Latest vulnerabilities [Monday, December 4, 2023 + weekend]

Latest vulnerabilities [Monday, December 4, 2023 + weekend]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 12/04/2023 at 11:57:02 PM

(4) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : usom.gov.tr

Vulnerability ID : CVE-2023-5634

First published on : 01-12-2023 14:15:07
Last modified on : 01-12-2023 14:49:03

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ArslanSoft Education Portal allows SQL Injection.This issue affects Education Portal: before v1.1.

CVE ID : CVE-2023-5634
Source : iletisim@usom.gov.tr
CVSS Score : 9.8

References :
https://www.usom.gov.tr/bildirim/tr-23-0670 | source : iletisim@usom.gov.tr

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-5636

First published on : 01-12-2023 14:15:08
Last modified on : 01-12-2023 14:49:03

Description :
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Command Injection.This issue affects Education Portal: before v1.1.

CVE ID : CVE-2023-5636
Source : iletisim@usom.gov.tr
CVSS Score : 9.8

References :
https://www.usom.gov.tr/bildirim/tr-23-0670 | source : iletisim@usom.gov.tr

Vulnerability : CWE-434


Source : github.com

Vulnerability ID : CVE-2023-49093

First published on : 04-12-2023 05:15:07
Last modified on : 04-12-2023 13:48:34

Description :
HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. This vulnerability has been patched in version 3.9.0

CVE ID : CVE-2023-49093
Source : security-advisories@github.com
CVSS Score : 9.8

References :
https://github.com/HtmlUnit/htmlunit/security/advisories/GHSA-37vq-hr2f-g7h7 | source : security-advisories@github.com
https://www.htmlunit.org/changes-report.html#a3.9.0 | source : security-advisories@github.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2023-44382

First published on : 01-12-2023 22:15:09
Last modified on : 03-12-2023 16:37:34

Description :
October is a Content Management System (CMS) and web platform to assist with development workflow. An authenticated backend user with the `editor.cms_pages`, `editor.cms_layouts`, or `editor.cms_partials` permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to `cms.safe_mode` being enabled can write specific Twig code to escape the Twig sandbox and execute arbitrary PHP. This issue has been patched in 3.4.15.

CVE ID : CVE-2023-44382
Source : security-advisories@github.com
CVSS Score : 9.1

References :
https://github.com/octobercms/october/security/advisories/GHSA-p8q3-h652-65vx | source : security-advisories@github.com

Vulnerability : CWE-94


(21) HIGH VULNERABILITIES [7.0, 8.9]

Source : us.ibm.com

Vulnerability ID : CVE-2023-38268

First published on : 01-12-2023 20:15:07
Last modified on : 04-12-2023 18:33:51

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585.

CVE ID : CVE-2023-38268
Source : psirt@us.ibm.com
CVSS Score : 8.8

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/260585 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067682 | source : psirt@us.ibm.com

Vulnerability : CWE-352

Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*

Vulnerable product(s) : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


Vulnerability ID : CVE-2023-45168

First published on : 01-12-2023 15:15:07
Last modified on : 03-12-2023 16:37:37

Description :
IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the invscout command to execute arbitrary commands. IBM X-Force ID: 267966.

CVE ID : CVE-2023-45168
Source : psirt@us.ibm.com
CVSS Score : 8.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/267966 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7086090 | source : psirt@us.ibm.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-42006

First published on : 01-12-2023 17:15:07
Last modified on : 03-12-2023 16:37:34

Description :
IBM Administration Runtime Expert for i 7.2, 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information caused by improper authority checks. IBM X-Force ID: 265266.

CVE ID : CVE-2023-42006
Source : psirt@us.ibm.com
CVSS Score : 8.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265266 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7085891 | source : psirt@us.ibm.com


Vulnerability ID : CVE-2023-40699

First published on : 01-12-2023 21:15:07
Last modified on : 04-12-2023 18:33:32

Description :
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

CVE ID : CVE-2023-40699
Source : psirt@us.ibm.com
CVSS Score : 7.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265161 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067714 | source : psirt@us.ibm.com

Vulnerability : NVD-CWE-noinfo

Vulnerability : CWE-20

Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*

Vulnerable product(s) : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


Vulnerability ID : CVE-2023-38003

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 could allow a user with DATAACCESS privileges to execute routines that they should not have access to. IBM X-Force ID: 260214.

CVE ID : CVE-2023-38003
Source : psirt@us.ibm.com
CVSS Score : 7.2

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/260214 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7078681 | source : psirt@us.ibm.com


Source : emc.com

Vulnerability ID : CVE-2023-44304

First published on : 04-12-2023 09:15:36
Last modified on : 04-12-2023 13:48:34

Description :
Dell DM5500 contains a privilege escalation vulnerability in PPOE Component. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gain root access to the appliance.

CVE ID : CVE-2023-44304
Source : security_alert@emc.com
CVSS Score : 8.8

References :
https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-44302

First published on : 04-12-2023 09:15:36
Last modified on : 04-12-2023 13:48:34

Description :
Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access of resources or functionality that could possibly lead to execute arbitrary code.

CVE ID : CVE-2023-44302
Source : security_alert@emc.com
CVSS Score : 8.1

References :
https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-287


Vulnerability ID : CVE-2023-44305

First published on : 04-12-2023 09:15:36
Last modified on : 04-12-2023 13:48:34

Description :
Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in PPOE. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input dat

CVE ID : CVE-2023-44305
Source : security_alert@emc.com
CVSS Score : 8.1

References :
https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2023-39256

First published on : 02-12-2023 05:15:07
Last modified on : 03-12-2023 16:37:30

Description :
Dell Rugged Control Center, version prior to 4.7, contains an improper access control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder during product installation and upgrade, leading to privilege escalation on the system.

CVE ID : CVE-2023-39256
Source : security_alert@emc.com
CVSS Score : 7.3

References :
https://www.dell.com/support/kbdoc/en-us/000217705/dsa-2023-340 | source : security_alert@emc.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-39257

First published on : 02-12-2023 05:15:08
Last modified on : 03-12-2023 16:37:30

Description :
Dell Rugged Control Center, version prior to 4.7, contains an Improper Access Control vulnerability. A local malicious standard user could potentially exploit this vulnerability to modify the content in an unsecured folder when product installation repair is performed, leading to privilege escalation on the system.

CVE ID : CVE-2023-39257
Source : security_alert@emc.com
CVSS Score : 7.3

References :
https://www.dell.com/support/kbdoc/en-us/000217705/dsa-2023-340 | source : security_alert@emc.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-44291

First published on : 04-12-2023 09:15:35
Last modified on : 04-12-2023 13:48:34

Description :
Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in PPOE component. A remote attacker with high privileges could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the underlying OS, with the privileges of the vulnerable application. Exploitation may lead to a system take over by an attacker.

CVE ID : CVE-2023-44291
Source : security_alert@emc.com
CVSS Score : 7.2

References :
https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-78


Source : gitlab.com

Vulnerability ID : CVE-2023-6033

First published on : 01-12-2023 07:15:13
Last modified on : 01-12-2023 13:54:29

Description :
Improper neutralization of input in Jira integration configuration in GitLab CE/EE, affecting all versions from 15.10 prior to 16.6.1, 16.5 prior to 16.5.3, and 16.4 prior to 16.4.3 allows attacker to execute javascript in victim's browser.

CVE ID : CVE-2023-6033
Source : cve@gitlab.com
CVSS Score : 8.7

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/431201 | source : cve@gitlab.com
https://hackerone.com/reports/2236039 | source : cve@gitlab.com

Vulnerability : CWE-79


Source : huntr.dev

Vulnerability ID : CVE-2023-6461

First published on : 01-12-2023 14:15:08
Last modified on : 01-12-2023 14:49:03

Description :
Cross-site Scripting (XSS) - Reflected in GitHub repository viliusle/minipaint prior to 4.14.0.

CVE ID : CVE-2023-6461
Source : security@huntr.dev
CVSS Score : 8.6

References :
https://github.com/viliusle/minipaint/commit/f22cb46515c91b1071d48fff3e6c9b92c9b3878c | source : security@huntr.dev
https://huntr.com/bounties/9a97d163-1738-4a09-b284-a04716e69dd0 | source : security@huntr.dev

Vulnerability : CWE-79


Source : github.com

Vulnerability ID : CVE-2023-49277

First published on : 01-12-2023 21:15:08
Last modified on : 03-12-2023 16:37:34

Description :
dpaste is an open source pastebin application written in Python using the Django framework. A security vulnerability has been identified in the expires parameter of the dpaste API, allowing for a POST Reflected XSS attack. This vulnerability can be exploited by an attacker to execute arbitrary JavaScript code in the context of a user's browser, potentially leading to unauthorized access, data theft, or other malicious activities. Users are strongly advised to upgrade to dpaste release v3.8 or later versions, as dpaste versions older than v3.8 are susceptible to the identified security vulnerability. No known workarounds have been identified, and applying the patch is the most effective way to remediate the vulnerability.

