Dernières vulnérabilités du Vendredi 8 Septembre 2023

Dernières vulnérabilités du Vendredi 8 Septembre 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Dernière mise à jour efféctuée le 08/09/2023 à 23:58:02

(0) Vulnérabilité(s) CRITICAL [9.0, 10.0]

(3) Vulnérabilité(s) HIGH [7.0, 8.9]

Source : us.ibm.com

Vulnérabilité ID : CVE-2022-33164

Première publication le : 08-09-2023 20:15:14
Dernière modification le : 08-09-2023 20:15:14

Description :
IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view or write to arbitrary files on the system. IBM X-Force ID: 228579.

CVE ID : CVE-2022-33164
Source : psirt@us.ibm.com
Score CVSS : 8.7

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/228579 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7031021 | source : psirt@us.ibm.com

Vulnérabilité : CWE-22


Vulnérabilité ID : CVE-2023-38736

Première publication le : 08-09-2023 19:15:43
Dernière modification le : 08-09-2023 19:15:43

Description :
IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542.

CVE ID : CVE-2023-38736
Source : psirt@us.ibm.com
Score CVSS : 7.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/262542 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7030703 | source : psirt@us.ibm.com


Vulnérabilité ID : CVE-2023-30995

Première publication le : 08-09-2023 21:15:45
Dernière modification le : 08-09-2023 21:15:45

Description :
IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268.

CVE ID : CVE-2023-30995
Source : psirt@us.ibm.com
Score CVSS : 7.5

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/254268 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7029681 | source : psirt@us.ibm.com


(13) Vulnérabilité(s) MEDIUM [4.0, 6.9]

Source : qnapsecurity.com.tw

Vulnérabilité ID : CVE-2022-27599

Première publication le : 08-09-2023 02:15:07
Dernière modification le : 08-09-2023 12:58:39

Description :
An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later

CVE ID : CVE-2022-27599
Source : security@qnapsecurity.com.tw
Score CVSS : 6.7

Références :
https://www.qnap.com/en/security-advisory/qsa-23-08 | source : security@qnapsecurity.com.tw

Vulnérabilité : CWE-532


Source : hashicorp.com

Vulnérabilité ID : CVE-2023-4782

Première publication le : 08-09-2023 18:15:07
Dernière modification le : 08-09-2023 18:15:07

Description :
Terraform version 1.0.8 through 1.5.6 allows arbitrary file write during the `init` operation if run on maliciously crafted Terraform configuration. This vulnerability is fixed in Terraform 1.5.7.

CVE ID : CVE-2023-4782
Source : security@hashicorp.com
Score CVSS : 6.3

Références :
https://discuss.hashicorp.com/t/hcsec-2023-27-terraform-allows-arbitrary-file-write-during-init-operation/58082 | source : security@hashicorp.com

Vulnérabilité : CWE-22


Source : mitre.org

Vulnérabilité ID : CVE-2023-37368

Première publication le : 08-09-2023 03:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.

CVE ID : CVE-2023-37368
Source : cve@mitre.org
Score CVSS : 5.9

Références :
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37367

Première publication le : 08-09-2023 03:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages.

CVE ID : CVE-2023-37367
Source : cve@mitre.org
Score CVSS : 5.3

Références :
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ | source : cve@mitre.org


Source : us.ibm.com

Vulnérabilité ID : CVE-2022-22405

Première publication le : 08-09-2023 21:15:44
Dernière modification le : 08-09-2023 21:15:44

Description :
IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 222576.

CVE ID : CVE-2022-22405
Source : psirt@us.ibm.com
Score CVSS : 5.9

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/222576 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7029681 | source : psirt@us.ibm.com

Vulnérabilité : CWE-311


Vulnérabilité ID : CVE-2023-24965

Première publication le : 08-09-2023 21:15:44
Dernière modification le : 08-09-2023 21:15:44

Description :
IBM Aspera Faspex 5.0.5 does not restrict or incorrectly restricts access to a resource from an unauthorized actor. IBM X-Force ID: 246713.

