Latest vulnerabilities [Friday, December 1, 2023]

Latest vulnerabilities [Friday, December 1, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 12/01/2023 at 11:57:01 PM

(3) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : usom.gov.tr

Vulnerability ID : CVE-2023-5634

First published on : 01-12-2023 14:15:07
Last modified on : 01-12-2023 14:49:03

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ArslanSoft Education Portal allows SQL Injection.This issue affects Education Portal: before v1.1.

CVE ID : CVE-2023-5634
Source : iletisim@usom.gov.tr
CVSS Score : 9.8

References :
https://www.usom.gov.tr/bildirim/tr-23-0670 | source : iletisim@usom.gov.tr

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5636

First published on : 01-12-2023 14:15:08
Last modified on : 01-12-2023 14:49:03

Description :
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection.This issue affects Education Portal: before v1.1.

CVE ID : CVE-2023-5636
Source : iletisim@usom.gov.tr
CVSS Score : 9.8

References :
https://www.usom.gov.tr/bildirim/tr-23-0670 | source : iletisim@usom.gov.tr

Vulnerability : CWE-434


Source : github.com

Vulnerability ID : CVE-2023-44382

First published on : 01-12-2023 22:15:09
Last modified on : 01-12-2023 22:15:09

Description :
October is a Content Management System (CMS) and web platform to assist with development workflow. An authenticated backend user with the `editor.cms_pages`, `editor.cms_layouts`, or `editor.cms_partials` permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to `cms.safe_mode` being enabled can write specific Twig code to escape the Twig sandbox and execute arbitrary PHP. This issue has been patched in 3.4.15.

CVE ID : CVE-2023-44382
Source : security-advisories@github.com
CVSS Score : 9.1

References :
https://github.com/octobercms/october/security/advisories/GHSA-p8q3-h652-65vx | source : security-advisories@github.com

Vulnerability : CWE-94


(9) HIGH VULNERABILITIES [7.0, 8.9]

Source : gitlab.com

Vulnerability ID : CVE-2023-6033

First published on : 01-12-2023 07:15:13
Last modified on : 01-12-2023 13:54:29

Description :
Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and 16.4 prior to 16.4.3 allows attacker to execute javascript in victim's browser.

CVE ID : CVE-2023-6033
Source : cve@gitlab.com
CVSS Score : 8.7

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/431201 | source : cve@gitlab.com
https://hackerone.com/reports/2236039 | source : cve@gitlab.com

Vulnerability : CWE-79


Source : huntr.dev

Vulnerability ID : CVE-2023-6461

First published on : 01-12-2023 14:15:08
Last modified on : 01-12-2023 14:49:03

Description :
Cross-site Scripting (XSS) - Reflected in GitHub repository viliusle/minipaint prior to 4.14.0.

CVE ID : CVE-2023-6461
Source : security@huntr.dev
CVSS Score : 8.6

References :
https://github.com/viliusle/minipaint/commit/f22cb46515c91b1071d48fff3e6c9b92c9b3878c | source : security@huntr.dev
https://huntr.com/bounties/9a97d163-1738-4a09-b284-a04716e69dd0 | source : security@huntr.dev

Vulnerability : CWE-79


Source : us.ibm.com

Vulnerability ID : CVE-2023-45168

First published on : 01-12-2023 15:15:07
Last modified on : 01-12-2023 15:15:07

Description :
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 267966.

CVE ID : CVE-2023-45168
Source : psirt@us.ibm.com
CVSS Score : 8.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/267966 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7086090 | source : psirt@us.ibm.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-42006

First published on : 01-12-2023 17:15:07
Last modified on : 01-12-2023 17:15:07

Description :
IBM Administration Runtime Expert for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information caused by improper authority checks. IBM X-Force ID: 265266.

