Dernières vulnérabilités du Vendredi 21 Juillet 2023

Dernières vulnérabilités du Vendredi 21 Juillet 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 21/07/2023 à 20:58:05

(4) Vulnérabilité(s) CRITICAL [9.0, 10.0]

Source : cert.org.tw

Vulnérabilité ID : CVE-2023-37292

Première publication le : 21-07-2023 05:15:15
Dernière modification le : 21-07-2023 12:52:26

Description :
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in HGiga iSherlock 4.5 (iSherlock-user modules), HGiga iSherlock 5.5 (iSherlock-user modules) allows OS Command Injection.This issue affects iSherlock 4.5: before iSherlock-user-4.5-174; iSherlock 5.5: before iSherlock-user-5.5-174.

CVE ID : CVE-2023-37292
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7239-8fc29-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-78


Vulnérabilité ID : CVE-2023-35086

Première publication le : 21-07-2023 07:15:10
Dernière modification le : 21-07-2023 12:52:26

Description :
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by directly using input as a format string when calling syslog in logmessage_normal function, in the do_detwan_cgi module of httpd. An unauthenticated remote attacker without privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service. This issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529.

CVE ID : CVE-2023-35086
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7240-a5f96-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-134


Vulnérabilité ID : CVE-2023-35087

Première publication le : 21-07-2023 08:15:09
Dernière modification le : 21-07-2023 12:52:26

Description :
It is identified a format string vulnerability in ASUS RT-AX56U V2 & RT-AC86U. This vulnerability is caused by lacking validation for a specific value when calling cm_processChangedConfigMsg in ccm_processREQ_CHANGED_CONFIG function in AiMesh system. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service. This issue affects RT-AX56U V2: 3.0.0.4.386_50460; RT-AC86U: 3.0.0.4_386_51529.

CVE ID : CVE-2023-35087
Source : twcert@cert.org.tw
Score CVSS : 9.8

Références :
https://www.twcert.org.tw/tw/cp-132-7249-ab2d1-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-134


Source : emc.com

Vulnérabilité ID : CVE-2023-32478

Première publication le : 21-07-2023 06:15:09
Dernière modification le : 21-07-2023 12:52:26

Description :
Dell PowerStore versions prior to 3.5.0.1 contain an insertion of sensitive information into log file vulnerability. A high privileged malicious user could potentially exploit this vulnerability, leading to sensitive information disclosure.

CVE ID : CVE-2023-32478
Source : security_alert@emc.com
Score CVSS : 9.0

Références :
https://www.dell.com/support/kbdoc/en-us/000215171/dsa-2023-173-dell-powerstore-family-security-update-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnérabilité : CWE-532


(10) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : cert.org.tw

Vulnérabilité ID : CVE-2023-37291

Première publication le : 21-07-2023 04:15:15
Dernière modification le : 21-07-2023 12:52:26

Description :
Galaxy Software Services Vitals ESP is vulnerable to using a hard-coded encryption key. An unauthenticated remote attacker can generate a valid token parameter and exploit this vulnerability to access system to operate processes and access data. This issue affects Vitals ESP: from 3.0.8 through 6.2.0.

CVE ID : CVE-2023-37291
Source : twcert@cert.org.tw
Score CVSS : 8.6

Références :
https://www.twcert.org.tw/tw/cp-132-7224-4fe1f-1.html | source : twcert@cert.org.tw

Vulnérabilité : CWE-798


Source : esri.com

Vulnérabilité ID : CVE-2023-25835

Première publication le : 21-07-2023 00:15:10
Dernière modification le : 21-07-2023 12:52:32

Description :
There is a Cross-site Scripting vulnerability in Esri Portal Sites in versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. The privileges required to execute this attack are high.

CVE ID : CVE-2023-25835
Source : psirt@esri.com
Score CVSS : 8.4

Références :
https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-enterprise-sites-security-patch-is-now-available/ | source : psirt@esri.com

Vulnérabilité : CWE-79


Source : gitlab.com

Vulnérabilité ID : CVE-2023-3484

Première publication le : 21-07-2023 14:15:10
Dernière modification le : 21-07-2023 14:15:10

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 12.8 before 15.11.11, all versions starting from 16.0 before 16.0.7, all versions starting from 16.1 before 16.1.2. An attacker could change the name or path of a public top-level group in certain situations.

