Latest vulnerabilities of Friday, October 13, 2023

Latest vulnerabilities of Friday, October 13, 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 10/13/2023 at 11:58:02 PM

(3) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : huntr.dev

Vulnerability ID : CVE-2023-5572

First published on : 13-10-2023 10:15:10
Last modified on : 13-10-2023 12:47:20

Description :
Server-Side Request Forgery (SSRF) in GitHub repository vriteio/vrite prior to 0.3.0.

CVE ID : CVE-2023-5572
Source : security@huntr.dev
CVSS Score : 10.0

References :
https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23 | source : security@huntr.dev
https://huntr.dev/bounties/db649f1b-8578-4ef0-8df3-d320ab33f1be | source : security@huntr.dev

Vulnerability : CWE-918


Source : 1e.com

Vulnerability ID : CVE-2023-45162

First published on : 13-10-2023 13:15:11
Last modified on : 13-10-2023 13:46:47

Description :
Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution. Application of the relevant hotfix remediates this issue. for v8.1.2 apply hotfix Q23166 for v8.4.1 apply hotfix Q23164 for v9.0.1 apply hotfix Q23173 SaaS implementations on v23.7.1 will automatically have hotfix Q23173 applied. Customers with SaaS versions below this are urged to upgrade urgently - please contact 1E to arrange this

CVE ID : CVE-2023-45162
Source : security@1e.com
CVSS Score : 9.9

References :
https://www.1e.com/trust-security-compliance/cve-info/ | source : security@1e.com

Vulnerability : CWE-89


Source : yd.MitsubishiElectric.co.jp

Vulnerability ID : CVE-2023-4562

First published on : 13-10-2023 02:15:09
Last modified on : 13-10-2023 12:47:20

Description :
Improper Authentication vulnerability in Mitsubishi Electric Corporation MELSEC-F Series main modules allows a remote unauthenticated attacker to obtain sequence programs from the product or write malicious sequence programs or improper data in the product without authentication by sending illegitimate messages.

CVE ID : CVE-2023-4562
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 9.1

References :
https://jvn.jp/vu/JVNVU90509290/ | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-13 | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-012_en.pdf | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Vulnerability : CWE-287


(27) HIGH VULNERABILITIES [7.0, 8.9]

Source : adobe.com

Vulnerability ID : CVE-2023-38218

First published on : 13-10-2023 07:15:40
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation.

CVE ID : CVE-2023-38218
Source : psirt@adobe.com
CVSS Score : 8.8

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-38219

First published on : 13-10-2023 07:15:40
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victimโ€™s browser when they browse to the page containing the vulnerable field. Payload is stored in an admin area, resulting in high confidentiality and integrity impact.

CVE ID : CVE-2023-38219
Source : psirt@adobe.com
CVSS Score : 8.7

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-38221

First published on : 13-10-2023 07:15:40
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.

CVE ID : CVE-2023-38221
Source : psirt@adobe.com
CVSS Score : 8.0

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-38249

First published on : 13-10-2023 07:15:41
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.

CVE ID : CVE-2023-38249
Source : psirt@adobe.com
CVSS Score : 8.0

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-38250

First published on : 13-10-2023 07:15:41
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.

CVE ID : CVE-2023-38250
Source : psirt@adobe.com
CVSS Score : 8.0

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-38220

First published on : 13-10-2023 07:15:40
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Authorization vulnerability that could lead in a security feature bypass in a way that an attacker could access unauthorised data. Exploitation of this issue does not require user interaction.

CVE ID : CVE-2023-38220
Source : psirt@adobe.com
CVSS Score : 7.5

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-285


Source : juniper.net

Vulnerability ID : CVE-2023-44194

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root privileges. This issue affects Juniper Networks Junos OS: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S3; * 21.4 versions prior to 21.4R3-S1.

CVE ID : CVE-2023-44194
Source : sirt@juniper.net
CVSS Score : 8.4

References :
https://supportportal.juniper.net/JSA73158 | source : sirt@juniper.net

Vulnerability : CWE-276


Vulnerability ID : CVE-2023-44181

First published on : 13-10-2023 00:15:11
Last modified on : 13-10-2023 12:47:39

Description :
An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4R3-S5 on QFX5k; * 21.1 versions prior to 21.1R3-S4 on QFX5k; * 21.2 versions prior to 21.2R3-S3 on QFX5k; * 21.3 versions prior to 21.3R3-S2 on QFX5k; * 21.4 versions prior to 21.4R3 on QFX5k; * 22.1 versions prior to 22.1R3 on QFX5k; * 22.2 versions prior to 22.2R2 on QFX5k.

CVE ID : CVE-2023-44181
Source : sirt@juniper.net
CVSS Score : 7.5

References :
https://supportportal.juniper.net/JSA73145 | source : sirt@juniper.net
https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html | source : sirt@juniper.net


Vulnerability ID : CVE-2023-44185

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Input Validation vulnerability in the routing protocol daemon (rpd) of Juniper Networks allows an attacker to cause a Denial of Service (DoS )to the device upon receiving and processing a specific malformed ISO VPN BGP UPDATE packet. Continued receipt of this packet will cause a sustained Denial of Service condition. This issue affects: * Juniper Networks Junos OS: * All versions prior to 20.4R3-S6; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S3; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R2-S2, 22.1R3; * 22.2 versions prior to 22.2R2-S1, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2. Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S6-EVO; * 21.1-EVO version 21.1R1-EVO and later versions prior to 21.2R3-S4-EVO; * 21.3-EVO versions prior to 21.3R3-S3-EVO; * 21.4-EVO versions prior to 21.4R3-S3-EVO; * 22.1-EVO versions prior to 22.1R3-EVO; * 22.2-EVO versions prior to 22.2R2-S1-EVO, 22.2R3-EVO; * 22.3-EVO versions prior to 22.3R1-S2-EVO, 22.3R2-EVO.

