Latest vulnerabilities of Saturday, October 14, 2023

Latest vulnerabilities of Saturday, October 14, 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 10/14/2023 at 11:58:02 PM

(0) CRITICAL VULNERABILITIES [9.0, 10.0]

(3) HIGH VULNERABILITIES [7.0, 8.9]

Source : github.com

Vulnerability ID : CVE-2023-45674

First published on : 14-10-2023 00:15:10
Last modified on : 14-10-2023 17:32:33

Description :
Farmbot-Web-App is a web control interface for the Farmbot farm automation platform. An SQL injection vulnerability was found in FarmBot's web app that allows authenticated attackers to extract arbitrary data from its database (including the user table). This issue may lead to Information Disclosure. This issue has been patched in version 15.8.4. Users are advised to upgrade. There are no known workarounds for this issue.

CVE ID : CVE-2023-45674
Source : security-advisories@github.com
CVSS Score : 7.7

References :
https://github.com/FarmBot/Farmbot-Web-App/security/advisories/GHSA-pgq5-ff74-g7xq | source : security-advisories@github.com

Vulnerability : CWE-89


Source : us.ibm.com

Vulnerability ID : CVE-2022-43740

First published on : 14-10-2023 16:15:10
Last modified on : 14-10-2023 17:32:28

Description :
IBM Security Verify Access OIDC Provider could allow a remote user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 238921.

CVE ID : CVE-2022-43740
Source : psirt@us.ibm.com
CVSS Score : 7.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/238921 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028513 | source : psirt@us.ibm.com

Vulnerability : CWE-400


Source : snyk.io

Vulnerability ID : CVE-2023-26155

First published on : 14-10-2023 05:15:55
Last modified on : 14-10-2023 17:32:33

Description :
All versions of the package node-qpdf are vulnerable to Command Injection such that the package-exported method encrypt() fails to sanitize its parameter input, which later flows into a sensitive command execution API. As a result, attackers may inject malicious commands once they can specify the input pdf file path.

CVE ID : CVE-2023-26155
Source : report@snyk.io
CVSS Score : 7.3

References :
https://github.com/nrhirani/node-qpdf/issues/23 | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-JS-NODEQPDF-5747918 | source : report@snyk.io


(11) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : us.ibm.com

Vulnerability ID : CVE-2022-33165

First published on : 14-10-2023 15:15:09
Last modified on : 14-10-2023 17:32:28

Description :
IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 228582.

CVE ID : CVE-2022-33165
Source : psirt@us.ibm.com
CVSS Score : 6.8

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/228582 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7047116 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7047428 | source : psirt@us.ibm.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-45176

First published on : 14-10-2023 16:15:10
Last modified on : 14-10-2023 17:32:28

Description :
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows. IBM X-Force ID: 247998.

CVE ID : CVE-2023-45176
Source : psirt@us.ibm.com
CVSS Score : 6.2

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/267998 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7051448 | source : psirt@us.ibm.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2022-32755

First published on : 14-10-2023 15:15:09
Last modified on : 14-10-2023 17:32:28

Description :
IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 228505.

CVE ID : CVE-2022-32755
Source : psirt@us.ibm.com
CVSS Score : 5.5

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/228505 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7047428 | source : psirt@us.ibm.com

Vulnerability : CWE-91


Vulnerability ID : CVE-2023-30994

First published on : 14-10-2023 17:15:09
Last modified on : 14-10-2023 17:32:28

Description :
IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138

CVE ID : CVE-2023-30994
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/254138 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7049133 | source : psirt@us.ibm.com

Vulnerability : CWE-327


Vulnerability ID : CVE-2023-40367

First published on : 14-10-2023 17:15:09
Last modified on : 14-10-2023 17:32:28

Description :
IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 263376.

CVE ID : CVE-2023-40367
Source : psirt@us.ibm.com
CVSS Score : 5.4

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/263376 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7049133 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2022-33161

First published on : 14-10-2023 15:15:09
Last modified on : 14-10-2023 17:32:28

Description :
IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. X-Force ID: 228569.

CVE ID : CVE-2022-33161
Source : psirt@us.ibm.com
CVSS Score : 5.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/228569 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7047116 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7047428 | source : psirt@us.ibm.com

Vulnerability : CWE-311


Vulnerability ID : CVE-2022-43868

First published on : 14-10-2023 16:15:10
Last modified on : 14-10-2023 17:32:28

Description :
IBM Security Verify Access OIDC Provider could disclose directory information that could aid attackers in further attacks against the system. IBM X-Force ID: 239445.

CVE ID : CVE-2022-43868
Source : psirt@us.ibm.com
CVSS Score : 5.3

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/239445 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7028513 | source : psirt@us.ibm.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-35024

First published on : 14-10-2023 16:15:10
Last modified on : 14-10-2023 17:32:28

Description :
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 258349.