CVE ID : CVE-2023-3484
Source : cve@gitlab.com
Score CVSS : 8.0

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/416773 | source : cve@gitlab.com
https://hackerone.com/reports/2035687 | source : cve@gitlab.com

Vulnérabilité : CWE-840


Source : gg.jp.panasonic.com

Vulnérabilité ID : CVE-2023-28728

Première publication le : 21-07-2023 07:15:09
Dernière modification le : 21-07-2023 12:52:26

Description :
A stack-based buffer overflow in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files.

CVE ID : CVE-2023-28728
Source : product-security@gg.jp.panasonic.com
Score CVSS : 7.8

Références :
https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro | source : product-security@gg.jp.panasonic.com

Vulnérabilité : CWE-121


Vulnérabilité ID : CVE-2023-28729

Première publication le : 21-07-2023 07:15:09
Dernière modification le : 21-07-2023 12:52:26

Description :
A type confusion vulnerability in Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files.

CVE ID : CVE-2023-28729
Source : product-security@gg.jp.panasonic.com
Score CVSS : 7.8

Références :
https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro | source : product-security@gg.jp.panasonic.com

Vulnérabilité : CWE-843


Vulnérabilité ID : CVE-2023-28730

Première publication le : 21-07-2023 07:15:10
Dernière modification le : 21-07-2023 12:52:26

Description :
A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files.

CVE ID : CVE-2023-28730
Source : product-security@gg.jp.panasonic.com
Score CVSS : 7.8

Références :
https://industry.panasonic.eu/factory-automation/programmable-logic-controllers-plc/plc-software/programming-software-control-fpwin-pro | source : product-security@gg.jp.panasonic.com

Vulnérabilité : CWE-119


Source : huntr.dev

Vulnérabilité ID : CVE-2023-3819

Première publication le : 21-07-2023 15:15:10
Dernière modification le : 21-07-2023 15:15:10

Description :
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository pimcore/pimcore prior to 10.6.4.

CVE ID : CVE-2023-3819
Source : security@huntr.dev
Score CVSS : 7.6

Références :
https://github.com/pimcore/pimcore/commit/0237527b3244d251fa5ecd4912dfe4f8b2125c54 | source : security@huntr.dev
https://huntr.dev/bounties/be5e4d4c-1b0b-4c01-a1fc-00533135817c | source : security@huntr.dev

Vulnérabilité : CWE-200


Vulnérabilité ID : CVE-2023-3820

Première publication le : 21-07-2023 15:15:10
Dernière modification le : 21-07-2023 15:15:10

Description :
SQL Injection in GitHub repository pimcore/pimcore prior to 10.6.4.

CVE ID : CVE-2023-3820
Source : security@huntr.dev
Score CVSS : 7.2

Références :
https://github.com/pimcore/pimcore/commit/e641968979d4a2377bbea5e2a76bdede040d0b97 | source : security@huntr.dev
https://huntr.dev/bounties/b00a38b6-d040-494d-bf46-38f46ac1a1db | source : security@huntr.dev

Vulnérabilité : CWE-89


Source : wordfence.com

Vulnérabilité ID : CVE-2023-3813

Première publication le : 21-07-2023 03:15:10
Dernière modification le : 21-07-2023 12:52:26

Description :
The Jupiter X Core plugin for WordPress is vulnerable to arbitrary file downloads in versions up to, and including, 2.5.0. This makes it possible for unauthenticated attackers to download the contents of arbitrary files on the server, which can contain sensitive information. The requires the premium version of the plugin to be activated.

CVE ID : CVE-2023-3813
Source : security@wordfence.com
Score CVSS : 7.5

Références :
https://plugins.trac.wordpress.org/browser/jupiterx-core/trunk/includes/extensions/raven/includes/utils.php?rev=2777235#L425 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/f767d94b-fe92-4b69-9d81-96de51e12983?source=cve | source : security@wordfence.com

Vulnérabilité : CWE-22


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3805

Première publication le : 21-07-2023 02:15:09
Dernière modification le : 21-07-2023 12:52:26

Description :
A vulnerability, which was classified as critical, has been found in Xiamen Four Letter Video Surveillance Management System up to 20230712. This issue affects some unknown processing in the library UserInfoAction.class of the component Login. The manipulation leads to improper authorization. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235073 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3805
Source : cna@vuldb.com
Score CVSS : 7.3

Références :
https://github.com/GUIqizsq/cve/blob/main/login.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.235073 | source : cna@vuldb.com
https://vuldb.com/?id.235073 | source : cna@vuldb.com

Vulnérabilité : CWE-285


(17) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : esri.com

Vulnérabilité ID : CVE-2023-25837

Première publication le : 21-07-2023 04:15:12
Dernière modification le : 21-07-2023 12:52:26

Description :
There is a Cross-site Scripting vulnerability in Esri Portal Sites in versions 10.8.1 – 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. The privileges required to execute this attack are high.