CVE ID : CVE-2023-24965
Source : psirt@us.ibm.com
Score CVSS : 5.8

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/246713 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7029681 | source : psirt@us.ibm.com


Vulnérabilité ID : CVE-2023-32332

Première publication le : 08-09-2023 20:15:14
Dernière modification le : 08-09-2023 20:15:14

Description :
IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 255072.

CVE ID : CVE-2023-32332
Source : psirt@us.ibm.com
Score CVSS : 5.4

Références :
https://exchange.xforce.ibmcloud.com/vulnerabilities/255072 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7030367 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7030926 | source : psirt@us.ibm.com


Source : vmware.com

Vulnérabilité ID : CVE-2023-34041

Première publication le : 08-09-2023 08:15:07
Dernière modification le : 08-09-2023 12:58:39

Description :
Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.

CVE ID : CVE-2023-34041
Source : security@vmware.com
Score CVSS : 5.3

Références :
https://www.cloudfoundry.org/blog/abuse-of-http-hop-by-hop-headers-in-cloud-foundry-gorouter/ | source : security@vmware.com


Source : github.com

Vulnérabilité ID : CVE-2023-41338

Première publication le : 08-09-2023 19:15:43
Dernière modification le : 08-09-2023 19:15:43

Description :
Fiber is an Express inspired web framework built in the go language. Versions of gofiber prior to 2.49.2 did not properly restrict access to localhost. This issue impacts users of our project who rely on the `ctx.IsFromLocal` method to restrict access to localhost requests. If exploited, it could allow unauthorized access to resources intended only for localhost. Setting `X-Forwarded-For: 127.0.0.1` in a request from a foreign host, will result in true for `ctx.IsFromLocal`. Access is limited to the scope of the affected process. This issue has been patched in version `2.49.2` with commit `b8c9ede6`. Users are advised to upgrade. There are no known workarounds to remediate this vulnerability without upgrading to the patched version.

CVE ID : CVE-2023-41338
Source : security-advisories@github.com
Score CVSS : 5.3

Références :
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For | source : security-advisories@github.com
https://docs.gofiber.io/api/ctx#isfromlocal | source : security-advisories@github.com
https://github.com/gofiber/fiber/commit/b8c9ede6efa231116c4bd8bb9d5e03eac1cb76dc | source : security-advisories@github.com
https://github.com/gofiber/fiber/security/advisories/GHSA-3q5p-3558-364f | source : security-advisories@github.com

Vulnérabilité : CWE-670


Vulnérabilité ID : CVE-2023-41318

Première publication le : 08-09-2023 20:15:14
Dernière modification le : 08-09-2023 20:15:14

Description :
matrix-media-repo is a highly customizable multi-domain media repository for the Matrix chat ecosystem. In affected versions an attacker could upload a malicious piece of media to the media repo, which would then be served with `Content-Disposition: inline` upon download. This vulnerability could be leveraged to execute scripts embedded in SVG content. Commits `77ec235` and `bf8abdd` fix the issue and are included in the 1.3.0 release. Operators should upgrade to v1.3.0 as soon as possible. Operators unable to upgrade should override the `Content-Disposition` header returned by matrix-media-repo as a workaround.

CVE ID : CVE-2023-41318
Source : security-advisories@github.com
Score CVSS : 4.1

Références :
https://developer.mozilla.org/en-US/docs/Web/SVG/Element/script | source : security-advisories@github.com
https://github.com/turt2live/matrix-media-repo/commit/77ec2354e8f46d5ef149d1dcaf25f51c04149137 | source : security-advisories@github.com
https://github.com/turt2live/matrix-media-repo/commit/bf8abdd7a5371118e280c65a8e0ec2b2e9bdaf59 | source : security-advisories@github.com
https://github.com/turt2live/matrix-media-repo/security/advisories/GHSA-5crw-6j7v-xc72 | source : security-advisories@github.com

Vulnérabilité : CWE-79


Source : emc.com

Vulnérabilité ID : CVE-2023-32470

Première publication le : 08-09-2023 06:15:07
Dernière modification le : 08-09-2023 12:58:39

Description :
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).