CVE ID : CVE-2023-35024
Source : psirt@us.ibm.com
CVSS Score : 4.6

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/258349 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7047198 | source : psirt@us.ibm.com

Vulnerability : CWE-79


Source : vuldb.com

Vulnerability ID : CVE-2023-5580

First published on : 14-10-2023 12:15:10
Last modified on : 14-10-2023 17:32:28

Description :
A vulnerability classified as critical has been found in SourceCodester Library System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-242145 was assigned to this vulnerability.

CVE ID : CVE-2023-5580
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/GodRone/CVE/blob/main/SerBermz_SQL%20injection.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.242145 | source : cna@vuldb.com
https://vuldb.com/?id.242145 | source : cna@vuldb.com

Vulnerability : CWE-89


Source : mitre.org

Vulnerability ID : CVE-2023-30148

First published on : 14-10-2023 04:15:10
Last modified on : 14-10-2023 17:32:33

Description :
Multiple Stored Cross Site Scripting (XSS) vulnerabilities in Opart opartmultihtmlblock before version 2.0.12 and Opart multihtmlblock* version 1.0.0, allows remote authenticated users to inject arbitrary web script or HTML via the body_text or body_text_rude field in /sourcefiles/BlockhtmlClass.php and /sourcefiles/blockhtml.php.

CVE ID : CVE-2023-30148
Source : cve@mitre.org
CVSS Score : 6.1

References :
https://security.friendsofpresta.org/modules/2023/10/10/opartmultihtmlblock.html | source : cve@mitre.org


Source : wordfence.com

Vulnerability ID : CVE-2023-1259

First published on : 14-10-2023 12:15:09
Last modified on : 14-10-2023 17:32:28

Description :
The Hotjar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the hotjar_site_id in versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVE ID : CVE-2023-1259
Source : security@wordfence.com
CVSS Score : 4.4

References :
https://plugins.trac.wordpress.org/browser/hotjar/tags/1.0.14/includes/class-hotjar.php#L40 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/9c640bcb-b6bf-4865-b713-32ca846e4ed9?source=cve | source : security@wordfence.com

Vulnerability : CWE-79


(4) LOW VULNERABILITIES [0.1, 3.9]

Source : vuldb.com

Vulnerability ID : CVE-2023-5578

First published on : 14-10-2023 11:15:45
Last modified on : 14-10-2023 17:32:28

Description :
A vulnerability was found in Portรกbilis i-Educar up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file \intranet\agenda_imprimir.php of the component HTTP GET Request Handler. The manipulation of the argument cod_agenda with the input ");'> <script>alert(document.cookie)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-242143. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-5578
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.242143 | source : cna@vuldb.com
https://vuldb.com/?id.242143 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5579

First published on : 14-10-2023 12:15:10
Last modified on : 14-10-2023 17:32:28

Description :
A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /im/user/ of the component User Data Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-242144.

CVE ID : CVE-2023-5579
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/cojoben/Sendbox/blob/main/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.242144 | source : cna@vuldb.com
https://vuldb.com/?id.242144 | source : cna@vuldb.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-5581

First published on : 14-10-2023 13:15:09
Last modified on : 14-10-2023 17:32:28

Description :
A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-242146 is the identifier assigned to this vulnerability.

CVE ID : CVE-2023-5581
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/GodRone/MedicineTrackerSystem/blob/main/Medicine%20Tracker%20System_XSS.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.242146 | source : cna@vuldb.com
https://vuldb.com/?id.242146 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5582

First published on : 14-10-2023 14:15:10
Last modified on : 14-10-2023 17:32:28

Description :
A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue affects some unknown processing of the component Personal Profile Page. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-242147.

CVE ID : CVE-2023-5582
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/Jacky-Y/vuls/blob/main/vul8.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.242147 | source : cna@vuldb.com
https://vuldb.com/?id.242147 | source : cna@vuldb.com

Vulnerability : CWE-80


(12) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-45852

First published on : 14-10-2023 02:15:09
Last modified on : 14-10-2023 17:32:33

Description :
In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.

CVE ID : CVE-2023-45852
Source : cve@mitre.org
CVSS Score : /

References :
https://connectivity.viessmann.com/gb/mp-fp/vitogate/vitogate-300-bn-mb.html | source : cve@mitre.org
https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45853

First published on : 14-10-2023 02:15:09
Last modified on : 14-10-2023 17:32:33

Description :
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.