CVE ID : CVE-2023-44185
Source : sirt@juniper.net
CVSS Score : 7.5

References :
https://supportportal.juniper.net/JSA73146 | source : sirt@juniper.net

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-44191

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to dropping of socket connections. This issue affects: Juniper Networks Junos OS on QFX5000 Series and EX4000 Series * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1

CVE ID : CVE-2023-44191
Source : sirt@juniper.net
CVSS Score : 7.5

References :
https://supportportal.juniper.net/JSA73155 | source : sirt@juniper.net

Vulnerability : CWE-770


Vulnerability ID : CVE-2023-44192

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS). On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak. To confirm the memory leak, monitor for "sheaf:possible leak" and "vtep not found" messages in the logs. This issue affects: Juniper Networks Junos OS QFX5000 Series: * All versions prior to 20.4R3-S6; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R2-S2, 22.2R3; * 22.3 versions prior to 22.3R2-S1, 22.3R3; * 22.4 versions prior to 22.4R1-S2, 22.4R2.

CVE ID : CVE-2023-44192
Source : sirt@juniper.net
CVSS Score : 7.5

References :
https://supportportal.juniper.net/JSA73156 | source : sirt@juniper.net

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-44197

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Out-of-Bounds Write vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). On all Junos OS and Junos OS Evolved devices an rpd crash and restart can occur while processing BGP route updates received over an established BGP session. This specific issue is observed for BGP routes learned via a peer which is configured with a BGP import policy that has hundreds of terms matching IPv4 and/or IPv6 prefixes. This issue affects Juniper Networks Junos OS: * All versions prior to 20.4R3-S8; * 21.1 version 21.1R1 and later versions; * 21.2 versions prior to 21.2R3-S2; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R2-S1, 21.4R3-S5. This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO; * 21.1-EVO version 21.1R1-EVO and later versions; * 21.2-EVO versions prior to 21.2R3-S2-EVO; * 21.3-EVO version 21.3R1-EVO and later versions; * 21.4-EVO versions prior to 21.4R2-S1-EVO, 21.4R3-S5-EVO.

CVE ID : CVE-2023-44197
Source : sirt@juniper.net
CVSS Score : 7.5

References :
https://supportportal.juniper.net/JSA73163 | source : sirt@juniper.net

Vulnerability : CWE-787


Vulnerability ID : CVE-2023-44199

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On Junos MX Series platforms with Precision Time Protocol (PTP) configured, a prolonged routing protocol churn can lead to an FPC crash and restart. This issue affects Juniper Networks Junos OS on MX Series: * All versions prior to 20.4R3-S4; * 21.1 version 21.1R1 and later versions; * 21.2 versions prior to 21.2R3-S2; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3; * 22.1 versions prior to 22.1R3; * 22.2 versions prior to 22.2R1-S1, 22.2R2.

CVE ID : CVE-2023-44199
Source : sirt@juniper.net
CVSS Score : 7.5

References :
https://supportportal.juniper.net/JSA73165 | source : sirt@juniper.net

Vulnerability : CWE-754


Vulnerability ID : CVE-2023-44182

First published on : 13-10-2023 00:15:11
Last modified on : 13-10-2023 12:47:39

Description :
An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or elevation of privileges associated with an operators actions to occur. Multiple scenarios may occur; for example: privilege escalation over the device or another account, access to files that should not otherwise be accessible, files not being accessible where they should be accessible, code expected to run as non-root may run as root, and so forth. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R2-S2, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2. Juniper Networks Junos OS Evolved * All versions prior to 21.4R3-S3-EVO; * 22.1-EVO version 22.1R1-EVO and later versions prior to 22.2R2-S2-EVO, 22.2R3-EVO; * 22.3-EVO versions prior to 22.3R1-S2-EVO, 22.3R2-EVO.

CVE ID : CVE-2023-44182
Source : sirt@juniper.net
CVSS Score : 7.3

References :
https://supportportal.juniper.net/JSA73149 | source : sirt@juniper.net
https://www.juniper.net/documentation/en_US/junos/topics/concept/junos-software-user-interfaces-overview.html | source : sirt@juniper.net
https://www.juniper.net/documentation/us/en/software/junos/interfaces-telemetry/topics/concept/junos-telemetry-interface-grpc-sensors.html | source : sirt@juniper.net

Vulnerability : CWE-252


Source : rockwellautomation.com

Vulnerability ID : CVE-2023-29464

First published on : 13-10-2023 13:15:11
Last modified on : 13-10-2023 13:46:47

Description :
FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol.

CVE ID : CVE-2023-29464
Source : PSIRT@rockwellautomation.com
CVSS Score : 8.2

References :
https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141040 | source : PSIRT@rockwellautomation.com

Vulnerability : CWE-20


Source : fortinet.com

Vulnerability ID : CVE-2023-33303

First published on : 13-10-2023 15:15:43
Last modified on : 13-10-2023 15:20:17

Description :
A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request

CVE ID : CVE-2023-33303
Source : psirt@fortinet.com
CVSS Score : 8.1

References :
https://fortiguard.com/psirt/FG-IR-23-007 | source : psirt@fortinet.com


Vulnerability ID : CVE-2023-41682

First published on : 13-10-2023 15:15:44
Last modified on : 13-10-2023 15:20:17

Description :
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 2.5.0 through 2.5.2 and 2.4.1 and 2.4.0 allows attacker to denial of service via crafted http requests.