CVE ID : CVE-2023-32470
Source : security_alert@emc.com
Score CVSS : 5.0

Références :
https://www.dell.com/support/kbdoc/en-us/000216243/dsa-2023-224 | source : security_alert@emc.com

Vulnérabilité : CWE-1386


Source : pega.com

Vulnérabilité ID : CVE-2023-4843

Première publication le : 08-09-2023 17:15:30
Dernière modification le : 08-09-2023 17:36:26

Description :
Pega Platform versions 7.1 to 8.8.3 are affected by an HTML Injection issue with a name field utilized in Visual Business Director, however this field can only be modified by an authenticated administrative user.

CVE ID : CVE-2023-4843
Source : security@pega.com
Score CVSS : 4.3

Références :
https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-d23-vulnerability-remediation-note? | source : security@pega.com

Vulnérabilité : CWE-74


Source : hcl.com

Vulnérabilité ID : CVE-2023-28010

Première publication le : 08-09-2023 18:15:07
Dernière modification le : 08-09-2023 18:15:07

Description :
In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks.

CVE ID : CVE-2023-28010
Source : psirt@hcl.com
Score CVSS : 4.0

Références :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107388 | source : psirt@hcl.com


(3) Vulnérabilité(s) LOW [0.1, 3.9]

Source : qualys.com

Vulnérabilité ID : CVE-2023-4777

Première publication le : 08-09-2023 09:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
An incorrect permission check in Qualys Container Scanning Connector Plugin 1.6.2.6 and earlier allows attackers with global Item/Configure permission (while lacking Item/Configure permission on any particular job) to enumerate credentials IDs of credentials stored in Jenkins and to connect to an attacker-specified URL using attacker-specified credentials IDs, capturing credentials stored in Jenkins.

CVE ID : CVE-2023-4777
Source : bugreport@qualys.com
Score CVSS : 3.1

Références :
https://www.qualys.com/security-advisories/ | source : bugreport@qualys.com

Vulnérabilité : CWE-732


Source : mitre.org

Vulnérabilité ID : CVE-2023-37377

Première publication le : 08-09-2023 03:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.

CVE ID : CVE-2023-37377
Source : cve@mitre.org
Score CVSS : 2.0

Références :
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40353

Première publication le : 08-09-2023 03:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.

CVE ID : CVE-2023-40353
Source : cve@mitre.org
Score CVSS : 2.0

Références :
https://semiconductor.samsung.com/support/quality-support/product-security-updates/ | source : cve@mitre.org


(26) Vulnérabilité(s) NO SCORE [0.0, 0.0]

Source : mitre.org

Vulnérabilité ID : CVE-2021-33834

Première publication le : 08-09-2023 02:15:07
Dernière modification le : 08-09-2023 12:58:44

Description :
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.

CVE ID : CVE-2021-33834
Source : cve@mitre.org
Score CVSS : /

Références :
https://www.insyde.com/security-pledge | source : cve@mitre.org
https://www.insyde.com/security-pledge/SA-2021004 | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-45811

Première publication le : 08-09-2023 02:15:07
Dernière modification le : 08-09-2023 12:58:39

Description :
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.

CVE ID : CVE-2021-45811
Source : cve@mitre.org
Score CVSS : /

Références :
http://enhancesoft.com | source : cve@mitre.org
http://osticket.com | source : cve@mitre.org
https://members.backbox.org/osticket-sql-injection/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-36184

Première publication le : 08-09-2023 02:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
CMysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component /spec/openrpc.json.