CVE ID : CVE-2023-42006
Source : psirt@us.ibm.com
CVSS Score : 8.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265266 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7085891 | source : psirt@us.ibm.com


Vulnerability ID : CVE-2023-40699

First published on : 01-12-2023 21:15:07
Last modified on : 01-12-2023 21:15:07

Description :
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

CVE ID : CVE-2023-40699
Source : psirt@us.ibm.com
CVSS Score : 7.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265161 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067714 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Source : github.com

Vulnerability ID : CVE-2023-49277

First published on : 01-12-2023 21:15:08
Last modified on : 01-12-2023 21:15:08

Description :
dpaste is an open source pastebin application written in Python using the Django framework. A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary JavaScript code in the context of a user's browser, potentially leading to unauthorized access, data theft, or other malicious activities. Users are strongly advised to upgrade to dpaste release v3.8 or later versions, as dpaste versions older than v3.8 are susceptible to the identified security vulnerability. No known workarounds have been identified, and applying the patch is the most effective way to remediate the vulnerability.

CVE ID : CVE-2023-49277
Source : security-advisories@github.com
CVSS Score : 8.3

References :
https://github.com/DarrenOfficial/dpaste/commit/44a666a79b3b29ed4f340600bfcf55113bfb7086 | source : security-advisories@github.com
https://github.com/DarrenOfficial/dpaste/security/advisories/GHSA-r8j9-5cj7-cv39 | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-48314

First published on : 01-12-2023 22:15:10
Last modified on : 01-12-2023 22:15:10

Description :
Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online Built-in CODE Server app can be vulnerable to attack via proxy.php. This vulnerability has been fixed in Collabora Online - Built-in CODE Server (richdocumentscode) release 23.5.403. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-48314
Source : security-advisories@github.com
CVSS Score : 7.1

References :
https://github.com/CollaboraOnline/online/security/advisories/GHSA-qjrm-q4h5-v3r2 | source : security-advisories@github.com

Vulnerability : CWE-79


Source : usom.gov.tr

Vulnerability ID : CVE-2023-5635

First published on : 01-12-2023 14:15:08
Last modified on : 01-12-2023 14:49:03

Description :
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting.This issue affects Education Portal: before v1.1.

CVE ID : CVE-2023-5635
Source : iletisim@usom.gov.tr
CVSS Score : 7.5

References :
https://www.usom.gov.tr/bildirim/tr-23-0670 | source : iletisim@usom.gov.tr

Vulnerability : CWE-1320


Vulnerability ID : CVE-2023-5637

First published on : 01-12-2023 14:15:08
Last modified on : 01-12-2023 14:49:03

Description :
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable.This issue affects Education Portal: before v1.1.

CVE ID : CVE-2023-5637
Source : iletisim@usom.gov.tr
CVSS Score : 7.5

References :
https://www.usom.gov.tr/bildirim/tr-23-0670 | source : iletisim@usom.gov.tr

Vulnerability : CWE-434


(22) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : wordfence.com

Vulnerability ID : CVE-2023-6449

First published on : 01-12-2023 11:15:08
Last modified on : 01-12-2023 13:54:29

Description :
The Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'validate' function and insufficient blocklisting on the 'wpcf7_antiscript_file_name' function in versions up to, and including, 5.8.3. This makes it possible for authenticated attackers with editor-level capabilities or above to upload arbitrary files on the affected site's server, but due to the htaccess configuration, remote code cannot be executed in most cases. By default, the file will be deleted from the server immediately. However, in some cases, other plugins may make it possible for the file to live on the server longer. This can make remote code execution possible when combined with another vulnerability, such as local file inclusion.

CVE ID : CVE-2023-6449
Source : security@wordfence.com
CVSS Score : 6.6

References :
https://contactform7.com/2023/11/30/contact-form-7-584/ | source : security@wordfence.com
https://github.com/rocklobster-in/contact-form-7/compare/v5.8.3...v5.8.4 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/contact-form-7/tags/5.8.3/includes/formatting.php#L275 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3003556/contact-form-7 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/5d7fb020-6acb-445e-a46b-bdb5aaf8f2b6?source=cve | source : security@wordfence.com


Source : hitachienergy.com

Vulnerability ID : CVE-2023-4518

First published on : 01-12-2023 15:15:07
Last modified on : 01-12-2023 15:15:07

Description :
A vulnerability exists in the input validation of the GOOSE messages where out of range values received and processed by the IED caused a reboot of the device. In order for an attacker to exploit the vulnerability, goose receiving blocks need to be configured.