CVE ID : CVE-2023-25837
Source : psirt@esri.com
Score CVSS : 6.8

Références :
https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-enterprise-sites-security-patch-is-now-available/ | source : psirt@esri.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-25836

Première publication le : 21-07-2023 04:15:11
Dernière modification le : 21-07-2023 12:52:26

Description :
There is a Cross-site Scripting vulnerability in Esri Portal Sites in versions 10.8.1 – 10.9 that may allow a remote, authenticated attacker to create a crafted link which when clicked could potentially execute arbitrary JavaScript code in the victims browser. The privileges required to execute this attack are low.

CVE ID : CVE-2023-25836
Source : psirt@esri.com
Score CVSS : 5.4

Références :
https://www.esri.com/arcgis-blog/products/trust-arcgis/administration/portal-for-arcgis-enterprise-sites-security-patch-is-now-available/ | source : psirt@esri.com

Vulnérabilité : CWE-79


Source : microsoft.com

Vulnérabilité ID : CVE-2023-38187

Première publication le : 21-07-2023 18:15:10
Dernière modification le : 21-07-2023 18:15:10

Description :
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE ID : CVE-2023-38187
Source : secure@microsoft.com
Score CVSS : 6.5

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38187 | source : secure@microsoft.com


Vulnérabilité ID : CVE-2023-35392

Première publication le : 21-07-2023 18:15:10
Dernière modification le : 21-07-2023 18:15:10

Description :
Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE ID : CVE-2023-35392
Source : secure@microsoft.com
Score CVSS : 4.7

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35392 | source : secure@microsoft.com


Vulnérabilité ID : CVE-2023-38173

Première publication le : 21-07-2023 18:15:10
Dernière modification le : 21-07-2023 18:15:10

Description :
Microsoft Edge for Android Spoofing Vulnerability

CVE ID : CVE-2023-38173
Source : secure@microsoft.com
Score CVSS : 4.3

Références :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38173 | source : secure@microsoft.com


Source : vuldb.com

Vulnérabilité ID : CVE-2023-3806

Première publication le : 21-07-2023 02:15:10
Dernière modification le : 21-07-2023 12:52:26

Description :
A vulnerability, which was classified as critical, was found in SourceCodester House Rental and Property Listing System 1.0. Affected is an unknown function of the file btn_functions.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-235074 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3806
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/GZRsecurity/Cve-System/blob/main/House%20Rental%20and%20Property%20Listing%20System%20register.php%20has%20%20File%20Upload(RCE)%20Vulnerability.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.235074 | source : cna@vuldb.com
https://vuldb.com/?id.235074 | source : cna@vuldb.com

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-3807

Première publication le : 21-07-2023 03:15:10
Dernière modification le : 21-07-2023 12:52:26

Description :
A vulnerability has been found in Campcodes Beauty Salon Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file edit_product.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235075.

CVE ID : CVE-2023-3807
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/E1CHO/cve_hub/blob/main/Beauty%20Salon%20Management%20System%20-%20vuln%202.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.235075 | source : cna@vuldb.com
https://vuldb.com/?id.235075 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3808

Première publication le : 21-07-2023 03:15:10
Dernière modification le : 21-07-2023 12:52:26

Description :
A vulnerability was found in Hospital Management System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file patientforgotpassword.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235076.

CVE ID : CVE-2023-3808
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/GZRsecurity/Cve-System/blob/main/Hospital%20Management%20System%20patientforgotpassword.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.235076 | source : cna@vuldb.com
https://vuldb.com/?id.235076 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3809

Première publication le : 21-07-2023 04:15:15
Dernière modification le : 21-07-2023 12:52:26

Description :
A vulnerability was found in Hospital Management System 1.0. It has been classified as critical. This affects an unknown part of the file patient.php. The manipulation of the argument address leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235077 was assigned to this vulnerability.