CVE ID : CVE-2023-36184
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/MystenLabs/sui/commit/8b681515c0cf435df2a54198a28ab4ef574d202b | source : cve@mitre.org
https://github.com/aptos-labs/aptos-core/commit/47a0391c612407fe0b1051ef658a29e35d986963 | source : cve@mitre.org
https://github.com/move-language/move/issues/1059 | source : cve@mitre.org
https://medium.com/@Beosin_com/critical-vulnerability-in-move-vm-can-cause-total-network-shutdown-and-potential-hard-fork-in-sui-49d0d942801c | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40271

Première publication le : 08-09-2023 02:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8.

CVE ID : CVE-2023-40271
Source : cve@mitre.org
Score CVSS : /

Références :
https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/security/security_advisories/cc3xx_partial_tag_compare_on_chacha20_poly1305.rst | source : cve@mitre.org
https://tf-m-user-guide.trustedfirmware.org/releases/index.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2021-27715

Première publication le : 08-09-2023 03:15:07
Dernière modification le : 08-09-2023 12:58:39

Description :
An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to bypass the authentication and execute arbitrary code via crafted HTTP request.

CVE ID : CVE-2021-27715
Source : cve@mitre.org
Score CVSS : /

Références :
http://mofi.com | source : cve@mitre.org
https://www.nagarro.com/services/security/mofi-cve-security-advisory | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-37759

Première publication le : 08-09-2023 03:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request.

CVE ID : CVE-2023-37759
Source : cve@mitre.org
Score CVSS : /

Références :
https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008 | source : cve@mitre.org
https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html | source : cve@mitre.org
https://tregix.com/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39620

Première publication le : 08-09-2023 03:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote attacker to obtain sensitive information via the guest account function.

CVE ID : CVE-2023-39620
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/bcross520/bcross520.github.io/wiki/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration. | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40953

Première publication le : 08-09-2023 03:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF).

CVE ID : CVE-2023-40953
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/ChubbyZ/e1e5c1858c389334dcf581a19c741308 | source : cve@mitre.org
https://www.icmsdev.com/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41594

Première publication le : 08-09-2023 03:15:08
Dernière modification le : 08-09-2023 12:58:39

Description :
Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters.

CVE ID : CVE-2023-41594
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/MATRIXDEVIL/CVE/blob/main/CVE-2023-41594 | source : cve@mitre.org
https://portswigger.net/web-security/sql-injection | source : cve@mitre.org
https://www.acunetix.com/vulnerabilities/web/sql-injection/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41615

Première publication le : 08-09-2023 03:15:09
Dernière modification le : 08-09-2023 12:58:39

Description :
Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields.

CVE ID : CVE-2023-41615
Source : cve@mitre.org
Score CVSS : /

Références :
https://medium.com/@guravtushar231/sql-injection-in-login-field-a9073780f7e8 | source : cve@mitre.org
https://phpgurukul.com/student-management-system-using-php-and-mysql/ | source : cve@mitre.org
https://portswigger.net/web-security/sql-injection | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39076

Première publication le : 08-09-2023 13:15:07
Dernière modification le : 08-09-2023 17:36:26

Description :
Injecting random data into the USB memory area on a General Motors (GM) Chevrolet Equinox 2021 Software. 2021.03.26 (build version) vehicle causes a Denial of Service (DoS) in the in-car infotainment system.

CVE ID : CVE-2023-39076
Source : cve@mitre.org
Score CVSS : /

Références :
https://blog.jhyeon.dev/posts/vuln/202307/gm-chevrolet/ | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39584

Première publication le : 08-09-2023 13:15:07
Dernière modification le : 08-09-2023 17:36:26

Description :
Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability.

CVE ID : CVE-2023-39584
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/hexojs/hexo/blob/a3e68e7576d279db22bd7481914286104e867834/lib/plugins/tag/include_code.js#L49 | source : cve@mitre.org
https://github.com/hexojs/hexo/issues/5250 | source : cve@mitre.org
https://www.gem-love.com/2023/07/25/hexo%E5%8D%9A%E5%AE%A2%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E5%92%8C%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/#undefined | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-40924

Première publication le : 08-09-2023 13:15:08
Dernière modification le : 08-09-2023 17:36:26

Description :
SolarView Compact < 6.00 is vulnerable to Directory Traversal.