CVE ID : CVE-2023-4518
Source : cybersecurity@hitachienergy.com
CVSS Score : 6.5

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000170&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com

Vulnerability : CWE-20


Source : us.ibm.com

Vulnerability ID : CVE-2023-26024

First published on : 01-12-2023 19:15:07
Last modified on : 01-12-2023 19:15:07

Description :
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898.

CVE ID : CVE-2023-26024
Source : psirt@us.ibm.com
CVSS Score : 6.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/247898 | source : psirt@us.ibm.com
https://https://www.ibm.com/support/pages/node/7082784 | source : psirt@us.ibm.com

Vulnerability : CWE-327


Vulnerability ID : CVE-2023-42019

First published on : 01-12-2023 21:15:08
Last modified on : 01-12-2023 21:15:08

Description :
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

CVE ID : CVE-2023-42019
Source : psirt@us.ibm.com
CVSS Score : 5.9

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265569 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067719 | source : psirt@us.ibm.com

Vulnerability : CWE-311


Vulnerability ID : CVE-2023-43015

First published on : 01-12-2023 20:15:07
Last modified on : 01-12-2023 20:15:07

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064.

CVE ID : CVE-2023-43015
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/266064 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067704 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-42009

First published on : 01-12-2023 21:15:07
Last modified on : 01-12-2023 21:15:07

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265504.

CVE ID : CVE-2023-42009
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265504 | source : psirt@us.ibm.com
https://https://www.ibm.com/support/pages/node/7070755 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-42022

First published on : 01-12-2023 21:15:08
Last modified on : 01-12-2023 21:15:08

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938.

CVE ID : CVE-2023-42022
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265938 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7074335 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-46174

First published on : 01-12-2023 21:15:08
Last modified on : 01-12-2023 21:15:08

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506.

CVE ID : CVE-2023-46174
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/269506 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067717 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-43021

First published on : 01-12-2023 21:15:08
Last modified on : 01-12-2023 21:15:08

Description :
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167.

CVE ID : CVE-2023-43021
Source : psirt@us.ibm.com
CVSS Score : 5.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/266167 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7074317 | source : psirt@us.ibm.com

Vulnerability : CWE-209


Vulnerability ID : CVE-2023-38268

First published on : 01-12-2023 20:15:07
Last modified on : 01-12-2023 20:15:07

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585.

CVE ID : CVE-2023-38268
Source : psirt@us.ibm.com
CVSS Score : 4.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/260585 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067682 | source : psirt@us.ibm.com

Vulnerability : CWE-352


Source : github.com

Vulnerability ID : CVE-2023-49276

First published on : 01-12-2023 22:15:10
Last modified on : 01-12-2023 22:15:10

Description :
Uptime Kuma is an open source self-hosted monitoring tool. In affected versions the Google Analytics element in vulnerable to Attribute Injection leading to Cross-Site-Scripting (XSS). Since the custom status interface can set an independent Google Analytics ID and the template has not been sanitized, there is an attribute injection vulnerability here, which can lead to XSS attacks. This vulnerability has been addressed in commit `f28dccf4e` which is included in release version 1.23.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-49276
Source : security-advisories@github.com
CVSS Score : 6.3

References :
https://github.com/louislam/uptime-kuma/commit/f28dccf4e11f041564293e4f407e69ab9ee2277f | source : security-advisories@github.com
https://github.com/louislam/uptime-kuma/security/advisories/GHSA-v4v2-8h88-65qj | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-44402

First published on : 01-12-2023 22:15:09
Last modified on : 01-12-2023 22:15:09

Description :
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. This only impacts apps that have the `embeddedAsarIntegrityValidation` and `onlyLoadAppFromAsar` fuses enabled. Apps without these fuses enabled are not impacted. This issue is specific to macOS as these fuses are only currently supported on macOS. Specifically this issue can only be exploited if your app is launched from a filesystem the attacker has write access too. i.e. the ability to edit files inside the `.app` bundle on macOS which these fuses are supposed to protect against. There are no app side workarounds, you must update to a patched version of Electron.

