uploading a crafted Markdown file.

CVE ID : CVE-2023-39703
Source : cve@mitre.org
Score CVSS : /

Références :
https://c0olw.github.io/2023/07/31/Typora-XSS-Vulnerability/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39710

Première publication le : 01-09-2023 14:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section.

CVE ID : CVE-2023-39710
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/dc6e4dd231accf777dae30d890a4e7df#file-cve-2023-39710 | source : cve@mitre.org
https://www.sourcecodester.com/ | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2020-22612

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
Installer RCE on settings file write in MyBB before 1.8.22.

CVE ID : CVE-2020-22612
Source : cve@mitre.org
Score CVSS : /

Références :
https://mybb.com/versions/1.8.22/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-28366

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs, and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.

CVE ID : CVE-2023-28366
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9 | source : cve@mitre.org
https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16 | source : cve@mitre.org
https://mosquitto.org/blog/2023/08/version-2-0-16-released/ | source : cve@mitre.org
https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36076

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php.

CVE ID : CVE-2023-36076
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/lkw199711/smanga/issues/100 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36088

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows remote attackers to gain sensitive information.

CVE ID : CVE-2023-36088
Source : cve@mitre.org
Score CVSS : /

Références :
http://nebulagraph.com | source : cve@mitre.org
https://github.com/vesoft-inc/nebula-studio | source : cve@mitre.org
https://github.com/vesoft-inc/nebula-studio/issues/571 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36100

Première publication le : 01-09-2023 16:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser.

CVE ID : CVE-2023-36100
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Thecosy/IceCMS/issues/15 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36187

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.

CVE ID : CVE-2023-36187
Source : cve@mitre.org
Score CVSS : /

Références :
https://kb.netgear.com/000065571/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0578 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36326

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bn_grow function.

CVE ID : CVE-2023-36326
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/relic-toolkit/relic/commit/34580d840469361ba9b5f001361cad659687b9ab | source : cve@mitre.org
https://groups.google.com/g/relic-discuss/c/A_J2-ArVIAo/m/qgFiXsUJBQAJ?utm_medium=email&utm_source=footer | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36327

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bn_get_prime function.

CVE ID : CVE-2023-36327
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e | source : cve@mitre.org
https://groups.google.com/g/relic-discuss/c/A_J2-ArVIAo/m/qgFiXsUJBQAJ?utm_medium=email&utm_source=footer | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36328

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).

CVE ID : CVE-2023-36328
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/libtom/libtommath/pull/546 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39582

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.

CVE ID : CVE-2023-39582
Source : cve@mitre.org
Score CVSS : /

Références :
https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-126-2023-07-18-High-impact-Low-risk-SQL-injection-by-admin-users | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39631

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.

CVE ID : CVE-2023-39631
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/langchain-ai/langchain/issues/8363 | source : cve@mitre.org
https://github.com/pydata/numexpr/issues/442 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40771

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function.

CVE ID : CVE-2023-40771
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/dataease/dataease/issues/5861 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40968

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
Buffer Overflow vulnerability in hzeller timg v.1.5.2 and before allows a remote attacker to cause a denial of service via the 0x61200000045c address.

CVE ID : CVE-2023-40968
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/hzeller/timg/issues/115 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40980

Première publication le : 01-09-2023 16:15:08
Dernière modification le : 01-09-2023 21:15:30

Description :
File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file.

CVE ID : CVE-2023-40980
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/wkeyuan/DWSurvey/issues/107 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41627

Première publication le : 01-09-2023 17:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the source of the routing tables it receives, potentially allowing attackers to send forged routing tables to the device.

CVE ID : CVE-2023-41627
Source : cve@mitre.org
Score CVSS : /

Références :
https://jira.o-ran-sc.org/browse/RIC-1001 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41628

Première publication le : 01-09-2023 17:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
An issue in O-RAN Software Community E2 G-Release allows attackers to cause a Denial of Service (DoS) by incorrectly initiating the messaging procedure between the E2Node and E2Term components.

CVE ID : CVE-2023-41628
Source : cve@mitre.org
Score CVSS : /

Références :
https://jira.o-ran-sc.org/browse/RIC-1002 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39714

Première publication le : 01-09-2023 18:15:07
Dernière modification le : 01-09-2023 21:15:30

Description :
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section.

CVE ID : CVE-2023-39714
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/141e68161014e832e30d39b1979a8a6c#file-cve-2023-39714 | source : cve@mitre.org
https://www.sourcecodester.com/ | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41633

Première publication le : 01-09-2023 19:15:43
Dernière modification le : 01-09-2023 21:15:30

Description :
Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.

CVE ID : CVE-2023-41633
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/rycbar77/3da455382f88cfb6d6798572f34378bd | source : cve@mitre.org
https://rycbar77.github.io/2023/08/29/catdoc-0-95-nullptr-dereference/ | source : cve@mitre.org


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.