CVE ID : CVE-2023-3809
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/GZRsecurity/Cve-System/blob/main/Hospital%20Management%20System%20patient.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.235077 | source : cna@vuldb.com
https://vuldb.com/?id.235077 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3810

Première publication le : 21-07-2023 04:15:16
Dernière modification le : 21-07-2023 12:52:26

Description :
A vulnerability was found in Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file patientappointment.php. The manipulation of the argument loginid/password/mobileno/appointmentdate/appointmenttime/patiente/dob/doct/city leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-235078 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3810
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/GZRsecurity/Cve-System/blob/main/Hospital%20Management%20System%20patientappointment.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.235078 | source : cna@vuldb.com
https://vuldb.com/?id.235078 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3811

Première publication le : 21-07-2023 05:15:15
Dernière modification le : 21-07-2023 12:52:26

Description :
A vulnerability was found in Hospital Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file patientprofile.php. The manipulation of the argument address leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235079.

CVE ID : CVE-2023-3811
Source : cna@vuldb.com
Score CVSS : 6.3

Références :
https://github.com/GZRsecurity/Cve-System/blob/main/Hospital%20Management%20System%20patientprofile.php%20has%20Sqlinjection.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.235079 | source : cna@vuldb.com
https://vuldb.com/?id.235079 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3801

Première publication le : 21-07-2023 00:15:10
Dernière modification le : 21-07-2023 12:52:32

Description :
A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. Affected by this vulnerability is the function actionEdit of the file ?r=officialdoc/officialdoc/edit of the component Mobile Notification Handler. The manipulation leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-235069 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3801
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/funnn7/cve/blob/main/sql.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.235069 | source : cna@vuldb.com
https://vuldb.com/?id.235069 | source : cna@vuldb.com

Vulnérabilité : CWE-89


Vulnérabilité ID : CVE-2023-3802

Première publication le : 21-07-2023 00:15:10
Dernière modification le : 21-07-2023 12:52:32

Description :
A vulnerability was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /Controller/Ajaxfileupload.ashx. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and may be used. VDB-235070 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3802
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/GUIqizsq/cve/blob/main/upload_1.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.235070 | source : cna@vuldb.com
https://vuldb.com/?id.235070 | source : cna@vuldb.com

Vulnérabilité : CWE-434


Vulnérabilité ID : CVE-2023-3804

Première publication le : 21-07-2023 01:15:11
Dernière modification le : 21-07-2023 12:52:32

Description :
A vulnerability classified as problematic was found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This vulnerability affects unknown code of the file /Service/FileHandler.ashx. The manipulation of the argument userFile leads to unrestricted upload. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235072. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3804
Source : cna@vuldb.com
Score CVSS : 5.5

Références :
https://github.com/yueying638/cve/blob/main/upload.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.235072 | source : cna@vuldb.com
https://vuldb.com/?id.235072 | source : cna@vuldb.com

Vulnérabilité : CWE-434


Source : huntr.dev

Vulnérabilité ID : CVE-2023-3821

Première publication le : 21-07-2023 15:15:10
Dernière modification le : 21-07-2023 15:15:10

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.6.4.

CVE ID : CVE-2023-3821
Source : security@huntr.dev
Score CVSS : 6.1

Références :
https://github.com/pimcore/pimcore/commit/92811f07d39e4ad95c92003868f5f7309489d79c | source : security@huntr.dev
https://huntr.dev/bounties/599ba4f6-c900-4161-9127-f1e6a6e29aaa | source : security@huntr.dev

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3822

Première publication le : 21-07-2023 15:15:10
Dernière modification le : 21-07-2023 15:15:10

Description :
Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.4.

CVE ID : CVE-2023-3822
Source : security@huntr.dev
Score CVSS : 6.0

Références :
https://github.com/pimcore/pimcore/commit/d75888a9b14baaad591548463cca09dfd1395236 | source : security@huntr.dev
https://huntr.dev/bounties/2a3a13fe-2a9a-4d1a-8814-fd8ed1e3b1d5 | source : security@huntr.dev

Vulnérabilité : CWE-79


Source : gitlab.com

Vulnérabilité ID : CVE-2023-3102

Première publication le : 21-07-2023 16:15:10
Dernière modification le : 21-07-2023 16:15:10

Description :
A sensitive information leak issue has been discovered in GitLab EE affecting all versions starting from 16.0 before 16.0.6, all versions starting from 16.1 before 16.1.1, which allows access to titles of private issue and MR.