CVE ID : CVE-2023-41682
Source : psirt@fortinet.com
CVSS Score : 8.1

References :
https://fortiguard.com/psirt/FG-IR-23-280 | source : psirt@fortinet.com


Vulnerability ID : CVE-2023-41680

First published on : 13-10-2023 15:15:44
Last modified on : 13-10-2023 15:20:17

Description :
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.1 allows attacker to execute unauthorized code or commands via crafted HTTP requests.

CVE ID : CVE-2023-41680
Source : psirt@fortinet.com
CVSS Score : 7.5

References :
https://fortiguard.com/psirt/FG-IR-23-311 | source : psirt@fortinet.com


Vulnerability ID : CVE-2023-41681

First published on : 13-10-2023 15:15:44
Last modified on : 13-10-2023 15:20:17

Description :
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.1 allows attacker to execute unauthorized code or commands via crafted HTTP requests.

CVE ID : CVE-2023-41681
Source : psirt@fortinet.com
CVSS Score : 7.5

References :
https://fortiguard.com/psirt/FG-IR-23-311 | source : psirt@fortinet.com


Vulnerability ID : CVE-2023-41843

First published on : 13-10-2023 15:15:44
Last modified on : 13-10-2023 15:20:17

Description :
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 allows attacker to execute unauthorized code or commands via crafted HTTP requests.

CVE ID : CVE-2023-41843
Source : psirt@fortinet.com
CVSS Score : 7.5

References :
https://fortiguard.com/psirt/FG-IR-23-273 | source : psirt@fortinet.com


Source : zephyrproject.org

Vulnerability ID : CVE-2023-4263

First published on : 13-10-2023 21:15:51
Last modified on : 13-10-2023 21:31:49

Description :
Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver

CVE ID : CVE-2023-4263
Source : vulnerabilities@zephyrproject.org
CVSS Score : 7.6

References :
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rf6q-rhhp-pqhf | source : vulnerabilities@zephyrproject.org

Vulnerability : CWE-120
Vulnerability : CWE-121


Vulnerability ID : CVE-2023-5563

First published on : 13-10-2023 00:15:13
Last modified on : 13-10-2023 12:47:20

Description :
The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. This results in calling k_sleep() in IRQ context, causing a fatal exception.

CVE ID : CVE-2023-5563
Source : vulnerabilities@zephyrproject.org
CVSS Score : 7.1

References :
https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-98mc-rj7w-7rpv | source : vulnerabilities@zephyrproject.org

Vulnerability : CWE-703


Source : redhat.com

Vulnerability ID : CVE-2023-5557

First published on : 13-10-2023 02:15:11
Last modified on : 13-10-2023 12:47:20

Description :
A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.

CVE ID : CVE-2023-5557
Source : secalert@redhat.com
CVSS Score : 7.5

References :
https://access.redhat.com/security/cve/CVE-2023-5557 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2243096 | source : secalert@redhat.com


Source : github.com

Vulnerability ID : CVE-2023-45130

First published on : 13-10-2023 13:15:11
Last modified on : 13-10-2023 13:46:47

Description :
Frontier is Substrate's Ethereum compatibility layer. Prior to commit aea528198b3b226e0d20cce878551fd4c0e3d5d0, at the end of a contract execution, when opcode SUICIDE marks a contract to be deleted, the software uses `storage::remove_prefix` (now renamed to `storage::clear_prefix`) to remove all storages associated with it. This is a single IO primitive call passing the WebAssembly boundary. For large contracts, the call (without providing a `limit` parameter) can be slow. In addition, for parachains, all storages to be deleted will be part of the PoV, which easily exceed relay chain PoV size limit. On the other hand, Frontier's maintainers only charge a fixed cost for opcode SUICIDE. The maintainers consider the severity of this issue high, because an attacker can craft a contract with a lot of storage values on a parachain, and then call opcode SUICIDE on the contract. If the transaction makes into a parachain block, the parachain will then stall because the PoV size will exceed relay chain's limit. This is especially an issue for XCM transactions, because they can't be skipped. Commit aea528198b3b226e0d20cce878551fd4c0e3d5d0 contains a patch for this issue. For parachains, it's recommended to issue an emergency runtime upgrade as soon as possible. For standalone chains, the impact is less severe because the issue mainly affects PoV sizes. It's recommended to issue a normal runtime upgrade as soon as possible. There are no known workarounds.

CVE ID : CVE-2023-45130
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/paritytech/frontier/commit/aea528198b3b226e0d20cce878551fd4c0e3d5d0 | source : security-advisories@github.com
https://github.com/paritytech/frontier/pull/1212 | source : security-advisories@github.com
https://github.com/paritytech/frontier/security/advisories/GHSA-gc88-2gvv-gp3v | source : security-advisories@github.com

Vulnerability : CWE-770


Source : qnapsecurity.com.tw

Vulnerability ID : CVE-2023-32974

First published on : 13-10-2023 20:15:10
Last modified on : 13-10-2023 21:31:49

Description :
A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTScloud c5.1.0.2498 and later

CVE ID : CVE-2023-32974
Source : security@qnapsecurity.com.tw
CVSS Score : 7.5

References :
https://www.qnap.com/en/security-advisory/qsa-23-42 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-34975

First published on : 13-10-2023 20:15:10
Last modified on : 13-10-2023 21:31:49

Description :
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later

CVE ID : CVE-2023-34975
Source : security@qnapsecurity.com.tw
CVSS Score : 7.4

References :
https://www.qnap.com/en/security-advisory/qsa-23-52 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-89


Source : emc.com

Vulnerability ID : CVE-2023-43079

First published on : 13-10-2023 12:15:10
Last modified on : 13-10-2023 12:47:20

Description :
Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system. Exploitation may lead to a complete system compromise.