CVE ID : CVE-2023-49277
Source : security-advisories@github.com
CVSS Score : 8.3

References :
https://github.com/DarrenOfficial/dpaste/commit/44a666a79b3b29ed4f340600bfcf55113bfb7086 | source : security-advisories@github.com
https://github.com/DarrenOfficial/dpaste/security/advisories/GHSA-r8j9-5cj7-cv39 | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-49287

First published on : 04-12-2023 06:15:07
Last modified on : 04-12-2023 16:15:11

Description :
TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6.

CVE ID : CVE-2023-49287
Source : security-advisories@github.com
CVSS Score : 7.7

References :
http://packetstormsecurity.com/files/176060/TinyDir-1.2.5-Buffer-Overflow.html | source : security-advisories@github.com
http://www.openwall.com/lists/oss-security/2023/12/04/1 | source : security-advisories@github.com
https://github.com/cxong/tinydir/releases/tag/1.2.6 | source : security-advisories@github.com
https://github.com/cxong/tinydir/security/advisories/GHSA-jf5r-wgf4-qhxf | source : security-advisories@github.com

Vulnerability : CWE-120
Vulnerability : CWE-121


Vulnerability ID : CVE-2023-47633

First published on : 04-12-2023 21:15:34
Last modified on : 04-12-2023 21:15:34

Description :
Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-47633
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/traefik/traefik/releases/tag/v2.10.6 | source : security-advisories@github.com
https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 | source : security-advisories@github.com
https://github.com/traefik/traefik/security/advisories/GHSA-6fwg-jrfw-ff7p | source : security-advisories@github.com

Vulnerability : CWE-400


Vulnerability ID : CVE-2023-48314

First published on : 01-12-2023 22:15:10
Last modified on : 03-12-2023 16:37:34

Description :
Collabora Online is a collaborative online office suite based on LibreOffice technology. Users of Nextcloud with Collabora Online Built-in CODE Server app can be vulnerable to attack via proxy.php. This vulnerability has been fixed in Collabora Online - Built-in CODE Server (richdocumentscode) release 23.5.403. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-48314
Source : security-advisories@github.com
CVSS Score : 7.1

References :
https://github.com/CollaboraOnline/online/security/advisories/GHSA-qjrm-q4h5-v3r2 | source : security-advisories@github.com

Vulnerability : CWE-79


Source : usom.gov.tr

Vulnerability ID : CVE-2023-5635

First published on : 01-12-2023 14:15:08
Last modified on : 01-12-2023 14:49:03

Description :
Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ArslanSoft Education Portal allows Account Footprinting.This issue affects Education Portal: before v1.1.

CVE ID : CVE-2023-5635
Source : iletisim@usom.gov.tr
CVSS Score : 7.5

References :
https://www.usom.gov.tr/bildirim/tr-23-0670 | source : iletisim@usom.gov.tr

Vulnerability : CWE-1320


Vulnerability ID : CVE-2023-5637

First published on : 01-12-2023 14:15:08
Last modified on : 01-12-2023 14:49:03

Description :
Unrestricted Upload of File with Dangerous Type vulnerability in ArslanSoft Education Portal allows Read Sensitive Strings Within an Executable.This issue affects Education Portal: before v1.1.

CVE ID : CVE-2023-5637
Source : iletisim@usom.gov.tr
CVSS Score : 7.5

References :
https://www.usom.gov.tr/bildirim/tr-23-0670 | source : iletisim@usom.gov.tr

Vulnerability : CWE-434


Source : vuldb.com

Vulnerability ID : CVE-2020-36768

First published on : 03-12-2023 11:15:08
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability was found in rl-institut NESP2 Initial Release/1.0. It has been classified as critical. Affected is an unknown function of the file app/database.py. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The patch is identified as 07c0cdf36cf6a4345086d07b54423723a496af5e. It is recommended to apply a patch to fix this issue. VDB-246642 is the identifier assigned to this vulnerability.

CVE ID : CVE-2020-36768
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://github.com/rl-institut/NESP2/commit/07c0cdf36cf6a4345086d07b54423723a496af5e | source : cna@vuldb.com
https://github.com/rl-institut/NESP2/issues/334 | source : cna@vuldb.com
https://github.com/rl-institut/NESP2/pull/333 | source : cna@vuldb.com
https://vuldb.com/?ctiid.246642 | source : cna@vuldb.com
https://vuldb.com/?id.246642 | source : cna@vuldb.com

Vulnerability : CWE-89


Source : ncsc.ch

Vulnerability ID : CVE-2023-6481

First published on : 04-12-2023 09:15:37
Last modified on : 04-12-2023 13:48:34

Description :
A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data.

CVE ID : CVE-2023-6481
Source : vulnerability@ncsc.ch
CVSS Score : 7.1

References :
https://logback.qos.ch/news.html#1.3.12 | source : vulnerability@ncsc.ch
https://logback.qos.ch/news.html#1.3.14 | source : vulnerability@ncsc.ch


(40) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : wordfence.com

Vulnerability ID : CVE-2023-6449

First published on : 01-12-2023 11:15:08
Last modified on : 01-12-2023 13:54:29

Description :
The Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'validate' function and insufficient blocklisting on the 'wpcf7_antiscript_file_name' function in versions up to, and including, 5.8.3. This makes it possible for authenticated attackers with editor-level capabilities or above to upload arbitrary files on the affected site's server, but due to the htaccess configuration, remote code cannot be executed in most cases. By default, the file will be deleted from the server immediately. However, in some cases, other plugins may make it possible for the file to live on the server longer. This can make remote code execution possible when combined with another vulnerability, such as local file inclusion.

CVE ID : CVE-2023-6449
Source : security@wordfence.com
CVSS Score : 6.6

References :
https://contactform7.com/2023/11/30/contact-form-7-584/ | source : security@wordfence.com
https://github.com/rocklobster-in/contact-form-7/compare/v5.8.3...v5.8.4 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/contact-form-7/tags/5.8.3/includes/formatting.php#L275 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3003556/contact-form-7 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/5d7fb020-6acb-445e-a46b-bdb5aaf8f2b6?source=cve | source : security@wordfence.com


Source : hitachienergy.com

Vulnerability ID : CVE-2023-4518

First published on : 01-12-2023 15:15:07
Last modified on : 03-12-2023 16:37:37

Description :
A vulnerability exists in the input validation of the GOOSE messages where out of range values received and processed by the IED caused a reboot of the device. In order for an attacker to exploit the vulnerability, goose receiving blocks need to be configured.

CVE ID : CVE-2023-4518
Source : cybersecurity@hitachienergy.com
CVSS Score : 6.5

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000170&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-5767

First published on : 04-12-2023 15:15:07
Last modified on : 04-12-2023 17:16:41

Description :
A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to an RDT language file being improperly sanitized.

CVE ID : CVE-2023-5767
Source : cybersecurity@hitachienergy.com
CVSS Score : 6.0

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com


Vulnerability ID : CVE-2023-5768

First published on : 04-12-2023 15:15:07
Last modified on : 04-12-2023 17:16:41

Description :
A vulnerability exists in the HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Incomplete or wrong received APDU frame layout may cause blocking on link layer. Error reason was an endless blocking when reading incoming frames on link layer with wrong length information of APDU or delayed reception of data octets. Only communication link of affected HCI IEC 60870-5-104 is blocked. If attack sequence stops the communication to the previously attacked link gets normal again.

CVE ID : CVE-2023-5768
Source : cybersecurity@hitachienergy.com
CVSS Score : 5.9

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000176&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com


Source : us.ibm.com

Vulnerability ID : CVE-2023-26024

First published on : 01-12-2023 19:15:07
Last modified on : 03-12-2023 16:37:34

Description :
IBM Planning Analytics on Cloud Pak for Data 4.0 could allow an attacker on a shared network to obtain sensitive information caused by insecure network communication. IBM X-Force ID: 247898.

CVE ID : CVE-2023-26024
Source : psirt@us.ibm.com
CVSS Score : 6.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/247898 | source : psirt@us.ibm.com
https://https://www.ibm.com/support/pages/node/7082784 | source : psirt@us.ibm.com

Vulnerability : CWE-327


Vulnerability ID : CVE-2023-45178

First published on : 03-12-2023 18:15:42
Last modified on : 04-12-2023 02:58:50

Description :
IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 CLI is vulnerable to a denial of service when a specially crafted request is used. IBM X-Force ID: 268073.

CVE ID : CVE-2023-45178
Source : psirt@us.ibm.com
CVSS Score : 6.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/268073 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7087207 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-47701

First published on : 04-12-2023 01:15:12
Last modified on : 04-12-2023 02:58:50

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166.

