Last Vulnerabilities 2023-06-20-MEDIUM

Last Vulnerabilities 2023-06-20-MEDIUM

Vuln ID : CVE-2023-3316

Publie le 2023-06-19T12:15:09.520

Derniere modification : 2023-06-20T07:12:55.493

Description :
A NULL pointer dereference in TIFFClose() is caused by a failure to open an output file (non-existent path or a path that requires permissions like /dev/null) while specifying zones.

CVE ID: CVE-2023-3316

Source : reefs@jfrog.com

Score CVSS : 5.9

References :
[{'url': 'https://research.jfrog.com/vulnerabilities/libtiff-nullderef-dos-xray-522144/', 'source': 'reefs@jfrog.com'}]


Vuln ID : CVE-2023-33213

Publie le 2023-06-19T13:15:09.743

Derniere modification : 2023-06-20T07:12:55.493

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in gVectors Display Custom Fields โ€“ wpView plugin <= 1.3.0 versions.

CVE ID: CVE-2023-33213

Source : audit@patchstack.com

Score CVSS : 5.9

References :
[{'url': 'https://patchstack.com/database/vulnerability/wpview/wordpress-wpview-plugin-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}]


Vuln ID : CVE-2023-34373

Publie le 2023-06-19T13:15:09.813

Derniere modification : 2023-06-20T07:12:55.493

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Dylan James Zephyr Project Manager plugin <= 3.3.93 versions.

CVE ID: CVE-2023-34373

Source : audit@patchstack.com

Score CVSS : 5.4

References :
[{'url': 'https://patchstack.com/database/vulnerability/zephyr-project-manager/wordpress-zephyr-project-manager-plugin-3-3-93-cross-site-request-forgery-csrf-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}]


Vuln ID : CVE-2023-35776

Publie le 2023-06-19T14:15:09.763

Derniere modification : 2023-06-20T07:12:55.493

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Beplus Sermon'e โ€“ Sermons Online plugin <= 1.0.0 versions.

CVE ID: CVE-2023-35776

Source : audit@patchstack.com

Score CVSS : 6.5

References :
[{'url': 'https://patchstack.com/database/vulnerability/sermone-online-sermons-management/wordpress-sermon-e-sermons-online-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}]


Vuln ID : CVE-2023-35779

Publie le 2023-06-19T14:15:09.827

Derniere modification : 2023-06-20T07:12:55.493

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Seed Webs Seed Fonts plugin <= 2.3.1 versions.

CVE ID: CVE-2023-35779

Source : audit@patchstack.com

Score CVSS : 5.9

References :
[{'url': 'https://patchstack.com/database/vulnerability/seed-fonts/wordpress-seed-fonts-plugin-2-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}]


Vuln ID : CVE-2023-34461

Publie le 2023-06-19T18:15:09.763

Derniere modification : 2023-06-20T07:12:55.493

Description :
PyBB is an open source bulletin board. A manual code review of the PyBB bulletin board server has revealed that a vulnerability could have been exploited in which users could submit any type of HTML tag, and have said tag run. For example, a malicious `<a>` that looks like ```<a href=javascript:alert (1)>xss</a>``` could have been used to run code through JavaScript on the client side. The problem has been patched as of commit `5defd92`, and users are advised to upgrade. Attackers do need posting privilege in order to exploit this vulnerability. This vulnerability is present within the 0.1.0 release, and users are advised to upgrade to 0.1.1. Users unable to upgrade may be able to work around the attack by either; Removing the ability to create posts, removing the `|safe` tag from the Jinja2 template titled "post.html" in templates or by adding manual validation of links in the post creation section.

CVE ID: CVE-2023-34461

Source : security-advisories@github.com

Score CVSS : 4.6

References :
[{'url': 'https://github.com/benjjvi/PyBB/commit/5defd922ab05a193a783392d447c6538628cf854', 'source': 'security-advisories@github.com'}, {'url': 'https://github.com/benjjvi/PyBB/security/advisories/GHSA-mv96-w49p-438p', 'source': 'security-advisories@github.com'}]


Vuln ID : CVE-2023-29158

Publie le 2023-06-19T21:15:42.033

Derniere modification : 2023-06-20T07:12:55.493

Description :
SUBNET PowerSYSTEM Center versions 2020 U10 and prior are vulnerable to replay attacks which may result in a denial-of-service condition or a loss of data integrity.

CVE ID: CVE-2023-29158

Source : ics-cert@hq.dhs.gov

Score CVSS : 6.1

References :
[{'url': 'https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01', 'source': 'ics-cert@hq.dhs.gov'}]


Vuln ID : CVE-2023-32659

Publie le 2023-06-19T21:15:42.113

Derniere modification : 2023-06-20T07:12:55.493

Description :
SUBNET PowerSYSTEM Center versions 2020 U10 and prior contain a cross-site scripting vulnerability that may allow an attacker to inject malicious code into report header graphic files that could propagate out of the system and reach users who are subscribed to email notifications.

CVE ID: CVE-2023-32659

Source : ics-cert@hq.dhs.gov

Score CVSS : 6.5

References :
[{'url': 'https://www.cisa.gov/news-events/ics-advisories/icsa-23-166-01', 'source': 'ics-cert@hq.dhs.gov'}]


Vuln ID : CVE-2023-3320

Publie le 2023-06-20T03:15:09.100

Derniere modification : 2023-06-20T07:12:55.493

Description :
The WP Sticky Social plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation in the ~/admin/views/admin.php file. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID: CVE-2023-3320

Source : security@wordfence.com

Score CVSS : 6.1

References :
[{'url': 'https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2926150%40wp-sticky-social&new=2926150%40wp-sticky-social', 'source': 'security@wordfence.com'}, {'url': 'https://www.wordfence.com/threat-intel/vulnerabilities/id/a272e12b-97a2-421a-a703-3acce2ed8313?source=cve', 'source': 'security@wordfence.com'}]


Vuln ID : CVE-2023-26428

Publie le 2023-06-20T08:15:09.163

Derniere modification : 2023-06-20T13:03:08.293

Description :
Attackers can successfully request arbitrary snippet IDs, including E-Mail signatures of other users within the same context. Signatures of other users could be read even though they are not explicitly shared. We improved permission handling when requesting snippets that are not explicitly shared with other users. No publicly available exploits are known.