CVE ID : CVE-2023-44402
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/electron/electron/pull/39788 | source : security-advisories@github.com
https://github.com/electron/electron/security/advisories/GHSA-7m48-wc93-9g85 | source : security-advisories@github.com
https://www.electronjs.org/docs/latest/tutorial/fuses | source : security-advisories@github.com

Vulnerability : CWE-345


Vulnerability ID : CVE-2023-44381

First published on : 01-12-2023 22:15:09
Last modified on : 01-12-2023 22:15:09

Description :
October is a Content Management System (CMS) and web platform to assist with development workflow. An authenticated backend user with the `editor.cms_pages`, `editor.cms_layouts`, or `editor.cms_partials` permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to `cms.safe_mode` being enabled can craft a special request to include PHP code in the CMS template. This issue has been patched in version 3.4.15.

CVE ID : CVE-2023-44381
Source : security-advisories@github.com
CVSS Score : 4.9

References :
https://github.com/octobercms/october/security/advisories/GHSA-q22j-5r3g-9hmh | source : security-advisories@github.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2023-46746

First published on : 01-12-2023 22:15:10
Last modified on : 01-12-2023 22:15:10

Description :
PostHog provides open-source product analytics, session recording, feature flagging and A/B testing that you can self-host. A server-side request forgery (SSRF), which can only be exploited by authenticated users, was found in Posthog. Posthog did not verify whether a URL was local when enabling webhooks, allowing authenticated users to forge a POST request. This vulnerability has been addressed in `22bd5942` and will be included in subsequent releases. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-46746
Source : security-advisories@github.com
CVSS Score : 4.8

References :
https://github.com/PostHog/posthog/commit/22bd5942638d5d9bc4bd603a9bfe8f8a95572292 | source : security-advisories@github.com
https://github.com/PostHog/posthog/security/advisories/GHSA-wqqw-r8c5-j67c | source : security-advisories@github.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-49281

First published on : 01-12-2023 22:15:10
Last modified on : 01-12-2023 22:15:10

Description :
Calendarinho is an open source calendaring application to manage large teams of consultants. An Open Redirect issue occurs when a web application redirects users to external URLs without proper validation. This can lead to phishing attacks, where users are tricked into visiting malicious sites, potentially leading to information theft and reputational damage to the website used for redirection. The problem is has been patched in commit `15b2393`. Users are advised to update to a commit after `15b2393`. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-49281
Source : security-advisories@github.com
CVSS Score : 4.7

References :
https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70 | source : security-advisories@github.com
https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e | source : security-advisories@github.com
https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed | source : security-advisories@github.com
https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj | source : security-advisories@github.com

Vulnerability : CWE-601


Source : gitlab.com

Vulnerability ID : CVE-2023-3949

First published on : 01-12-2023 07:15:08
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions starting from 11.3 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for unauthorized users to view a public projects' release descriptions via an atom endpoint when release access on the public was set to only project members.

CVE ID : CVE-2023-3949
Source : cve@gitlab.com
CVSS Score : 5.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/419664 | source : cve@gitlab.com
https://hackerone.com/reports/2079374 | source : cve@gitlab.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-5226

First published on : 01-12-2023 07:15:12
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafted branch name to manipulate repository content in the UI.

CVE ID : CVE-2023-5226
Source : cve@gitlab.com
CVSS Score : 4.8

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/426400 | source : cve@gitlab.com
https://hackerone.com/reports/2173053 | source : cve@gitlab.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2023-5995

First published on : 01-12-2023 07:15:13
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects.