CVE ID : CVE-2023-43079
Source : security_alert@emc.com
CVSS Score : 7.3

References :
https://www.dell.com/support/kbdoc/en-us/000218469/dsa-2023-367-dell-openmanage-server-administrator-omsa-security-update-for-multiple-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-284


(38) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : adobe.com

Vulnerability ID : CVE-2023-26366

First published on : 13-10-2023 07:15:38
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction, scope is changed due to the fact that an attacker can enforce file read outside the application's path boundary.

CVE ID : CVE-2023-26366
Source : psirt@adobe.com
CVSS Score : 6.8

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-38251

First published on : 13-10-2023 07:15:41
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Uncontrolled Resource Consumption vulnerability that could lead in minor application denial-of-service. Exploitation of this issue does not require user interaction.

CVE ID : CVE-2023-38251
Source : psirt@adobe.com
CVSS Score : 5.3

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-400


Vulnerability ID : CVE-2023-26367

First published on : 13-10-2023 07:15:39
Last modified on : 13-10-2023 12:47:20

Description :
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction.

CVE ID : CVE-2023-26367
Source : psirt@adobe.com
CVSS Score : 4.9

References :
https://helpx.adobe.com/security/products/magento/apsb23-50.html | source : psirt@adobe.com

Vulnerability : CWE-20


Source : qnapsecurity.com.tw

Vulnerability ID : CVE-2023-32976

First published on : 13-10-2023 20:15:10
Last modified on : 13-10-2023 21:31:49

Description :
An OS command injection vulnerability has been reported to affect Container Station. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following version: Container Station 2.6.7.44 and later

CVE ID : CVE-2023-32976
Source : security@qnapsecurity.com.tw
CVSS Score : 6.6

References :
https://www.qnap.com/en/security-advisory/qsa-23-44 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-32970

First published on : 13-10-2023 20:15:09
Last modified on : 13-10-2023 21:31:49

Description :
A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. QES is not affected. We have already fixed the vulnerability in the following versions: QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2453 build 20230708 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later

CVE ID : CVE-2023-32970
Source : security@qnapsecurity.com.tw
CVSS Score : 4.9

References :
https://www.qnap.com/en/security-advisory/qsa-23-41 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-476


Vulnerability ID : CVE-2023-34977

First published on : 13-10-2023 20:15:10
Last modified on : 13-10-2023 21:31:49

Description :
A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later

CVE ID : CVE-2023-34977
Source : security@qnapsecurity.com.tw
CVSS Score : 4.6

References :
https://www.qnap.com/en/security-advisory/qsa-23-52 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-34976

First published on : 13-10-2023 20:15:10
Last modified on : 13-10-2023 21:31:49

Description :
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later

CVE ID : CVE-2023-34976
Source : security@qnapsecurity.com.tw
CVSS Score : 4.3

References :
https://www.qnap.com/en/security-advisory/qsa-23-52 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-89


Source : juniper.net

Vulnerability ID : CVE-2023-44183

First published on : 13-10-2023 00:15:11
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices allows an unauthenticated, adjacent attacker, sending two or more genuine packets in the same VxLAN topology to possibly cause a DMA memory leak to occur under various specific operational conditions. The scenario described here is the worst-case scenario. There are other scenarios that require operator action to occur. An indicator of compromise may be seen when multiple devices indicate that FPC0 has gone missing when issuing a show chassis fpc command for about 10 to 20 minutes, and a number of interfaces have also gone missing. Use the following command to determine if FPC0 has gone missing from the device. show chassis fpc detail This issue affects: Juniper Networks Junos OS on QFX5000 Series, EX4600 Series: * 18.4 version 18.4R2 and later versions prior to 20.4R3-S8; * 21.1 version 21.1R1 and later versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2.

CVE ID : CVE-2023-44183
Source : sirt@juniper.net
CVSS Score : 6.5

References :
https://supportportal.juniper.net/JSA73148 | source : sirt@juniper.net
https://www.juniper.net/documentation/us/en/software/junos/evpn-vxlan/topics/topic-map/sdn-vxlan.html | source : sirt@juniper.net
https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/redundant-trunk-groups.html | source : sirt@juniper.net

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-44184

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device's control plane. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R2-S1, 22.3R3; * 22.4 versions prior to 22.4R1-S2, 22.4R2. Juniper Networks Junos OS Evolved * All versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S2-EVO; * 22.2 versions prior to 22.2R3-EVO; * 22.3 versions prior to 22.3R3-EVO; * 22.4 versions prior to 22.4R2-EVO. An indicator of compromise can be seen by first determining if the NETCONF client is logged in and fails to log out after a reasonable period of time and secondly reviewing the WCPU percentage for the mgd process by running the following command: mgd process example: user@device-re#> show system processes extensive | match "mgd|PID" | except last PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 92476 root 100 0 500M 89024K CPU3 3 57.5H 89.60% mgd <<<<<<<<<<< review the high cpu percentage. Example to check for NETCONF activity: While there is no specific command that shows a specific session in use for NETCONF, you can review logs for UI_LOG_EVENT with "client-mode 'netconf'" For example: mgd[38121]: UI_LOGIN_EVENT: User 'root' login, class 'super-user' [38121], ssh-connection '10.1.1.1 201 55480 10.1.1.2 22', client-mode 'netconf'