CVE ID : CVE-2023-40924
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Yobing1/CVE-2023-40924/blob/main/README.md | source : cve@mitre.org
https://nvd.nist.gov/vuln/detail/CVE-2023-33620 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39676

Première publication le : 08-09-2023 14:15:11
Dernière modification le : 08-09-2023 17:36:26

Description :
SimpleImportProduct Prestashop Module v1.0.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the callback parameter at ajax.php.

CVE ID : CVE-2023-39676
Source : cve@mitre.org
Score CVSS : /

Références :
https://blog.sorcery.ie/posts/fieldpopupnewsletter_xss/ | source : cve@mitre.org
https://sorcery.ie | source : cve@mitre.org
https://themeforest.net/user/fieldthemes | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-39712

Première publication le : 08-09-2023 18:15:07
Dernière modification le : 08-09-2023 18:15:07

Description :
Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Put section.

CVE ID : CVE-2023-39712
Source : cve@mitre.org
Score CVSS : /

Références :
https://gist.github.com/Arajawat007/836b586cfb8faeb4edbe57ff1c5dc457#file-cve-2023-39712 | source : cve@mitre.org
https://www.sourcecodester.com/ | source : cve@mitre.org
https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41575

Première publication le : 08-09-2023 19:15:44
Dernière modification le : 08-09-2023 19:15:44

Description :
Multiple stored cross-site scripting (XSS) vulnerabilities in /bbdms/sign-up.php of Blood Bank & Donor Management v2.2 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Full Name, Message, or Address parameters.

CVE ID : CVE-2023-41575
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/soundarkutty/Stored-xss/blob/main/poc | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-41578

Première publication le : 08-09-2023 19:15:44
Dernière modification le : 08-09-2023 19:15:44

Description :
Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.

CVE ID : CVE-2023-41578
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/Snakinya/Bugs/issues/1 | source : cve@mitre.org


Vulnérabilité ID : CVE-2023-42268

Première publication le : 08-09-2023 19:15:44
Dernière modification le : 08-09-2023 19:15:44

Description :
Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show.

CVE ID : CVE-2023-42268
Source : cve@mitre.org
Score CVSS : /

Références :
https://github.com/jeecgboot/jeecg-boot/issues/5311 | source : cve@mitre.org


Source : jpcert.or.jp

Vulnérabilité ID : CVE-2014-5329

Première publication le : 08-09-2023 03:15:07
Dernière modification le : 08-09-2023 12:58:39

Description :
GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation. 8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.

CVE ID : CVE-2014-5329
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/jp/JVN23809730/ | source : vultures@jpcert.or.jp


Vulnérabilité ID : CVE-2023-41775

Première publication le : 08-09-2023 08:15:07
Dernière modification le : 08-09-2023 12:58:39

Description :
Improper access control vulnerability in 'direct' Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. of the device where the product is installed without the user's consent.

CVE ID : CVE-2023-41775
Source : vultures@jpcert.or.jp
Score CVSS : /

Références :
https://jvn.jp/en/jp/JVN42691027/ | source : vultures@jpcert.or.jp
https://status.direct4b.com/2023/08/31/2023083101/ | source : vultures@jpcert.or.jp


Source : openssl.org

Vulnérabilité ID : CVE-2023-4807

Première publication le : 08-09-2023 12:15:08
Dernière modification le : 08-09-2023 18:15:07

Description :
Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications on the Windows 64 platform when running on newer X86_64 processors supporting the AVX512-IFMA instructions. Impact summary: If in an application that uses the OpenSSL library an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL does not save the contents of non-volatile XMM registers on Windows 64 platform when calculating the MAC of data larger than 64 bytes. Before returning to the caller all the XMM registers are set to zero rather than restoring their previous content. The vulnerable code is used only on newer x86_64 processors supporting the AVX512-IFMA instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However given the contents of the registers are just zeroized so the attacker cannot put arbitrary values inside, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3 and a malicious client can influence whether this AEAD cipher is used by the server. This implies that server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue. As a workaround the AVX512-IFMA instructions support can be disabled at runtime by setting the environment variable OPENSSL_ia32cap: OPENSSL_ia32cap=:~0x200000 The FIPS provider is not affected by this issue.