CVE ID : CVE-2023-47701
Source : psirt@us.ibm.com
CVSS Score : 6.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/266166 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7087180 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-42019

First published on : 01-12-2023 21:15:08
Last modified on : 04-12-2023 18:32:49

Description :
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

CVE ID : CVE-2023-42019
Source : psirt@us.ibm.com
CVSS Score : 5.9

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265569 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067719 | source : psirt@us.ibm.com

Vulnerability : CWE-311

Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*

Vulnerable product(s) : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


Vulnerability ID : CVE-2023-40692

First published on : 04-12-2023 00:15:07
Last modified on : 04-12-2023 02:58:50

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, 11.5 is vulnerable to denial of service under extreme stress conditions. IBM X-Force ID: 264807.

CVE ID : CVE-2023-40692
Source : psirt@us.ibm.com
CVSS Score : 5.9

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/264807 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7087157 | source : psirt@us.ibm.com

Vulnerability : CWE-400


Vulnerability ID : CVE-2023-46167

First published on : 04-12-2023 01:15:12
Last modified on : 04-12-2023 02:58:50

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367.

CVE ID : CVE-2023-46167
Source : psirt@us.ibm.com
CVSS Score : 5.9

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/269367 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7087203 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-43015

First published on : 01-12-2023 20:15:07
Last modified on : 04-12-2023 18:33:42

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064.

CVE ID : CVE-2023-43015
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/266064 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067704 | source : psirt@us.ibm.com

Vulnerability : CWE-79

Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*

Vulnerable product(s) : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


Vulnerability ID : CVE-2023-42009

First published on : 01-12-2023 21:15:07
Last modified on : 04-12-2023 18:33:10

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265504.

CVE ID : CVE-2023-42009
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265504 | source : psirt@us.ibm.com
https://https://www.ibm.com/support/pages/node/7070755 | source : psirt@us.ibm.com

Vulnerability : CWE-79

Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*

Vulnerable product(s) : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


Vulnerability ID : CVE-2023-42022

First published on : 01-12-2023 21:15:08
Last modified on : 04-12-2023 18:32:03

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938.

CVE ID : CVE-2023-42022
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/265938 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7074335 | source : psirt@us.ibm.com

Vulnerability : CWE-79

Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*

Vulnerable product(s) : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


Vulnerability ID : CVE-2023-46174

First published on : 01-12-2023 21:15:08
Last modified on : 04-12-2023 18:31:04

Description :
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506.

CVE ID : CVE-2023-46174
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/269506 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7067717 | source : psirt@us.ibm.com

Vulnerability : CWE-79

Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*

Vulnerable product(s) : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


Vulnerability ID : CVE-2023-43021

First published on : 01-12-2023 21:15:08
Last modified on : 04-12-2023 18:31:26

Description :
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167.

CVE ID : CVE-2023-43021
Source : psirt@us.ibm.com
CVSS Score : 5.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/266167 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7074317 | source : psirt@us.ibm.com

Vulnerability : CWE-209

Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ibm:infosphere_information_server:*:*:*:*:on_cloud:*:*:*

Vulnerable product(s) : cpe:2.3:o:ibm:aix:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*


Vulnerability ID : CVE-2023-29258

First published on : 04-12-2023 02:15:06
Last modified on : 04-12-2023 02:58:50

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048.

CVE ID : CVE-2023-29258
Source : psirt@us.ibm.com
CVSS Score : 5.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/252048 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7087218 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-38727

First published on : 04-12-2023 02:15:06
Last modified on : 04-12-2023 02:58:50

Description :
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257.

CVE ID : CVE-2023-38727
Source : psirt@us.ibm.com
CVSS Score : 5.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/262257 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7087143 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-40687

First published on : 04-12-2023 02:15:07
Last modified on : 04-12-2023 02:58:50

Description :
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809.

CVE ID : CVE-2023-40687
Source : psirt@us.ibm.com
CVSS Score : 5.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/264809 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7087149 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Source : emc.com

Vulnerability ID : CVE-2023-44306

First published on : 04-12-2023 09:15:37
Last modified on : 04-12-2023 13:48:34

Description :
Dell DM5500 contains a path traversal vulnerability in PPOE Component. A remote attacker with high privileges could potentially exploit this vulnerability to overwrite the files stored on the server filesystem.

CVE ID : CVE-2023-44306
Source : security_alert@emc.com
CVSS Score : 6.5

References :
https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-44300

First published on : 04-12-2023 09:15:35
Last modified on : 04-12-2023 13:48:34

Description :
Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in PPOE. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.

CVE ID : CVE-2023-44300
Source : security_alert@emc.com
CVSS Score : 5.5

References :
https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-256


Vulnerability ID : CVE-2023-44301

First published on : 04-12-2023 09:15:36
Last modified on : 04-12-2023 13:48:34

Description :
Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. A network attacker with low privileges could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScript code in a victim user's web browser in the context of the vulnerable web application. Exploitation may lead to information disclosure, session theft, or client-side request forgery.

CVE ID : CVE-2023-44301
Source : security_alert@emc.com
CVSS Score : 5.4

References :
https://www.dell.com/support/kbdoc/en-us/000220107/dsa-2023-425-security-update-for-dell-powerprotect-data-manager-dm5500-appliance-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-43089

First published on : 01-12-2023 02:15:07
Last modified on : 01-12-2023 02:28:42

Description :
Dell Rugged Control Center, version prior to 4.7, contains insufficient protection for the Policy folder. A local malicious standard user could potentially exploit this vulnerability to modify the content of the policy file, leading to unauthorized access to resources.

CVE ID : CVE-2023-43089
Source : security_alert@emc.com
CVSS Score : 4.4

References :
https://www.dell.com/support/kbdoc/en-us/000218066/dsa-2023-371 | source : security_alert@emc.com

Vulnerability : CWE-284


Source : github.com

Vulnerability ID : CVE-2023-49276

First published on : 01-12-2023 22:15:10
Last modified on : 03-12-2023 16:37:34

Description :
Uptime Kuma is an open source self-hosted monitoring tool. In affected versions the Google Analytics element in vulnerable to Attribute Injection leading to Cross-Site-Scripting (XSS). Since the custom status interface can set an independent Google Analytics ID and the template has not been sanitized, there is an attribute injection vulnerability here, which can lead to XSS attacks. This vulnerability has been addressed in commit `f28dccf4e` which is included in release version 1.23.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-49276
Source : security-advisories@github.com
CVSS Score : 6.3

References :
https://github.com/louislam/uptime-kuma/commit/f28dccf4e11f041564293e4f407e69ab9ee2277f | source : security-advisories@github.com
https://github.com/louislam/uptime-kuma/security/advisories/GHSA-v4v2-8h88-65qj | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-44402

First published on : 01-12-2023 22:15:09
Last modified on : 03-12-2023 16:37:34

Description :
Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. This only impacts apps that have the `embeddedAsarIntegrityValidation` and `onlyLoadAppFromAsar` fuses enabled. Apps without these fuses enabled are not impacted. This issue is specific to macOS as these fuses are only currently supported on macOS. Specifically this issue can only be exploited if your app is launched from a filesystem the attacker has write access too. i.e. the ability to edit files inside the `.app` bundle on macOS which these fuses are supposed to protect against. There are no app side workarounds, you must update to a patched version of Electron.

CVE ID : CVE-2023-44402
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/electron/electron/pull/39788 | source : security-advisories@github.com
https://github.com/electron/electron/security/advisories/GHSA-7m48-wc93-9g85 | source : security-advisories@github.com
https://www.electronjs.org/docs/latest/tutorial/fuses | source : security-advisories@github.com

Vulnerability : CWE-345


Vulnerability ID : CVE-2023-47124

First published on : 04-12-2023 21:15:33
Last modified on : 04-12-2023 21:15:33

Description :
Traefik is an open source HTTP reverse proxy and load balancer. When Traefik is configured to use the `HTTPChallenge` to generate and renew the Let's Encrypt TLS certificates, the delay authorized to solve the challenge (50 seconds) can be exploited by attackers to achieve a `slowloris attack`. This vulnerability has been patch in version 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. Users unable to upgrade should replace the `HTTPChallenge` with the `TLSChallenge` or the `DNSChallenge`.

CVE ID : CVE-2023-47124
Source : security-advisories@github.com
CVSS Score : 5.9

References :
https://doc.traefik.io/traefik/https/acme/#dnschallenge | source : security-advisories@github.com
https://doc.traefik.io/traefik/https/acme/#httpchallenge | source : security-advisories@github.com
https://doc.traefik.io/traefik/https/acme/#tlschallenge | source : security-advisories@github.com
https://github.com/traefik/traefik/releases/tag/v2.10.6 | source : security-advisories@github.com
https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 | source : security-advisories@github.com
https://github.com/traefik/traefik/security/advisories/GHSA-8g85-whqh-cr2f | source : security-advisories@github.com
ttps://www.cloudflare.com/learning/ddos/ddos-attack-tools/slowloris/ | source : security-advisories@github.com

Vulnerability : CWE-772


Vulnerability ID : CVE-2023-44381

First published on : 01-12-2023 22:15:09
Last modified on : 03-12-2023 16:37:34

Description :
October is a Content Management System (CMS) and web platform to assist with development workflow. An authenticated backend user with the `editor.cms_pages`, `editor.cms_layouts`, or `editor.cms_partials` permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to `cms.safe_mode` being enabled can craft a special request to include PHP code in the CMS template. This issue has been patched in version 3.4.15.