CVE ID : CVE-2023-44184
Source : sirt@juniper.net
CVSS Score : 6.5

References :
https://supportportal.juniper.net/JSA73147 | source : sirt@juniper.net

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-44196

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Check for Unusual or Exceptional Conditions in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS Evolved on PTX10003 Series allows an unauthenticated adjacent attacker to cause an impact to the integrity of the system. When specific transit MPLS packets are received by the PFE, these packets are internally forwarded to the RE. This issue is a prerequisite for CVE-2023-44195. This issue affects Juniper Networks Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO; * 21.1-EVO version 21.1R1-EVO and later; * 21.2-EVO versions prior to 21.2R3-S6-EVO; * 21.3-EVO version 21.3R1-EVO and later; * 21.4-EVO versions prior to 21.4R3-S3-EVO; * 22.1-EVO versions prior to 22.1R3-S4-EVO; * 22.2-EVO versions prior to 22.2R3-S3-EVO; * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-EVO; * 22.4-EVO versions prior to 22.4R2-EVO.

CVE ID : CVE-2023-44196
Source : sirt@juniper.net
CVSS Score : 6.5

References :
https://supportportal.juniper.net/JSA73162 | source : sirt@juniper.net

Vulnerability : CWE-754


Vulnerability ID : CVE-2023-44203

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600 allows a adjacent attacker to send specific traffic, which leads to packet flooding, resulting in a Denial of Service (DoS). When a specific IGMP packet is received in an isolated VLAN, it is duplicated to all other ports under the primary VLAN, which causes a flood. This issue affects QFX5000 series, EX2300, EX3400, EX4100, EX4400 and EX4600 platforms only. This issue affects Juniper Junos OS on on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S3; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S2; * 22.1 versions prior to 22.1R3; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R2.

CVE ID : CVE-2023-44203
Source : sirt@juniper.net
CVSS Score : 6.5

References :
https://supportportal.juniper.net/JSA73169 | source : sirt@juniper.net

Vulnerability : CWE-703


Vulnerability ID : CVE-2023-44204

First published on : 13-10-2023 00:15:13
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, the rpd crashes and restarts. This issue affects both eBGP and iBGP implementations. This issue affects: Juniper Networks Junos OS * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1, 23.2R2; Juniper Networks Junos OS Evolved * 21.4 versions prior to 21.4R3-S5-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 versions prior to 22.2R3-S3-EVO; * 22.3 versions prior to 22.3R2-S2-EVO; * 22.4 versions prior to 22.4R3-EVO; * 23.2 versions prior to 23.2R2-EVO;

CVE ID : CVE-2023-44204
Source : sirt@juniper.net
CVSS Score : 6.5

References :
https://supportportal.juniper.net/JSA73170 | source : sirt@juniper.net

Vulnerability : CWE-1286


Vulnerability ID : CVE-2023-44198

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks. If the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents this packet from being forwarded, but any subsequently received retransmissions of the same packet are forwarded as if they were valid. This issue affects Juniper Networks Junos OS on SRX Series and MX Series: * 20.4 versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S3; * 21.4 versions prior to 21.4R3-S2; * 22.1 versions prior to 22.1R2-S2, 22.1R3; * 22.2 versions prior to 22.2R2-S1, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2. This issue doesn't not affected releases prior to 20.4R1.

CVE ID : CVE-2023-44198
Source : sirt@juniper.net
CVSS Score : 5.8

References :
https://supportportal.juniper.net/JSA73164 | source : sirt@juniper.net

Vulnerability : CWE-754


Vulnerability ID : CVE-2023-44176

First published on : 13-10-2023 00:15:11
Last modified on : 13-10-2023 12:47:29

Description :
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3.

CVE ID : CVE-2023-44176
Source : sirt@juniper.net
CVSS Score : 5.5

References :
https://supportportal.juniper.net/JSA73140 | source : sirt@juniper.net

Vulnerability : CWE-121
Vulnerability : CWE-787


Vulnerability ID : CVE-2023-44177

First published on : 13-10-2023 00:15:11
Last modified on : 13-10-2023 12:47:39

Description :
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 20.4 versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R2. Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO; * 21.2 versions prior to 21.2R3-S6-EVO; * 21.3 versions prior to 21.3R3-S5-EVO; * 21.4 versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 versions prior to 22.2R3-S1-EVO; * 22.3 versions prior to 22.3R3-EVO; * 22.4 versions prior to 22.4R2-EVO.

CVE ID : CVE-2023-44177
Source : sirt@juniper.net
CVSS Score : 5.5

References :
https://supportportal.juniper.net/JSA73140 | source : sirt@juniper.net

Vulnerability : CWE-121
Vulnerability : CWE-787


Vulnerability ID : CVE-2023-44178

First published on : 13-10-2023 00:15:11
Last modified on : 13-10-2023 12:47:39

Description :
A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 20.4 versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1; * 23.2 versions prior to 23.2R2.

CVE ID : CVE-2023-44178
Source : sirt@juniper.net
CVSS Score : 5.5

References :
https://supportportal.juniper.net/JSA73140 | source : sirt@juniper.net

Vulnerability : CWE-121
Vulnerability : CWE-787


Vulnerability ID : CVE-2023-44193

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS). On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot. Continued execution of this specific LDP command can lead to sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS on MX Series: * All versions prior to 20.4R3-S7; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S1; * 22.2 versions prior to 22.2R2-S1, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2.