CVE ID : CVE-2023-3102
Source : cve@gitlab.com
Score CVSS : 5.3

Références :
https://gitlab.com/gitlab-org/gitlab/-/issues/414269 | source : cve@gitlab.com
https://hackerone.com/reports/2012073 | source : cve@gitlab.com

Vulnérabilité : CWE-200


(2) Vulnérabilité(s) LOW [0.1, 3.9]

Source : vuldb.com

Vulnérabilité ID : CVE-2023-3815

Première publication le : 21-07-2023 05:15:15
Dernière modification le : 21-07-2023 12:52:26

Description :
A vulnerability, which was classified as problematic, has been found in y_project RuoYi up to 4.7.7. Affected by this issue is the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be launched remotely. VDB-235118 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-3815
Source : cna@vuldb.com
Score CVSS : 3.5

Références :
https://gitee.com/y_project/RuoYi/issues/I7IL85 | source : cna@vuldb.com
https://vuldb.com/?ctiid.235118 | source : cna@vuldb.com
https://vuldb.com/?id.235118 | source : cna@vuldb.com

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-3803

Première publication le : 21-07-2023 01:15:11
Dernière modification le : 21-07-2023 12:52:32

Description :
A vulnerability classified as problematic has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This affects an unknown part of the file /Service/ImageStationDataService.asmx of the component File Name Handler. The manipulation leads to insufficiently random values. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235071. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-3803
Source : cna@vuldb.com
Score CVSS : 2.6

Références :
https://github.com/GUIqizsq/cve/blob/main/upload_2.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.235071 | source : cna@vuldb.com
https://vuldb.com/?id.235071 | source : cna@vuldb.com

Vulnérabilité : CWE-330


(6) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : jpcert.or.jp

Vulnérabilité ID : CVE-2023-32624

Première publication le : 21-07-2023 01:15:10
Dernière modification le : 21-07-2023 12:52:32

Description :
Cross-site scripting vulnerability in TS Webfonts for SAKURA 3.1.0 and earlier allows a remote unauthenticated attacker to inject an arbitrary script.

CVE ID : CVE-2023-32624
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://ja.wordpress.org/plugins/ts-webfonts-for-sakura/#developers | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN90560760/ | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-32625

Première publication le : 21-07-2023 01:15:10
Dernière modification le : 21-07-2023 12:52:32

Description :
Cross-site request forgery (CSRF) vulnerability in TS Webfonts for SAKURA 3.1.2 and earlier allows a remote unauthenticated attacker to hijack the authentication of a user and to change settings by having a user view a malicious page.

CVE ID : CVE-2023-32625
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://ja.wordpress.org/plugins/ts-webfonts-for-sakura/#developers | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN90560760/ | source : vultures@jpcert.or.jp


Source : mitre.org

Vulnérabilité ID : CVE-2023-38632

Première publication le : 21-07-2023 02:15:09
Dernière modification le : 21-07-2023 12:52:26

Description :
async-sockets-cpp through 0.3.1 has a stack-based buffer overflow in tcpsocket.hpp when processing malformed TCP packets.

CVE ID : CVE-2023-38632
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/eminfedar/async-sockets-cpp/issues/31 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-38646

Première publication le : 21-07-2023 15:15:10
Dernière modification le : 21-07-2023 15:15:10

Description :
Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.

CVE ID : CVE-2023-38646
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/metabase/metabase/releases/tag/v0.46.6.1 | source : cve@mitre.org
https://news.ycombinator.com/item?id=36812256 | source : cve@mitre.org
https://www.metabase.com/blog/security-advisory | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37742

Première publication le : 21-07-2023 16:15:09
Dernière modification le : 21-07-2023 16:15:09

Description :
WebBoss.io CMS before v3.6.8.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability.

CVE ID : CVE-2023-37742
Source : cve@mitre.org
Score CVSS : /

Références :
https://webboss.feedbear.com/updates | source : cve@mitre.org
https://webboss.io/page/bughunter-acknowledgments.html | source : cve@mitre.org
https://www.realinfosec.net/advisories/WEBBOSS-XSS-2022-0xd3fcf.html | source : cve@mitre.org


Source : hp.com

Vulnérabilité ID : CVE-2023-26301

Première publication le : 21-07-2023 17:15:10
Dernière modification le : 21-07-2023 17:15:10

Description :
Certain HP LaserJet Pro print products are potentially vulnerable to an Elevation of Privilege and/or Information Disclosure related to a lack of authentication with certain endpoints.

CVE ID : CVE-2023-26301
Source : hp-security-alert@hp.com
Score CVSS : /

Références :
https://support.hp.com/us-en/document/ish_8746769-8746795-16/hpsbpi03855 | source : hp-security-alert@hp.com


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.