CVE ID : CVE-2023-44381
Source : security-advisories@github.com
CVSS Score : 4.9

References :
https://github.com/octobercms/october/security/advisories/GHSA-q22j-5r3g-9hmh | source : security-advisories@github.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2023-46746

First published on : 01-12-2023 22:15:10
Last modified on : 03-12-2023 16:37:34

Description :
PostHog provides open-source product analytics, session recording, feature flagging and A/B testing that you can self-host. A server-side request forgery (SSRF), which can only be exploited by authenticated users, was found in Posthog. Posthog did not verify whether a URL was local when enabling webhooks, allowing authenticated users to forge a POST request. This vulnerability has been addressed in `22bd5942` and will be included in subsequent releases. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-46746
Source : security-advisories@github.com
CVSS Score : 4.8

References :
https://github.com/PostHog/posthog/commit/22bd5942638d5d9bc4bd603a9bfe8f8a95572292 | source : security-advisories@github.com
https://github.com/PostHog/posthog/security/advisories/GHSA-wqqw-r8c5-j67c | source : security-advisories@github.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-47106

First published on : 04-12-2023 21:15:33
Last modified on : 04-12-2023 21:15:33

Description :
Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path and the query. When this is combined with another frontend proxy like Nginx, it can be used to bypass frontend proxy URI-based access control restrictions. This vulnerability has been addressed in versions 2.10.6 and 3.0.0-beta5. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-47106
Source : security-advisories@github.com
CVSS Score : 4.8

References :
https://datatracker.ietf.org/doc/html/rfc7230#section-5.3.1 | source : security-advisories@github.com
https://github.com/traefik/traefik/releases/tag/v2.10.6 | source : security-advisories@github.com
https://github.com/traefik/traefik/releases/tag/v3.0.0-beta5 | source : security-advisories@github.com
https://github.com/traefik/traefik/security/advisories/GHSA-fvhj-4qfh-q2hm | source : security-advisories@github.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-49281

First published on : 01-12-2023 22:15:10
Last modified on : 03-12-2023 16:37:30

Description :
Calendarinho is an open source calendaring application to manage large teams of consultants. An Open Redirect issue occurs when a web application redirects users to external URLs without proper validation. This can lead to phishing attacks, where users are tricked into visiting malicious sites, potentially leading to information theft and reputational damage to the website used for redirection. The problem is has been patched in commit `15b2393`. Users are advised to update to a commit after `15b2393`. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-49281
Source : security-advisories@github.com
CVSS Score : 4.7

References :
https://github.com/Cainor/Calendarinho/commit/15b2393efd69101727d27a4e710880ce46e84d70 | source : security-advisories@github.com
https://github.com/Cainor/Calendarinho/commit/9a0174bef939565a76cbe7762996ecddca9ba55e | source : security-advisories@github.com
https://github.com/Cainor/Calendarinho/commit/c77defeb0103c1f7a4709799b8751aaeb0d09eed | source : security-advisories@github.com
https://github.com/Cainor/Calendarinho/security/advisories/GHSA-g2gp-x888-6xrj | source : security-advisories@github.com

Vulnerability : CWE-601


Source : vuldb.com

Vulnerability ID : CVE-2023-6464

First published on : 02-12-2023 09:15:42
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability was found in SourceCodester User Registration and Login System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument user leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-246614 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-6464
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/qqisee/vulndis/blob/main/sqlInjection_delete_user.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.246614 | source : cna@vuldb.com
https://vuldb.com/?id.246614 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-6465

First published on : 02-12-2023 12:15:06
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as problematic. This affects an unknown part of the file registered-user-testing.php. The manipulation of the argument regmobilenumber leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246615.

CVE ID : CVE-2023-6465
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/dhabaleshwar/niv_testing_reflectedxss/blob/main/exploit.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.246615 | source : cna@vuldb.com
https://vuldb.com/?id.246615 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-6474

First published on : 03-12-2023 00:15:07
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability has been found in PHPGurukul Nipah Virus Testing Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file manage-phlebotomist.php. The manipulation of the argument pid leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246640.

CVE ID : CVE-2023-6474
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/dhabaleshwar/niv_testing_csrf/blob/main/exploit.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.246640 | source : cna@vuldb.com
https://vuldb.com/?id.246640 | source : cna@vuldb.com

Vulnerability : CWE-352


Source : gitlab.com

Vulnerability ID : CVE-2023-5332

First published on : 04-12-2023 07:15:07
Last modified on : 04-12-2023 13:48:34

Description :
Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only affects GitLab-EE.

CVE ID : CVE-2023-5332
Source : cve@gitlab.com
CVSS Score : 5.9

References :
https://gitlab.com/gitlab-org/omnibus-gitlab/-/issues/8171 | source : cve@gitlab.com
https://www.hashicorp.com/blog/protecting-consul-from-rce-risk-in-specific-configurations | source : cve@gitlab.com

Vulnerability : CWE-16


Vulnerability ID : CVE-2023-3949

First published on : 01-12-2023 07:15:08
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions starting from 11.3 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for unauthorized users to view a public projects' release descriptions via an atom endpoint when release access on the public was set to only project members.

CVE ID : CVE-2023-3949
Source : cve@gitlab.com
CVSS Score : 5.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/419664 | source : cve@gitlab.com
https://hackerone.com/reports/2079374 | source : cve@gitlab.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-5226

First published on : 01-12-2023 07:15:12
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. Under certain circumstances, a malicious actor bypass prohibited branch checks using a specially crafted branch name to manipulate repository content in the UI.

CVE ID : CVE-2023-5226
Source : cve@gitlab.com
CVSS Score : 4.8

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/426400 | source : cve@gitlab.com
https://hackerone.com/reports/2173053 | source : cve@gitlab.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2023-5995

First published on : 01-12-2023 07:15:13
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 16.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the policy bot to gain access to internal projects.

CVE ID : CVE-2023-5995
Source : cve@gitlab.com
CVSS Score : 4.4

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/425361 | source : cve@gitlab.com
https://hackerone.com/reports/2138880 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-3964

First published on : 01-12-2023 07:15:09
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions starting from 13.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for users to access composer packages on public projects that have package registry disabled in the project settings.

CVE ID : CVE-2023-3964
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/419857 | source : cve@gitlab.com
https://hackerone.com/reports/2037316 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-4317

First published on : 01-12-2023 07:15:10
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions starting from 9.2 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a user with the Developer role to update a pipeline schedule from an unprotected branch to a protected branch.

CVE ID : CVE-2023-4317
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/421846 | source : cve@gitlab.com
https://hackerone.com/reports/2089517 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-4912

First published on : 01-12-2023 07:15:11
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 10.5 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to cause a client-side denial of service using malicious crafted mermaid diagram input.

CVE ID : CVE-2023-4912
Source : cve@gitlab.com
CVSS Score : 4.3

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/424882 | source : cve@gitlab.com
https://hackerone.com/reports/2137421 | source : cve@gitlab.com

Vulnerability : CWE-400


Source : google.com

Vulnerability ID : CVE-2023-6460

First published on : 04-12-2023 13:15:07
Last modified on : 04-12-2023 13:48:34

Description :
A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially exposing it to anyone with logs read access. We recommend upgrading to version 6.1.0 to avoid this issue

CVE ID : CVE-2023-6460
Source : cve-coordination@google.com
CVSS Score : 4.0

References :
https://github.com/googleapis/nodejs-firestore/pull/1742 | source : cve-coordination@google.com

Vulnerability : CWE-922


(13) LOW VULNERABILITIES [0.1, 3.9]

Source : asrg.io

Vulnerability ID : CVE-2023-28895

First published on : 01-12-2023 14:15:07
Last modified on : 01-12-2023 14:49:03

Description :
The password for access to the debugging console of the PoWer Controller chip (PWC) of the MIB3 infotainment is hard-coded in the firmware. The console allows attackers with physical access to the MIB3 unit to gain full control over the PWC chip. Vulnerability found on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.