CVE ID: CVE-2023-26428

Source : security@open-xchange.com

Score CVSS : 6.5

References :
[{'url': 'https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json', 'source': 'security@open-xchange.com'}, {'url': 'https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf', 'source': 'security@open-xchange.com'}]


Vuln ID : CVE-2023-26431

Publie le 2023-06-20T08:15:09.297

Derniere modification : 2023-06-20T13:03:08.293

Description :
IPv4-mapped IPv6 addresses did not get recognized as "local" by the code and a connection attempt is made. Attackers with access to user accounts could use this to bypass existing deny-list functionality and trigger requests to restricted network infrastructure to gain insight about topology and running services. We now respect possible IPV4-mapped IPv6 addresses when checking if contained in a deny-list. No publicly available exploits are known.

CVE ID: CVE-2023-26431

Source : security@open-xchange.com

Score CVSS : 5.0

References :
[{'url': 'https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json', 'source': 'security@open-xchange.com'}, {'url': 'https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf', 'source': 'security@open-xchange.com'}]


Vuln ID : CVE-2023-26432

Publie le 2023-06-20T08:15:09.360

Derniere modification : 2023-06-20T13:03:08.293

Description :
When adding an external mail account, processing of SMTP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue SMTP service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted SMTP server response to reasonable length/size. No publicly available exploits are known.

CVE ID: CVE-2023-26432

Source : security@open-xchange.com

Score CVSS : 4.3

References :
[{'url': 'https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json', 'source': 'security@open-xchange.com'}, {'url': 'https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf', 'source': 'security@open-xchange.com'}]


Vuln ID : CVE-2023-26433

Publie le 2023-06-20T08:15:09.427

Derniere modification : 2023-06-20T13:03:08.293

Description :
When adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue IMAP service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted IMAP server response to reasonable length/size. No publicly available exploits are known.

CVE ID: CVE-2023-26433

Source : security@open-xchange.com

Score CVSS : 4.3

References :
[{'url': 'https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json', 'source': 'security@open-xchange.com'}, {'url': 'https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf', 'source': 'security@open-xchange.com'}]


Vuln ID : CVE-2023-26434

Publie le 2023-06-20T08:15:09.487

Derniere modification : 2023-06-20T13:03:08.293

Description :
When adding an external mail account, processing of POP3 "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue POP3 service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted POP3 server response to reasonable length/size. No publicly available exploits are known.

CVE ID: CVE-2023-26434

Source : security@open-xchange.com

Score CVSS : 4.3

References :
[{'url': 'https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json', 'source': 'security@open-xchange.com'}, {'url': 'https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf', 'source': 'security@open-xchange.com'}]


Vuln ID : CVE-2023-26435

Publie le 2023-06-20T08:15:09.547

Derniere modification : 2023-06-20T13:03:08.293

Description :
It was possible to call filesystem and network references using the local LibreOffice instance using manipulated ODT documents. Attackers could discover restricted network topology and services as well as including local files with read permissions of the open-xchange system user. This was limited to specific file-types, like images. We have improved existing content filters and validators to avoid including any local resources. No publicly available exploits are known.

CVE ID: CVE-2023-26435

Source : security@open-xchange.com

Score CVSS : 5.0

References :
[{'url': 'https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0002.json', 'source': 'security@open-xchange.com'}, {'url': 'https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6219_7.10.6_2023-03-20.pdf', 'source': 'security@open-xchange.com'}]


Vuln ID : CVE-2023-35878

Publie le 2023-06-20T08:15:09.670

Derniere modification : 2023-06-20T13:03:08.293

Description :
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Vadym K. Extra User Details plugin <= 0.5 versions.

CVE ID: CVE-2023-35878

Source : audit@patchstack.com

Score CVSS : 5.9

References :
[{'url': 'https://patchstack.com/database/vulnerability/extra-user-details/wordpress-extra-user-details-plugin-0-5-cross-site-scripting-xss-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}]


Vuln ID : CVE-2023-35882

Publie le 2023-06-20T08:15:09.733

Derniere modification : 2023-06-20T13:03:08.293

Description :
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Team Heateor Super Socializer plugin <= 7.13.52 versions.

CVE ID: CVE-2023-35882

Source : audit@patchstack.com

Score CVSS : 6.5

References :
[{'url': 'https://patchstack.com/database/vulnerability/super-socializer/wordpress-super-socializer-plugin-7-13-52-cross-site-scripting-xss-vulnerability?_s_id=cve', 'source': 'audit@patchstack.com'}]


Vuln ID : CVE-2023-1999

Publie le 2023-06-20T12:15:09.600

Derniere modification : 2023-06-20T13:03:08.293

Description :
There exists a use after free/double free in libwebp. An attacker can use the ApplyFiltersAndEncode() function and loop through to free best.bw and assign best = trial pointer. The second loop will then return 0 because of an Out of memory error in VP8 encoder, the pointer is still assigned to trial and the AddressSanitizer will attempt a double free.

CVE ID: CVE-2023-1999

Source : cve-coordination@google.com

Score CVSS : 5.3

References :
[{'url': 'https://chromium.googlesource.com/webm/libwebp', 'source': 'cve-coordination@google.com'}]

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.