CVE ID : CVE-2023-5995
Source : cve@gitlab.com
CVSS Score : 4.4

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/425361 | source : cve@gitlab.com
https://hackerone.com/reports/2138880 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-3964

First published on : 01-12-2023 07:15:09
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions starting from 13.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for users to access composer packages on public projects that have package registry disabled in the project settings.

CVE ID : CVE-2023-3964
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/419857 | source : cve@gitlab.com
https://hackerone.com/reports/2037316 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-4317

First published on : 01-12-2023 07:15:10
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a user with the Developer role to update a pipeline schedule from an unprotected branch to a protected branch.

CVE ID : CVE-2023-4317
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/421846 | source : cve@gitlab.com
https://hackerone.com/reports/2089517 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-4912

First published on : 01-12-2023 07:15:11
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 10.5 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to cause a client-side denial of service using malicious crafted mermaid diagram input.

CVE ID : CVE-2023-4912
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/424882 | source : cve@gitlab.com
https://hackerone.com/reports/2137421 | source : cve@gitlab.com

Vulnerability : CWE-400


Source : emc.com

Vulnerability ID : CVE-2023-43089

First published on : 01-12-2023 02:15:07
Last modified on : 01-12-2023 02:28:42

Description :
Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. A local malicious standard user could potentially exploit this vulnerability to modify the content of the policy file, leading to unauthorized access to resources.

CVE ID : CVE-2023-43089
Source : security_alert@emc.com
CVSS Score : 4.4

References :
https://www.dell.com/support/kbdoc/en-us/000218066/dsa-2023-371 | source : security_alert@emc.com

Vulnerability : CWE-284


(5) LOW VULNERABILITIES [0.1, 3.9]

Source : asrg.io

Vulnerability ID : CVE-2023-28895

First published on : 01-12-2023 14:15:07
Last modified on : 01-12-2023 14:49:03

Description :
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.

CVE ID : CVE-2023-28895
Source : cve@asrg.io
CVSS Score : 3.5

References :
https://asrg.io/security-advisories/hard-coded-password-for-access-to-power-controller-chip-memory/ | source : cve@asrg.io

Vulnerability : CWE-259


Vulnerability ID : CVE-2023-28896

First published on : 01-12-2023 14:15:07
Last modified on : 01-12-2023 14:49:03

Description :
Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.

CVE ID : CVE-2023-28896
Source : cve@asrg.io
CVSS Score : 3.3

References :
https://asrg.io/security-advisories/cve-2023-28896/ | source : cve@asrg.io

Vulnerability : CWE-261


Source : vuldb.com

Vulnerability ID : CVE-2023-6462

First published on : 01-12-2023 22:15:10
Last modified on : 01-12-2023 22:15:10

Description :
A vulnerability, which was classified as problematic, was found in SourceCodester User Registration and Login System 1.0. Affected is an unknown function of the file /endpoint/delete-user.php. The manipulation of the argument user leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246612.

CVE ID : CVE-2023-6462
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/qqisee/vulndis/blob/main/xss_delete_user.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.246612 | source : cna@vuldb.com
https://vuldb.com/?id.246612 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : gitlab.com

Vulnerability ID : CVE-2023-3443

First published on : 01-12-2023 07:15:07
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a Guest user to add an emoji on confidential work items.

CVE ID : CVE-2023-3443
Source : cve@gitlab.com
CVSS Score : 3.1

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/416497 | source : cve@gitlab.com
https://hackerone.com/reports/2036500 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-4658

First published on : 01-12-2023 07:15:10
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `Allowed to merge` permission as a guest user, when granted the permission through a group.

CVE ID : CVE-2023-4658
Source : cve@gitlab.com
CVSS Score : 3.1

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/423835 | source : cve@gitlab.com
https://hackerone.com/reports/2104540 | source : cve@gitlab.com

Vulnerability : CWE-284


(12) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-43453

First published on : 01-12-2023 02:15:07
Last modified on : 01-12-2023 02:28:42

Description :
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component.

CVE ID : CVE-2023-43453
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/2.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-43454

First published on : 01-12-2023 02:15:07
Last modified on : 01-12-2023 02:28:42

Description :
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component.