CVE ID : CVE-2023-28895
Source : cve@asrg.io
CVSS Score : 3.5

References :
https://asrg.io/security-advisories/hard-coded-password-for-access-to-power-controller-chip-memory/ | source : cve@asrg.io

Vulnerability : CWE-259


Vulnerability ID : CVE-2023-28896

First published on : 01-12-2023 14:15:07
Last modified on : 01-12-2023 14:49:03

Description :
Access to critical Unified Diagnostics Services (UDS) of the Modular Infotainment Platform 3 (MIB3) infotainment is transmitted via Controller Area Network (CAN) bus in a form that can be easily decoded by attackers with physical access to the vehicle. Vulnerability discovered on Škoda Superb III (3V3) - 2.0 TDI manufactured in 2022.

CVE ID : CVE-2023-28896
Source : cve@asrg.io
CVSS Score : 3.3

References :
https://asrg.io/security-advisories/cve-2023-28896/ | source : cve@asrg.io

Vulnerability : CWE-261


Source : vuldb.com

Vulnerability ID : CVE-2023-6462

First published on : 01-12-2023 22:15:10
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability, which was classified as problematic, was found in SourceCodester User Registration and Login System 1.0. Affected is an unknown function of the file /endpoint/delete-user.php. The manipulation of the argument user leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246612.

CVE ID : CVE-2023-6462
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/qqisee/vulndis/blob/main/xss_delete_user.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.246612 | source : cna@vuldb.com
https://vuldb.com/?id.246612 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-6463

First published on : 01-12-2023 23:15:08
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability has been found in SourceCodester User Registration and Login System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /endpoint/add-user.php. The manipulation of the argument first_name leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246613 was assigned to this vulnerability.

CVE ID : CVE-2023-6463
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/qqisee/vulndis/blob/main/xss_add_user.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.246613 | source : cna@vuldb.com
https://vuldb.com/?id.246613 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-6466

First published on : 02-12-2023 14:15:07
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been declared as problematic. This vulnerability affects unknown code of the file /planet of the component User Comment Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246616.

CVE ID : CVE-2023-6466
Source : cna@vuldb.com
CVSS Score : 3.5

References :
http://39.106.130.187/ | source : cna@vuldb.com
https://vuldb.com/?ctiid.246616 | source : cna@vuldb.com
https://vuldb.com/?id.246616 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-6473

First published on : 02-12-2023 21:15:07
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability, which was classified as problematic, was found in SourceCodester Online Quiz System 1.0. This affects an unknown part of the file take-quiz.php. The manipulation of the argument quiz_taker/year_section leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-246639.

CVE ID : CVE-2023-6473
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.246639 | source : cna@vuldb.com
https://vuldb.com/?id.246639 | source : cna@vuldb.com
https://www.yuque.com/u39339523/el4dxs/mmvgxz2hgb5na0aw | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2018-25094

First published on : 03-12-2023 11:15:07
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability was found in ???????????????? Online Accounting System up to 1.4.0 and classified as problematic. This issue affects some unknown processing of the file ckeditor/filemanager/browser/default/image.php. The manipulation of the argument fid with the input ../../../etc/passwd leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. Upgrading to version 2.0.0 is able to address this issue. The identifier of the patch is 9d9618422b980335bb30be612ea90f4f56cb992c. It is recommended to upgrade the affected component. The identifier VDB-246641 was assigned to this vulnerability.

CVE ID : CVE-2018-25094
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/59160781/project/commit/9d9618422b980335bb30be612ea90f4f56cb992c | source : cna@vuldb.com
https://vuldb.com/?ctiid.246641 | source : cna@vuldb.com
https://vuldb.com/?id.246641 | source : cna@vuldb.com

Vulnerability : CWE-24


Vulnerability ID : CVE-2022-4957

First published on : 03-12-2023 19:15:07
Last modified on : 04-12-2023 02:58:50

Description :
A vulnerability was found in librespeed speedtest up to 5.2.4. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file results/stats.php. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. Upgrading to version 5.2.5 is able to address this issue. The patch is named a85f2c086f3449dffa8fe2edb5e2ef3ee72dc0e9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-246643.

CVE ID : CVE-2022-4957
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/librespeed/speedtest/commit/a85f2c086f3449dffa8fe2edb5e2ef3ee72dc0e9 | source : cna@vuldb.com
https://github.com/librespeed/speedtest/releases/tag/5.2.5 | source : cna@vuldb.com
https://vuldb.com/?ctiid.246643 | source : cna@vuldb.com
https://vuldb.com/?id.246643 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-6467

First published on : 02-12-2023 14:15:07
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability was found in Thecosy IceCMS 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /Websquare/likeClickComment/ of the component Comment Like Handler. The manipulation leads to improper enforcement of a single, unique action. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-246617 was assigned to this vulnerability.

CVE ID : CVE-2023-6467
Source : cna@vuldb.com
CVSS Score : 3.1

References :
http://39.106.130.187/wenjian/2.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.246617 | source : cna@vuldb.com
https://vuldb.com/?id.246617 | source : cna@vuldb.com

Vulnerability : CWE-837


Vulnerability ID : CVE-2023-6472

First published on : 02-12-2023 19:15:07
Last modified on : 03-12-2023 16:37:30

Description :
A vulnerability, which was classified as problematic, has been found in PHPEMS 7.0. This issue affects some unknown processing of the file app\content\cls\api.cls.php of the component Content Section Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-246629 was assigned to this vulnerability.

CVE ID : CVE-2023-6472
Source : cna@vuldb.com
CVSS Score : 2.4

References :
https://vuldb.com/?ctiid.246629 | source : cna@vuldb.com
https://vuldb.com/?id.246629 | source : cna@vuldb.com
https://www.yuque.com/u39339523/el4dxs/vs8kw5gql9646xx4 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : github.com

Vulnerability ID : CVE-2023-49080

First published on : 04-12-2023 21:15:34
Last modified on : 04-12-2023 21:15:34

Description :
The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications like Jupyter notebook, JupyterLab, and Voila. Unhandled errors in API requests coming from an authenticated user include traceback information, which can include path information. There is no known mechanism by which to trigger these errors without authentication, so the paths revealed are not considered particularly sensitive, given that the requesting user has arbitrary execution permissions already in the same environment. A fix has been introduced in commit `0056c3aa52` which no longer includes traceback information in JSON error responses. For compatibility, the traceback field is present, but always empty. This commit has been included in version 2.11.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-49080
Source : security-advisories@github.com
CVSS Score : 3.5

References :
https://github.com/jupyter-server/jupyter_server/commit/0056c3aa52cbb28b263a7a609ae5f17618b36652 | source : security-advisories@github.com
https://github.com/jupyter-server/jupyter_server/security/advisories/GHSA-h56g-gq9v-vc8r | source : security-advisories@github.com

Vulnerability : CWE-209


Source : gitlab.com

Vulnerability ID : CVE-2023-3443

First published on : 01-12-2023 07:15:07
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab affecting all versions starting from 12.1 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for a Guest user to add an emoji on confidential work items.

CVE ID : CVE-2023-3443
Source : cve@gitlab.com
CVSS Score : 3.1

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/416497 | source : cve@gitlab.com
https://hackerone.com/reports/2036500 | source : cve@gitlab.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-4658

First published on : 01-12-2023 07:15:10
Last modified on : 01-12-2023 13:54:29

Description :
An issue has been discovered in GitLab EE affecting all versions starting from 8.13 before 16.4.3, all versions starting from 16.5 before 16.5.3, all versions starting from 16.6 before 16.6.1. It was possible for an attacker to abuse the `Allowed to merge` permission as a guest user, when granted the permission through a group.

CVE ID : CVE-2023-4658
Source : cve@gitlab.com
CVSS Score : 3.1

References :
https://gitlab.com/gitlab-org/gitlab/-/issues/423835 | source : cve@gitlab.com
https://hackerone.com/reports/2104540 | source : cve@gitlab.com

Vulnerability : CWE-284


(162) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-43453

First published on : 01-12-2023 02:15:07
Last modified on : 01-12-2023 02:28:42

Description :
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the IP parameter of the setDiagnosisCfg component.

CVE ID : CVE-2023-43453
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/2.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-43454

First published on : 01-12-2023 02:15:07
Last modified on : 01-12-2023 02:28:42

Description :
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the hostName parameter of the switchOpMode component.

CVE ID : CVE-2023-43454
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/1.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-43455

First published on : 01-12-2023 02:15:07
Last modified on : 01-12-2023 02:28:42

Description :
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary code via the command parameter of the setting/setTracerouteCfg component.

CVE ID : CVE-2023-43455
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/tharsis1024/vuln/blob/main/TOTOLINK/X6000R/3.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48016

First published on : 01-12-2023 03:15:07
Last modified on : 01-12-2023 13:54:29

Description :
Restaurant Table Booking System V1.0 is vulnerable to SQL Injection in rtbs/admin/index.php via the username parameter.