CVE ID : CVE-2023-44193
Source : sirt@juniper.net
CVSS Score : 5.5

References :
https://supportportal.juniper.net/JSA73157 | source : sirt@juniper.net

Vulnerability : CWE-401


Vulnerability ID : CVE-2023-44195

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in the NetworkStack agent daemon (nsagentd) of Juniper Networks Junos OS Evolved allows an unauthenticated network based attacker to cause limited impact to the availability of the system. If specific packets reach the Routing-Engine (RE) these will be processed normally even if firewall filters are in place which should have prevented this. This can lead to a limited, increased consumption of resources resulting in a Denial-of-Service (DoS), and unauthorized access. CVE-2023-44196 is a prerequisite for this issue. This issue affects Juniper Networks Junos OS Evolved: * 21.3-EVO versions prior to 21.3R3-S5-EVO; * 21.4-EVO versions prior to 21.4R3-S4-EVO; * 22.1-EVO version 22.1R1-EVO and later; * 22.2-EVO version 22.2R1-EVO and later; * 22.3-EVO versions prior to 22.3R2-S2-EVO, 22.3R3-S1-EVO; * 22.4-EVO versions prior to 22.4R3-EVO. This issue doesn't not affected Junos OS Evolved versions prior to 21.3R1-EVO.

CVE ID : CVE-2023-44195
Source : sirt@juniper.net
CVSS Score : 5.4

References :
https://supportportal.juniper.net/JSA73160 | source : sirt@juniper.net

Vulnerability : CWE-923


Vulnerability ID : CVE-2023-44201

First published on : 13-10-2023 00:15:12
Last modified on : 13-10-2023 12:47:39

Description :
An Incorrect Permission Assignment for Critical Resource vulnerability in a specific file of Juniper Networks Junos OS and Junos OS Evolved allows a local authenticated attacker to read configuration changes without having the permissions. When a user with the respective permissions commits a configuration change, a specific file is created. That file is readable even by users with no permissions to access the configuration. This can lead to privilege escalation as the user can read the password hash when a password change is being committed. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S4; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S2; * 21.3 versions prior to 21.3R2-S2, 21.3R3-S1; * 21.4 versions prior to 21.4R2-S1, 21.4R3. Juniper Networks Junos OS Evolved * All versions prior to 20.4R3-S4-EVO; * 21.1 versions prior to 21.1R3-S2-EVO; * 21.2 versions prior to 21.2R3-S2-EVO; * 21.3 versions prior to 21.3R3-S1-EVO; * 21.4 versions prior to 21.4R2-S2-EVO.

CVE ID : CVE-2023-44201
Source : sirt@juniper.net
CVSS Score : 5.0

References :
https://supprtportal.juniper.net/JSA73167 | source : sirt@juniper.net

Vulnerability : CWE-732


Source : patchstack.com

Vulnerability ID : CVE-2023-38000

First published on : 13-10-2023 10:15:09
Last modified on : 13-10-2023 12:47:20

Description :
Auth. Stored (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin <= 16.8.0 versions.

CVE ID : CVE-2023-38000
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/gutenberg/wordpress-gutenberg-plugin-16-8-0-contributor-stored-xss-in-navigation-links-block-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/wordpress/wordpress-core-6-3-2-contributor-stored-xss-in-navigation-links-block-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-45109

First published on : 13-10-2023 14:15:10
Last modified on : 13-10-2023 14:44:03

Description :
Cross-Site Request Forgery (CSRF) vulnerability in ZAKSTAN WhitePage plugin <= 1.1.5 versions.

CVE ID : CVE-2023-45109
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/white-page-publication/wordpress-whitepage-plugin-1-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-45269

First published on : 13-10-2023 16:15:12
Last modified on : 13-10-2023 21:31:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 2.0.23 versions.

CVE ID : CVE-2023-45269
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/cds-simple-seo/wordpress-simple-seo-plugin-2-0-23-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-45276

First published on : 13-10-2023 16:15:13
Last modified on : 13-10-2023 21:31:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in automatededitor.Com Automated Editor plugin <= 1.3 versions.

CVE ID : CVE-2023-45276
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/automated-editor/wordpress-automated-editor-plugin-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-39999

First published on : 13-10-2023 12:15:09
Last modified on : 13-10-2023 12:47:20

Description :
Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.

CVE ID : CVE-2023-39999
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-3-2-contributor-comment-read-on-private-and-password-protected-post-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-45107

First published on : 13-10-2023 13:15:11
Last modified on : 13-10-2023 13:46:47

Description :
Cross-Site Request Forgery (CSRF) vulnerability in GoodBarber plugin <= 1.0.22 versions.

CVE ID : CVE-2023-45107
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/goodbarber/wordpress-goodbarber-plugin-1-0-22-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-45108

First published on : 13-10-2023 13:15:11
Last modified on : 13-10-2023 13:46:47

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Mailrelay plugin <= 2.1.1 versions.

CVE ID : CVE-2023-45108
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/mailrelay/wordpress-mailrelay-plugin-2-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-45267

First published on : 13-10-2023 15:15:44
Last modified on : 13-10-2023 15:20:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Zizou1988 IRivYou plugin <= 2.2.1 versions.

CVE ID : CVE-2023-45267
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wooreviews-importer/wordpress-irivyou-add-reviews-from-aliexpress-and-amazon-to-woocommerce-plugin-2-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-45268

First published on : 13-10-2023 15:15:44
Last modified on : 13-10-2023 15:20:17

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Hitsteps Hitsteps Web Analytics plugin <= 5.86 versions.