CVE ID : CVE-2023-43454
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/1.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-43455

First published on : 01-12-2023 02:15:07
Last modified on : 01-12-2023 02:28:42

Description :
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.

CVE ID : CVE-2023-43455
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/3.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48016

First published on : 01-12-2023 03:15:07
Last modified on : 01-12-2023 13:54:29

Description :
Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter.

CVE ID : CVE-2023-48016
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Serhatcck/cves/blob/main/CVE-2023-48016-restaurant-table-booking-system-SQLInjection.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45252

First published on : 01-12-2023 06:15:47
Last modified on : 01-12-2023 13:54:29

Description :
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.

CVE ID : CVE-2023-45252
Source : cve@mitre.org
CVSS Score : /

References :
https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-45253

First published on : 01-12-2023 06:15:47
Last modified on : 01-12-2023 13:54:29

Description :
An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library.

CVE ID : CVE-2023-45253
Source : cve@mitre.org
CVSS Score : /

References :
https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-49371

First published on : 01-12-2023 15:15:07
Last modified on : 01-12-2023 15:15:07

Description :
RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit.

CVE ID : CVE-2023-49371
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Maverickfir/RuoYi-v4.6-vulnerability/blob/main/Ruoyiv4.6.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48813

First published on : 01-12-2023 16:15:07
Last modified on : 01-12-2023 16:15:07

Description :
Senayan Library Management Systems (Slims) 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/fines_report.php.

CVE ID : CVE-2023-48813
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SQLI-fines_report.md | source : cve@mitre.org
https://github.com/slims/slims9_bulian/issues/217 | source : cve@mitre.org


Vulnerability ID : CVE-2023-48842

First published on : 01-12-2023 16:15:07
Last modified on : 01-12-2023 16:15:07

Description :
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi.

CVE ID : CVE-2023-48842
Source : cve@mitre.org
CVSS Score : /

References :
https://drive.google.com/file/d/1y5om__f2SAhNmcPqDxC_SRTvJVAWwPcH/view?usp=drive_link | source : cve@mitre.org


Vulnerability ID : CVE-2023-48893

First published on : 01-12-2023 16:15:07
Last modified on : 01-12-2023 16:15:07

Description :
Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/staff_act.php.

CVE ID : CVE-2023-48893
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Vuln0wned/slims_owned/blob/main/slims/slims9-bulian-9.6.1-SQLI-staff_act.md | source : cve@mitre.org
https://github.com/slims/slims9_bulian/issues/209 | source : cve@mitre.org


Source : 7168b535-132a-4efe-a076-338f829b2eb9

Vulnerability ID : CVE-2023-5915

First published on : 01-12-2023 07:15:12
Last modified on : 01-12-2023 13:54:29

Description :
A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet. While sending the packet, the maintenance homepage of the controller could not be accessed. Therefore, functions of the maintenance homepage, changing configuration, viewing logs, etc. are not available. But the controller’s operation is not stopped by the condition. The affected products and versions are as follows: STARDOM FCN/FCJ R1.01 to R4.31.

CVE ID : CVE-2023-5915
Source : 7168b535-132a-4efe-a076-338f829b2eb9
CVSS Score : /

References :
https://jvn.jp/vu/JVNVU95177889/index.html | source : 7168b535-132a-4efe-a076-338f829b2eb9
https://web-material3.yokogawa.com/1/35463/files/YSAR-23-0003-E.pdf | source : 7168b535-132a-4efe-a076-338f829b2eb9
https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-02 | source : 7168b535-132a-4efe-a076-338f829b2eb9

Vulnerability : CWE-400


Source : arm.com

Vulnerability ID : CVE-2023-5427

First published on : 01-12-2023 11:15:07
Last modified on : 01-12-2023 13:54:29

Description :
A local non-privileged user can make improper GPU processing operations to gain access to already freed memory.

CVE ID : CVE-2023-5427
Source : arm-security@arm.com
CVSS Score : /

References :
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | source : arm-security@arm.com

Vulnerability : CWE-416


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.