CVE ID : CVE-2023-48016
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Serhatcck/cves/blob/main/CVE-2023-48016-restaurant-table-booking-system-SQLInjection.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45252

First published on : 01-12-2023 06:15:47
Last modified on : 01-12-2023 13:54:29

Description :
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.

CVE ID : CVE-2023-45252
Source : cve@mitre.org
CVSS Score : /

References :
https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-45253

First published on : 01-12-2023 06:15:47
Last modified on : 01-12-2023 13:54:29

Description :
An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library.

CVE ID : CVE-2023-45253
Source : cve@mitre.org
CVSS Score : /

References :
https://www.xlent.no/aktuelt/security-disclosure-of-vulnerabilities-cve-2023-45252-and-cve-2023-45253/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-49371

First published on : 01-12-2023 15:15:07
Last modified on : 03-12-2023 16:37:37

Description :
RuoYi up to v4.6 was discovered to contain a SQL injection vulnerability via /system/dept/edit.

CVE ID : CVE-2023-49371
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Maverickfir/RuoYi-v4.6-vulnerability/blob/main/Ruoyiv4.6.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48813

First published on : 01-12-2023 16:15:07
Last modified on : 03-12-2023 16:37:34

Description :
Senayan Library Management Systems (Slims) 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/fines_report.php.

CVE ID : CVE-2023-48813
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SQLI-fines_report.md | source : cve@mitre.org
https://github.com/slims/slims9_bulian/issues/217 | source : cve@mitre.org


Vulnerability ID : CVE-2023-48842

First published on : 01-12-2023 16:15:07
Last modified on : 03-12-2023 16:37:34

Description :
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi.

CVE ID : CVE-2023-48842
Source : cve@mitre.org
CVSS Score : /

References :
https://drive.google.com/file/d/1y5om__f2SAhNmcPqDxC_SRTvJVAWwPcH/view?usp=drive_link | source : cve@mitre.org


Vulnerability ID : CVE-2023-48893

First published on : 01-12-2023 16:15:07
Last modified on : 03-12-2023 16:37:34

Description :
Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/staff_act.php.

CVE ID : CVE-2023-48893
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Vuln0wned/slims_owned/blob/main/slims/slims9-bulian-9.6.1-SQLI-staff_act.md | source : cve@mitre.org
https://github.com/slims/slims9_bulian/issues/209 | source : cve@mitre.org


Vulnerability ID : CVE-2023-48801

First published on : 01-12-2023 23:15:07
Last modified on : 03-12-2023 16:37:30

Description :
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability.

CVE ID : CVE-2023-48801
Source : cve@mitre.org
CVSS Score : /

References :
https://palm-jump-676.notion.site/CVE-2023-48801-40d4553fc7a649fe833201fcecf76f2b | source : cve@mitre.org
https://www.notion.so/X6000R-sub_415534-40d4553fc7a649fe833201fcecf76f2b?pvs=4 | source : cve@mitre.org


Vulnerability ID : CVE-2023-48886

First published on : 01-12-2023 23:15:07
Last modified on : 03-12-2023 16:37:30

Description :
A deserialization vulnerability in NettyRpc v1.2 allows attackers to execute arbitrary commands via sending a crafted RPC request.

CVE ID : CVE-2023-48886
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/luxiaoxun/NettyRpc | source : cve@mitre.org
https://github.com/luxiaoxun/NettyRpc/issues/53 | source : cve@mitre.org


Vulnerability ID : CVE-2023-48887

First published on : 01-12-2023 23:15:07
Last modified on : 03-12-2023 16:37:30

Description :
A deserialization vulnerability in Jupiter v1.3.1 allows attackers to execute arbitrary commands via sending a crafted RPC request.

CVE ID : CVE-2023-48887
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/fengjiachun/Jupiter | source : cve@mitre.org
https://github.com/fengjiachun/Jupiter/issues/115 | source : cve@mitre.org
https://github.com/welk1n/JNDI-Injection-Exploit/releases/tag/v1.0 | source : cve@mitre.org


Vulnerability ID : CVE-2023-49914

First published on : 02-12-2023 01:15:09
Last modified on : 03-12-2023 16:37:30

Description :
InteraXon Muse 2 devices allow remote attackers to cause a denial of service (incorrect Muse App report of an outstanding, calm meditation state) via a 480 MHz RF carrier that is modulated by a "false" brain wave, aka a Brain-Hack attack. For example, the Muse App does not display the reception of a strong RF carrier, and alert the user that a report may be misleading if this carrier has been modulated by a low-frequency signal.

CVE ID : CVE-2023-49914
Source : cve@mitre.org
CVSS Score : /

References :
https://dl.acm.org/doi/10.1145/3605758.3623497 | source : cve@mitre.org
https://scholar.google.com/citations?view_op=view_citation&hl=en&user=8hu27apy8A4C&citation_for_view=8hu27apy8A4C:Se3iqnhoufwC | source : cve@mitre.org


Vulnerability ID : CVE-2023-47100

First published on : 02-12-2023 23:15:07
Last modified on : 03-12-2023 16:37:30

Description :
In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0.

CVE ID : CVE-2023-47100
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Perl/perl5/commit/ff1f9f59360afeebd6f75ca1502f5c3ebf077da3 | source : cve@mitre.org


Vulnerability ID : CVE-2023-49926

First published on : 03-12-2023 03:15:07
Last modified on : 03-12-2023 16:37:30

Description :
app/Lib/Tools/EventTimelineTool.php in MISP before 2.4.179 allows XSS in the event timeline widget.

CVE ID : CVE-2023-49926
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/MISP/MISP/commit/dc73287ee2000476e3a5800ded402825ca10f7e8 | source : cve@mitre.org
https://github.com/MISP/MISP/compare/v2.4.178...v2.4.179 | source : cve@mitre.org


Vulnerability ID : CVE-2023-49946

First published on : 03-12-2023 19:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. This allows remote attackers to read private issues, read private pull requests, delete issues, and perform other unauthorized actions.

CVE ID : CVE-2023-49946
Source : cve@mitre.org
CVSS Score : /

References :
https://about.gitea.com/security | source : cve@mitre.org
https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md | source : cve@mitre.org
https://forgejo.org/2023-11-release-v1-20-5-1/ | source : cve@mitre.org
https://github.com/gogs/gogs/security | source : cve@mitre.org


Vulnerability ID : CVE-2023-49947

First published on : 03-12-2023 19:15:08
Last modified on : 04-12-2023 02:58:50

Description :
Forgejo before 1.20.5-1 allows 2FA bypass when docker login uses Basic Authentication.

CVE ID : CVE-2023-49947
Source : cve@mitre.org
CVSS Score : /

References :
https://codeberg.org/forgejo/forgejo/commit/44df78edd40076b349d50dc5fb02af417a44cfab | source : cve@mitre.org
https://forgejo.org/2023-11-release-v1-20-5-1/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-49948

First published on : 03-12-2023 19:15:08
Last modified on : 04-12-2023 02:58:50

Description :
Forgejo before 1.20.5-1 allows remote attackers to test for the existence of private user accounts by appending .rss (or another extension) to a URL.

CVE ID : CVE-2023-49948
Source : cve@mitre.org
CVSS Score : /

References :
https://codeberg.org/forgejo/forgejo/commit/d7408d8b0b04afd2a3c8e23cc908e7bd3849f34d | source : cve@mitre.org
https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md | source : cve@mitre.org
https://forgejo.org/2023-11-release-v1-20-5-1/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-48799

First published on : 04-12-2023 13:15:07
Last modified on : 04-12-2023 13:48:34

Description :
TOTOLINK-X6000R Firmware-V9.4.0cu.852_B20230719 is vulnerable to Command Execution.

CVE ID : CVE-2023-48799
Source : cve@mitre.org
CVSS Score : /

References :
https://palm-jump-676.notion.site/CVE-2023-48799-632dd667b4574a2c84b04035d04afb5c | source : cve@mitre.org
https://www.notion.so/X6000R-632dd667b4574a2c84b04035d04afb5c?pvs=4 | source : cve@mitre.org


Vulnerability ID : CVE-2023-48800

First published on : 04-12-2023 13:15:07
Last modified on : 04-12-2023 13:48:34

Description :
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_417338 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSystem function, resulting in a command execution vulnerability.

CVE ID : CVE-2023-48800
Source : cve@mitre.org
CVSS Score : /

References :
https://palm-jump-676.notion.site/CVE-2023-48800-ad96548d06c645738daf3ab77575fd74 | source : cve@mitre.org
https://www.notion.so/X6000R-sub_417338-ad96548d06c645738daf3ab77575fd74?pvs=4 | source : cve@mitre.org


Vulnerability ID : CVE-2023-48863

First published on : 04-12-2023 13:15:07
Last modified on : 04-12-2023 13:48:34

Description :
SEMCMS 3.9 is vulnerable to SQL Injection. Due to the lack of security checks on the input of the application, the attacker uses the existing application to inject malicious SQL commands into the background database engine for execution, and sends some attack codes as commands or query statements to the interpreter. These malicious data can deceive the interpreter, so as to execute unplanned commands or unauthorized access to data.