CVE ID : CVE-2023-45268
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/hitsteps-visitor-manager/wordpress-hitsteps-web-analytics-plugin-5-85-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-45270

First published on : 13-10-2023 16:15:12
Last modified on : 13-10-2023 21:31:49

Description :
Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.4.0 versions.

CVE ID : CVE-2023-45270
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/booking-system/wordpress-pinpoint-booking-system-plugin-2-9-9-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Source : huntr.dev

Vulnerability ID : CVE-2023-5571

First published on : 13-10-2023 10:15:10
Last modified on : 13-10-2023 12:47:20

Description :
Improper Input Validation in GitHub repository vriteio/vrite prior to 0.3.0.

CVE ID : CVE-2023-5571
Source : security@huntr.dev
CVSS Score : 6.5

References :
https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23 | source : security@huntr.dev
https://huntr.dev/bounties/926ca25f-dd4a-40cf-8e6b-9d7b5938e95a | source : security@huntr.dev

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-5564

First published on : 13-10-2023 01:15:56
Last modified on : 13-10-2023 12:47:20

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1.

CVE ID : CVE-2023-5564
Source : security@huntr.dev
CVSS Score : 5.2

References :
https://github.com/froxlor/froxlor/commit/e8ed43056c1665522a586e3485da67f2bdf073aa | source : security@huntr.dev
https://huntr.dev/bounties/9254d8f3-a847-4ae8-8477-d2ce027cff5c | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5573

First published on : 13-10-2023 10:15:10
Last modified on : 13-10-2023 12:47:20

Description :
Allocation of Resources Without Limits or Throttling in GitHub repository vriteio/vrite prior to 0.3.0.

CVE ID : CVE-2023-5573
Source : security@huntr.dev
CVSS Score : 4.7

References :
https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23 | source : security@huntr.dev
https://huntr.dev/bounties/46a2bb2c-712a-4008-a147-b862e3af7d72 | source : security@huntr.dev

Vulnerability : CWE-770


Vulnerability ID : CVE-2023-4829

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.0.22.

CVE ID : CVE-2023-4829
Source : security@huntr.dev
CVSS Score : 4.3

References :
https://github.com/froxlor/froxlor/commit/4711a414360782fe4fc94f7c25027077cbcdf73d | source : security@huntr.dev
https://huntr.dev/bounties/babd73ca-6c80-4145-8c7d-33a883fe606b | source : security@huntr.dev

Vulnerability : CWE-79


Source : wordfence.com

Vulnerability ID : CVE-2023-4995

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
The Embed Calendly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'calendly' shortcode in versions up to, and including, 3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4995
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/embed-calendly-scheduling/tags/3.6/includes/embed.php#L140 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/d1bf83df-7a1f-4572-9c8d-1013750d51d7?source=cve | source : security@wordfence.com

Vulnerability : CWE-79


Source : redhat.com

Vulnerability ID : CVE-2023-42752

First published on : 13-10-2023 02:15:09
Last modified on : 13-10-2023 12:47:20

Description :
An integer overflow flaw was found in the Linux kernel. This issue leads to the kernel allocating `skb_shared_info` in the userspace, which is exploitable in systems without SMAP protection since `skb_shared_info` contains references to function pointers.

CVE ID : CVE-2023-42752
Source : secalert@redhat.com
CVSS Score : 5.5

References :
https://access.redhat.com/security/cve/CVE-2023-42752 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2239828 | source : secalert@redhat.com
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=915d975b2ffa | source : secalert@redhat.com
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=c3b704d4a4a2 | source : secalert@redhat.com


Source : github.com

Vulnerability ID : CVE-2023-39960

First published on : 13-10-2023 13:15:11
Last modified on : 13-10-2023 13:46:47

Description :
Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. In Nextcloud Server starting with 25.0.0 and prior to 25.09 and 26.04; as well as Nextcloud Enterprise Server starting with 22.0.0 and prior to 22.2.10.14, 23.0.12.9, 24.0.12.5, 25.0.9, and 26.0.4; missing protection allows an attacker to brute force passwords on the WebDAV API. Nextcloud Server 25.0.9 and 26.0.4 and Nextcloud Enterprise Server 22.2.10.14, 23.0.12.9, 24.0.12.5, 25.0.9, and 26.0.4 contain patches for this issue. No known workarounds are available.

CVE ID : CVE-2023-39960
Source : security-advisories@github.com
CVSS Score : 5.0

References :
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-2hrc-5fgp-c9c9 | source : security-advisories@github.com
https://github.com/nextcloud/server/pull/38046 | source : security-advisories@github.com
https://hackerone.com/reports/1924212 | source : security-advisories@github.com

Vulnerability : CWE-307


Source : us.ibm.com

Vulnerability ID : CVE-2023-40682

First published on : 13-10-2023 16:15:11
Last modified on : 13-10-2023 21:31:49

Description :
IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833.