CVE ID : CVE-2023-4807
Source : openssl-security@openssl.org
Score CVSS : /

Références :
http://www.openwall.com/lists/oss-security/2023/09/08/1 | source : openssl-security@openssl.org
http://www.openwall.com/lists/oss-security/2023/09/08/3 | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=4bfac4471f53c4f74c8d81020beb938f92d84ca5 | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6754de4a121ec7f261b16723180df6592cbb4508 | source : openssl-security@openssl.org
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a632d534c73eeb3e3db8c7540d811194ef7c79ff | source : openssl-security@openssl.org
https://www.openssl.org/news/secadv/20230908.txt | source : openssl-security@openssl.org


Source : golang.org

Vulnérabilité ID : CVE-2023-39318

Première publication le : 08-09-2023 17:15:27
Dernière modification le : 08-09-2023 17:36:26

Description :
The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.

CVE ID : CVE-2023-39318
Source : security@golang.org
Score CVSS : /

Références :
https://go.dev/cl/526156 | source : security@golang.org
https://go.dev/issue/62196 | source : security@golang.org
https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ | source : security@golang.org
https://pkg.go.dev/vuln/GO-2023-2041 | source : security@golang.org

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39319

Première publication le : 08-09-2023 17:15:27
Dernière modification le : 08-09-2023 17:36:26

Description :
The html/template package does not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack.

CVE ID : CVE-2023-39319
Source : security@golang.org
Score CVSS : /

Références :
https://go.dev/cl/526157 | source : security@golang.org
https://go.dev/issue/62197 | source : security@golang.org
https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ | source : security@golang.org
https://pkg.go.dev/vuln/GO-2023-2043 | source : security@golang.org

Vulnérabilité : CWE-79


Vulnérabilité ID : CVE-2023-39320

Première publication le : 08-09-2023 17:15:27
Dernière modification le : 08-09-2023 17:36:26

Description :
The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command from the module proxy, as well as modules downloaded directly using VCS software.

CVE ID : CVE-2023-39320
Source : security@golang.org
Score CVSS : /

Références :
https://go.dev/cl/526158 | source : security@golang.org
https://go.dev/issue/62198 | source : security@golang.org
https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ | source : security@golang.org
https://pkg.go.dev/vuln/GO-2023-2042 | source : security@golang.org

Vulnérabilité : CWE-94


Vulnérabilité ID : CVE-2023-39321

Première publication le : 08-09-2023 17:15:28
Dernière modification le : 08-09-2023 17:36:26

Description :
Processing an incomplete post-handshake message for a QUIC connection can cause a panic.

CVE ID : CVE-2023-39321
Source : security@golang.org
Score CVSS : /

Références :
https://go.dev/cl/523039 | source : security@golang.org
https://go.dev/issue/62266 | source : security@golang.org
https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ | source : security@golang.org
https://pkg.go.dev/vuln/GO-2023-2044 | source : security@golang.org

Vulnérabilité : CWE-400


Vulnérabilité ID : CVE-2023-39322

Première publication le : 08-09-2023 17:15:28
Dernière modification le : 08-09-2023 17:36:26

Description :
QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.

CVE ID : CVE-2023-39322
Source : security@golang.org
Score CVSS : /

Références :
https://go.dev/cl/523039 | source : security@golang.org
https://go.dev/issue/62266 | source : security@golang.org
https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ | source : security@golang.org
https://pkg.go.dev/vuln/GO-2023-2045 | source : security@golang.org

Vulnérabilité : CWE-400


Ce site web utilise l'API de la NVD, mais n'est pas approuvé ou certifié par la NVD.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.