CVE ID : CVE-2023-48863
Source : cve@mitre.org
CVSS Score : /

References :
http://www.sem-cms.com/ | source : cve@mitre.org
https://gitee.com/NoBlake/cve-2023-48863/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-41613

First published on : 04-12-2023 14:15:07
Last modified on : 04-12-2023 17:16:41

Description :
EzViz Studio v2.2.0 is vulnerable to DLL hijacking.

CVE ID : CVE-2023-41613
Source : cve@mitre.org
CVSS Score : /

References :
https://packetstormsecurity.com/files/175684/EzViz-Studio-2.2.0-DLL-Hijacking.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-48815

First published on : 04-12-2023 15:15:07
Last modified on : 04-12-2023 17:16:41

Description :
kkFileView v4.3.0 is vulnerable to Incorrect Access Control.

CVE ID : CVE-2023-48815
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/kekingcn/kkFileView | source : cve@mitre.org
https://github.com/varzhang/There-is-a-vulnerability-in-kkFileView/blob/main/README.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48866

First published on : 04-12-2023 15:15:07
Last modified on : 04-12-2023 17:16:41

Description :
A Cross-Site Scripting (XSS) vulnerability in the recipe preparation component within /api/objects/recipes and note component within /api/objects/shopping_lists/ of Grocy <= 4.0.3 allows attackers to obtain the victim's cookies.

CVE ID : CVE-2023-48866
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/grocy/grocy | source : cve@mitre.org
https://nitipoom-jar.github.io/CVE-2023-48866/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-48965

First published on : 04-12-2023 16:15:11
Last modified on : 04-12-2023 17:16:41

Description :
An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file.

CVE ID : CVE-2023-48965
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/1dreamGN/CVE/blob/main/ThinkAdmin%20Logical%20defect%20getshell.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48966

First published on : 04-12-2023 16:15:11
Last modified on : 04-12-2023 17:16:41

Description :
An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file.

CVE ID : CVE-2023-48966
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/1dreamGN/CVE/blob/main/ThinkAdmin%20directory%20traversal%2Bfile%20upload%20getshell.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48910

First published on : 04-12-2023 17:15:07
Last modified on : 04-12-2023 17:16:41

Description :
Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.

CVE ID : CVE-2023-48910
Source : cve@mitre.org
CVSS Score : /

References :
https://gist.github.com/b33t1e/2a2dc17cf36cd741b2c99425c892d826 | source : cve@mitre.org
https://github.com/microcks/microcks | source : cve@mitre.org
https://github.com/orgs/microcks/discussions/892 | source : cve@mitre.org


Vulnerability ID : CVE-2023-48967

First published on : 04-12-2023 17:15:07
Last modified on : 04-12-2023 17:16:41

Description :
Ssolon <= 2.6.0 and <=2.5.12 is vulnerable to Deserialization of Untrusted Data.

CVE ID : CVE-2023-48967
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/noear/solon/issues/226 | source : cve@mitre.org


Source : 7168b535-132a-4efe-a076-338f829b2eb9

Vulnerability ID : CVE-2023-5915

First published on : 01-12-2023 07:15:12
Last modified on : 01-12-2023 13:54:29

Description :
A vulnerability of Uncontrolled Resource Consumption has been identified in STARDOM provided by Yokogawa Electric Corporation. This vulnerability may allow to a remote attacker to cause a denial-of-service condition to the FCN/FCJ controller by sending a crafted packet. While sending the packet, the maintenance homepage of the controller could not be accessed. Therefore, functions of the maintenance homepage, changing configuration, viewing logs, etc. are not available. But the controller’s operation is not stopped by the condition. The affected products and versions are as follows: STARDOM FCN/FCJ R1.01 to R4.31.

CVE ID : CVE-2023-5915
Source : 7168b535-132a-4efe-a076-338f829b2eb9
CVSS Score : /

References :
https://jvn.jp/vu/JVNVU95177889/index.html | source : 7168b535-132a-4efe-a076-338f829b2eb9
https://web-material3.yokogawa.com/1/35463/files/YSAR-23-0003-E.pdf | source : 7168b535-132a-4efe-a076-338f829b2eb9
https://www.cisa.gov/news-events/ics-advisories/icsa-23-334-02 | source : 7168b535-132a-4efe-a076-338f829b2eb9

Vulnerability : CWE-400


Source : arm.com

Vulnerability ID : CVE-2023-5427

First published on : 01-12-2023 11:15:07
Last modified on : 04-12-2023 16:15:12

Description :
Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU processing operations to gain access to already freed memory.This issue affects Bifrost GPU Kernel Driver: from r44p0 through r45p0; Valhall GPU Kernel Driver: from r44p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r44p0 through r45p0.

CVE ID : CVE-2023-5427
Source : arm-security@arm.com
CVSS Score : /

References :
http://packetstormsecurity.com/files/176029/ARM-Mali-r44p0-Use-After-Free.html | source : arm-security@arm.com
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | source : arm-security@arm.com

Vulnerability : CWE-416


Vulnerability ID : CVE-2023-32804

First published on : 04-12-2023 12:15:07
Last modified on : 04-12-2023 13:48:34

Description :
Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Driver allows a local non-privileged user to write a constant pattern to a limited amount of memory not allocated by the user space driver.This issue affects Midgard GPU Userspace Driver: from r0p0 through r32p0; Bifrost GPU Userspace Driver: from r0p0 through r44p0; Valhall GPU Userspace Driver: from r19p0 through r44p0; Arm 5th Gen GPU Architecture Userspace Driver: from r41p0 through r44p0.

CVE ID : CVE-2023-32804
Source : arm-security@arm.com
CVSS Score : /

References :
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | source : arm-security@arm.com

Vulnerability : CWE-787


Source : unisoc.com

Vulnerability ID : CVE-2022-48462

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48462
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48463

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48463
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48464

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48464
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42671

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42671
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42672

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42672
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42673

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42673
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42674

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42674
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42675

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42675
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42676

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42676
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42677

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42677
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42678

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42678
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42679

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42679
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42680

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42680
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42681

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In ion service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42681
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42682

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In gsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42682
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42683

First published on : 04-12-2023 01:15:08
Last modified on : 04-12-2023 02:58:50

Description :
In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42683
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42684

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42684
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42685

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42685
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42686

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42686
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42687

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42687
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42688

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42688
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42689

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42689
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42690

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42690
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42691

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42691
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42692

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42692
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42693

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42693
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42694

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42694
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42695

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In wifi service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42695
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42696

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42696
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42697

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42697
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42698

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42698
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42699

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In omacp service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42699
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42700

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42700
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42701

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42701
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42702

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42702
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42703

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42703
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42704

First published on : 04-12-2023 01:15:09
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42704
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42705

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In imsservice, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42705
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42706

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42706
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42707

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42707
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42708

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42708
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42709

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42709
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42710

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42710
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42711

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42711
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42712

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42712
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42713

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42713
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42714

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In firewall service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42714
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42715

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42715
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42716

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed

CVE ID : CVE-2023-42716
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42717

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In telephony service, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed

CVE ID : CVE-2023-42717
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42718

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In dialer, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42718
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42719

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In video service, there is a possible out of bounds read due to a incorrect bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-42719
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42720

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In video service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-42720
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42721

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In flv extractor, there is a possible missing verification incorrect input. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-42721
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42722

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In camera service, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed

CVE ID : CVE-2023-42722
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42723

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In camera service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-42723
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42724

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42724
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42725

First published on : 04-12-2023 01:15:10
Last modified on : 04-12-2023 02:58:50

Description :
In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42725
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42726

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In TeleService, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42726
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42727

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In gpu driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42727
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42728

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-42728
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42729

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In ril service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42729
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42730

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In IMS service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42730
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42731

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42731
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42732

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42732
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42733

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42733
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42734

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42734
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42735

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telephony service, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed

CVE ID : CVE-2023-42735
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42736

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42736
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42737

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42737
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42738

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telocom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42738
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42739

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In engineermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42739
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42740

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42740
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42741

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42741
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42742

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In sysui, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-42742
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42743

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42743
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42744

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-42744
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42745

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42745
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42746

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In power manager, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42746
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42747

First published on : 04-12-2023 01:15:11
Last modified on : 04-12-2023 02:58:50

Description :
In camera service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42747
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42748

First published on : 04-12-2023 01:15:12
Last modified on : 04-12-2023 02:58:50

Description :
In telecom service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed

CVE ID : CVE-2023-42748
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42749

First published on : 04-12-2023 01:15:12
Last modified on : 04-12-2023 02:58:50

Description :
In enginnermode service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42749
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42751

First published on : 04-12-2023 01:15:12
Last modified on : 04-12-2023 02:58:50

Description :
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42751
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1731138365803266049 | source : security@unisoc.com


Source : mediatek.com

Vulnerability ID : CVE-2023-32841

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:45

Description :
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846).