CVE ID : CVE-2023-40682
Source : psirt@us.ibm.com
CVSS Score : 4.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/263833 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7051204 | source : psirt@us.ibm.com

Vulnerability : CWE-532


Source : microsoft.com

Vulnerability ID : CVE-2023-36559

First published on : 13-10-2023 21:15:51
Last modified on : 13-10-2023 21:31:49

Description :
Microsoft Edge (Chromium-based) Spoofing Vulnerability

CVE ID : CVE-2023-36559
Source : secure@microsoft.com
CVSS Score : 4.2

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36559 | source : secure@microsoft.com


(3) LOW VULNERABILITIES [0.1, 3.9]

Source : qnapsecurity.com.tw

Vulnerability ID : CVE-2023-32973

First published on : 13-10-2023 20:15:09
Last modified on : 13-10-2023 21:31:49

Description :
A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later

CVE ID : CVE-2023-32973
Source : security@qnapsecurity.com.tw
CVSS Score : 3.8

References :
https://www.qnap.com/en/security-advisory/qsa-23-41 | source : security@qnapsecurity.com.tw

Vulnerability : CWE-120
Vulnerability : CWE-121


Source : fortinet.com

Vulnerability ID : CVE-2023-41836

First published on : 13-10-2023 15:15:44
Last modified on : 13-10-2023 15:20:17

Description :
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 through 4.2.4, and 4.0.0 through 4.0.4 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.4 through 3.0.7 allows attacker to execute unauthorized code or commands via crafted HTTP requests.

CVE ID : CVE-2023-41836
Source : psirt@fortinet.com
CVSS Score : 3.5

References :
https://fortiguard.com/psirt/FG-IR-23-215 | source : psirt@fortinet.com


Source : huntr.dev

Vulnerability ID : CVE-2023-4517

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository hestiacp/hestiacp prior to 1.8.6.

CVE ID : CVE-2023-4517
Source : security@huntr.dev
CVSS Score : 3.2

References :
https://github.com/hestiacp/hestiacp/commit/d30e3edbca5915235643e46ab222cb7aed9b319a | source : security@huntr.dev
https://huntr.dev/bounties/508d1d21-c45d-47ff-833f-50c671882e51 | source : security@huntr.dev

Vulnerability : CWE-79


(12) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-45463

First published on : 13-10-2023 13:15:11
Last modified on : 13-10-2023 13:46:47

Description :
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the hostName parameter in the FUN_0040dabc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE ID : CVE-2023-45463
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/adhikara13/CVE/blob/main/netis_N3/buffer%20overflow%20in%20hostname%20parameter%20leads%20to%20DOS.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45464

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the servDomain parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE ID : CVE-2023-45464
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/adhikara13/CVE/blob/main/netis_N3/buffer%20overflow%20in%20servDomain%20parameter%20leads%20to%20DOS.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45465

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ddnsDomainName parameter in the Dynamic DNS settings.

CVE ID : CVE-2023-45465
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20ddnsDomainName%20parameter%20in%20Dynamic%20DNS%20setting.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45466

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the pin_host parameter in the WPS Settings.

CVE ID : CVE-2023-45466
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20pin_host%20parameter%20in%20wps%20setting.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45467

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the ntpServIP parameter in the Time Settings.

CVE ID : CVE-2023-45467
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/adhikara13/CVE/blob/main/netis_N3/blind%20command%20injection%20in%20ntpServIP%20parameter%20in%20Time%20Settings%20.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45468

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
Netis N3Mv2-V1.0.1.865 was discovered to contain a buffer overflow via the pingWdogIp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.

CVE ID : CVE-2023-45468
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/adhikara13/CVE/blob/main/netis_N3/buffer%20overflow%20in%20pingWdogIp%20parameter%20leads%20to%20DOS.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45391

First published on : 13-10-2023 14:15:10
Last modified on : 13-10-2023 14:44:03

Description :
A stored cross-site scripting (XSS) vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter.

CVE ID : CVE-2023-45391
Source : cve@mitre.org
CVSS Score : /

References :
https://the-it-wonders.blogspot.com/2023/10/granding-utime-master-stored-xss.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-45393

First published on : 13-10-2023 14:15:10
Last modified on : 13-10-2023 14:44:03

Description :
An indirect object reference (IDOR) in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie.

CVE ID : CVE-2023-45393
Source : cve@mitre.org
CVSS Score : /

References :
https://the-it-wonders.blogspot.com/2023/10/granding-utime-master-idor.html | source : cve@mitre.org


Source : devolutions.net

Vulnerability ID : CVE-2023-5240

First published on : 13-10-2023 13:15:12
Last modified on : 13-10-2023 13:46:47

Description :
Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request.

CVE ID : CVE-2023-5240
Source : security@devolutions.net
CVSS Score : /

References :
https://devolutions.net/security/advisories/DEVO-2023-0017 | source : security@devolutions.net


Source : hp.com

Vulnerability ID : CVE-2023-4499

First published on : 13-10-2023 17:15:09
Last modified on : 13-10-2023 21:31:49

Description :
A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.

CVE ID : CVE-2023-4499
Source : hp-security-alert@hp.com
CVSS Score : /

References :
https://support.hp.com/us-en/document/ish_9440593-9440618-16 | source : hp-security-alert@hp.com


Vulnerability ID : CVE-2023-5409

First published on : 13-10-2023 17:15:09
Last modified on : 13-10-2023 21:31:49

Description :
HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.

CVE ID : CVE-2023-5409
Source : hp-security-alert@hp.com
CVSS Score : /

References :
https://support.hp.com/us-en/document/ish_9441200-9441233-16 | source : hp-security-alert@hp.com


Vulnerability ID : CVE-2023-5449

First published on : 13-10-2023 17:15:09
Last modified on : 13-10-2023 21:31:49

Description :
A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitorโ€™s Theft Deterrence to be deactivated.

CVE ID : CVE-2023-5449
Source : hp-security-alert@hp.com
CVSS Score : /

References :
https://support.hp.com/us-en/document/ish_9438665-9438794-16 | source : hp-security-alert@hp.com


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.