CVE ID : CVE-2023-32841
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32842

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:45

Description :
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848).

CVE ID : CVE-2023-32842
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32843

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:45

Description :
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849).

CVE ID : CVE-2023-32843
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32844

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:45

Description :
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01130183 (MSV-850).

CVE ID : CVE-2023-32844
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32845

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:45

Description :
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01139296 (MSV-860).

CVE ID : CVE-2023-32845
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32846

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:45

Description :
In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861).

CVE ID : CVE-2023-32846
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32847

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:45

Description :
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08241940; Issue ID: ALPS08241940.

CVE ID : CVE-2023-32847
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32848

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:38

Description :
In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08163896; Issue ID: ALPS08163896.

CVE ID : CVE-2023-32848
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32849

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:38

Description :
In cmdq, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08161758; Issue ID: ALPS08161758.

CVE ID : CVE-2023-32849
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32850

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:38

Description :
In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659.

CVE ID : CVE-2023-32850
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32851

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:38

Description :
In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652.

CVE ID : CVE-2023-32851
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32852

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:38

Description :
In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971.

CVE ID : CVE-2023-32852
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32853

First published on : 04-12-2023 04:15:07
Last modified on : 04-12-2023 13:50:38

Description :
In rpmb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648764; Issue ID: ALPS07648764.

CVE ID : CVE-2023-32853
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32854

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08240132; Issue ID: ALPS08240132.

CVE ID : CVE-2023-32854
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32855

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204.

CVE ID : CVE-2023-32855
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32856

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993705.

CVE ID : CVE-2023-32856
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32857

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993710.

CVE ID : CVE-2023-32857
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32858

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008.

CVE ID : CVE-2023-32858
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32859

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473.

CVE ID : CVE-2023-32859
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32860

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788.

CVE ID : CVE-2023-32860
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32861

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08059081; Issue ID: ALPS08059081.

CVE ID : CVE-2023-32861
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32862

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388762; Issue ID: ALPS07388762.

CVE ID : CVE-2023-32862
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32863

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326314; Issue ID: ALPS07326314.

CVE ID : CVE-2023-32863
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32864

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292187; Issue ID: ALPS07292187.

CVE ID : CVE-2023-32864
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32865

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456.

CVE ID : CVE-2023-32865
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32866

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152.

CVE ID : CVE-2023-32866
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32867

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:50:38

Description :
In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560793; Issue ID: ALPS07560793.

CVE ID : CVE-2023-32867
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32868

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:48:34

Description :
In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363632.

CVE ID : CVE-2023-32868
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32869

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:48:34

Description :
In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363689.

CVE ID : CVE-2023-32869
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Vulnerability ID : CVE-2023-32870

First published on : 04-12-2023 04:15:08
Last modified on : 04-12-2023 13:48:34

Description :
In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363740; Issue ID: ALPS07363740.

CVE ID : CVE-2023-32870
Source : security@mediatek.com
CVSS Score : /

References :
https://corp.mediatek.com/product-security-bulletin/December-2023 | source : security@mediatek.com


Source : jpcert.or.jp

Vulnerability ID : CVE-2023-49108

First published on : 04-12-2023 06:15:07
Last modified on : 04-12-2023 13:48:34

Description :
Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or deleted by a user of the product with specific privileges.

CVE ID : CVE-2023-49108
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://jvn.jp/en/jp/JVN46895889/ | source : vultures@jpcert.or.jp
https://rakrak.jp/RakDocSupport/rkspServlet | source : vultures@jpcert.or.jp


Source : wpscan.com

Vulnerability ID : CVE-2023-4460

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The Uploading SVG, WEBP and ICO files WordPress plugin through 1.2.1 does not sanitise uploaded SVG files, which could allow users with a role as low as Author to upload a malicious SVG containing XSS payloads.

CVE ID : CVE-2023-4460
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/82f8d425-449a-471f-94df-8439924fd628 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5105

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as `wp-config.php`

CVE ID : CVE-2023-5105
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/d40c7108-bad6-4ed3-8539-35c0f57e62cc | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5108

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The Easy Newsletter Signups WordPress plugin through 1.0.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin

CVE ID : CVE-2023-5108
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/1b277929-e88b-4ab6-9190-526e75f5ce7a | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5137

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The Simply Excerpts WordPress plugin through 1.4 does not sanitize and escape some fields in the plugin settings, which could allow high-privilege users such as an administrator to inject arbitrary web scripts even when the unfiltered_html capability is disallowed (for example in a multisite setup).

CVE ID : CVE-2023-5137
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/79b79e9c-ea4f-4188-a1b5-61dda0b5d434 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5141

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The BSK Contact Form 7 Blacklist WordPress plugin through 1.0.1 does not sanitise and escape the inserted_count parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-5141
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/9997fe8d-8027-4ae0-9885-a1f5565f2d1a | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5210

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The AMP+ Plus WordPress plugin through 3.0 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-5210
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/1c3ff47a-12a5-49c1-a166-2c57e5c0d0aa | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5762

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE (Remote Code Execution) vulnerability, which allows the operating system to execute commands and fully compromise the server on behalf of a user with Author-level privileges.

CVE ID : CVE-2023-5762
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/6ad99725-eccc-4b61-bce2-668b62619deb | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5809

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The Popup box WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-5809
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/f1eb05e8-1b7c-45b1-912d-f668bd68e265 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5874

First published on : 04-12-2023 22:15:07
Last modified on : 04-12-2023 22:15:07

Description :
The Popup box WordPress plugin before 3.8.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-5874
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/ebe3e873-1259-43b9-a027-daa4dbd937f3 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5884

First published on : 04-12-2023 22:15:08
Last modified on : 04-12-2023 22:15:08

Description :
The Word Balloon WordPress plugin before 4.20.3 does not protect some of its actions against CSRF attacks, allowing an unauthenticated attacker to trick a logged in user to delete arbitrary avatars by clicking a link.

CVE ID : CVE-2023-5884
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/f4a7937c-6f4b-49dd-b88a-67ebe718ad19 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5951

First published on : 04-12-2023 22:15:08
Last modified on : 04-12-2023 22:15:08

Description :
The Welcart e-Commerce WordPress plugin before 2.9.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-5951
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/81dc093a-545d-4bcd-ab85-ee9472d709e5 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5952

First published on : 04-12-2023 22:15:08
Last modified on : 04-12-2023 22:15:08

Description :
The Welcart e-Commerce WordPress plugin before 2.9.5 unserializes user input from cookies, which could allow unautehtniacted users to perform PHP Object Injection when a suitable gadget is present on the blog

CVE ID : CVE-2023-5952
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/0acd613e-dbd6-42ae-9f3d-6d6e77a4c1b7 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5953

First published on : 04-12-2023 22:15:08
Last modified on : 04-12-2023 22:15:08

Description :
The Welcart e-Commerce WordPress plugin before 2.9.5 does not validate files to be uploaded, as well as does not have authorisation and CSRF in an AJAX action handling such upload. As a result, any authenticated users, such as subscriber could upload arbitrary files, such as PHP on the server

CVE ID : CVE-2023-5953
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/6d29ba12-f14a-4cee-baae-a6049d83bce6 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5979

First published on : 04-12-2023 22:15:08
Last modified on : 04-12-2023 22:15:08

Description :
The eCommerce Product Catalog Plugin for WordPress plugin before 3.3.26 does not have CSRF checks in some of its admin pages, which could allow attackers to make logged-in users perform unwanted actions via CSRF attacks, such as delete all products

CVE ID : CVE-2023-5979
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/936934c3-5bfe-416e-b6aa-47bed4db05c4 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5990

First published on : 04-12-2023 22:15:08
Last modified on : 04-12-2023 22:15:08

Description :
The Interactive Contact Form and Multi Step Form Builder with Drag & Drop Editor WordPress plugin before 3.4.2 does not have CSRF checks on some of its form actions such as deletion and duplication, which could allow attackers to make logged in admin perform such actions via CSRF attacks

CVE ID : CVE-2023-5990
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/0a615ce3-93da-459d-a33f-a2a6e74a2f94 | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6063

First published on : 04-12-2023 22:15:08
Last modified on : 04-12-2023 22:15:08

Description :
The WP Fastest Cache WordPress plugin before 1.2.2 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users.

CVE ID : CVE-2023-6063
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/blog/unauthenticated-sql-injection-vulnerability-addressed-in-wp-fastest-cache-1-2-2/ | source : contact@wpscan.com
https://wpscan.com/vulnerability/30a74105-8ade-4198-abe2-1c6f2967443e | source : contact@wpscan.com


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.