CVE ID : CVE-2023-45853
Source : cve@mitre.org
CVSS Score : /

References :
https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356 | source : cve@mitre.org
https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61 | source : cve@mitre.org
https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4 | source : cve@mitre.org
https://github.com/madler/zlib/pull/843 | source : cve@mitre.org
https://www.winimage.com/zLibDll/minizip.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-30154

First published on : 14-10-2023 04:15:11
Last modified on : 14-10-2023 17:32:33

Description :
Multiple improper neutralization of SQL parameters in module AfterMail (aftermailpresta) for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection attacks via `id_customer`, `id_conf`, `id_product` and `token` parameters in `aftermailajax.php via the 'id_product' parameter in hooks DisplayRightColumnProduct and DisplayProductButtons.

CVE ID : CVE-2023-30154
Source : cve@mitre.org
CVSS Score : /

References :
https://security.friendsofpresta.org/modules/2023/10/10/aftermailpresta.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-44037

First published on : 14-10-2023 05:15:55
Last modified on : 14-10-2023 17:32:33

Description :
An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows a remote attacker to obtain sensitive information via the TACACS+ server component.

CVE ID : CVE-2023-44037
Source : cve@mitre.org
CVSS Score : /

References :
https://psirt.zpesystems.com/portal/en/kb/articles/security-advisory-zpe-ng-2023-002 | source : cve@mitre.org


Vulnerability ID : CVE-2023-45855

First published on : 14-10-2023 05:15:55
Last modified on : 14-10-2023 17:32:33

Description :
qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI.

CVE ID : CVE-2023-45855
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/SunshineOtaku/Report-CVE/blob/main/qdPM/9.2/Directory%20Traversal.md | source : cve@mitre.org
https://qdpm.net | source : cve@mitre.org


Vulnerability ID : CVE-2023-45856

First published on : 14-10-2023 05:15:55
Last modified on : 14-10-2023 17:32:28

Description :
qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI.

CVE ID : CVE-2023-45856
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/SunshineOtaku/Report-CVE/blob/main/qdPM/9.2/RCE.md | source : cve@mitre.org
https://qdpm.net | source : cve@mitre.org


Vulnerability ID : CVE-2023-45862

First published on : 14-10-2023 21:15:45
Last modified on : 14-10-2023 21:15:45

Description :
An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation.

CVE ID : CVE-2023-45862
Source : cve@mitre.org
CVSS Score : /

References :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.5 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ce33e64c1788912976b61314b56935abd4bc97ef | source : cve@mitre.org


Vulnerability ID : CVE-2023-45863

First published on : 14-10-2023 21:15:45
Last modified on : 14-10-2023 21:15:45

Description :
An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that results in a fill_kobj_path out-of-bounds write.

CVE ID : CVE-2023-45863
Source : cve@mitre.org
CVSS Score : /

References :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.2.3 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=3bb2a01caa813d3a1845d378bbe4169ef280d394 | source : cve@mitre.org


Source : apache.org

Vulnerability ID : CVE-2023-42663

First published on : 14-10-2023 10:15:09
Last modified on : 14-10-2023 17:32:28

Description :
Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

CVE ID : CVE-2023-42663
Source : security@apache.org
CVSS Score : /

References :
https://github.com/apache/airflow/pull/34315 | source : security@apache.org
https://lists.apache.org/thread/xj86cvfkxgd0cyqfmz6mh1bsfc61c6o9 | source : security@apache.org

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-42780

First published on : 14-10-2023 10:15:10
Last modified on : 14-10-2023 17:32:28

Description :
Apache Airflow, versions prior to 2.7.2, contains a security vulnerability that allows authenticated users of Airflow to list warnings for all DAGs, even if the user had no permission to see those DAGs. It would reveal the dag_ids and the stack-traces of import errors for those DAGs with import errors. Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

CVE ID : CVE-2023-42780
Source : security@apache.org
CVSS Score : /

References :
https://github.com/apache/airflow/pull/34355 | source : security@apache.org
https://lists.apache.org/thread/h5tvsvov8j55wojt5sojdprs05oby34d | source : security@apache.org

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-42792

First published on : 14-10-2023 10:15:10
Last modified on : 14-10-2023 17:32:28

Description :
Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. Users of Apache Airflow are strongly advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

CVE ID : CVE-2023-42792
Source : security@apache.org
CVSS Score : /

References :
https://github.com/apache/airflow/pull/34366 | source : security@apache.org
https://lists.apache.org/thread/1spbo9nkn49fc2hnxqm9tf6mgqwp9tjq | source : security@apache.org

Vulnerability : CWE-668


Vulnerability ID : CVE-2023-45348

First published on : 14-10-2023 10:15:10
Last modified on : 14-10-2023 17:32:28

Description :
Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the "expose_config" option is set to "non-sensitive-only". The `expose_config` option is False by default. It is recommended to upgrade to a version that is not affected.

CVE ID : CVE-2023-45348
Source : security@apache.org
CVSS Score : /

References :
https://github.com/apache/airflow/pull/34712 | source : security@apache.org
https://lists.apache.org/thread/sy4l5d6tn58hr8r61r2fkt1f0qock9z9 | source : security@apache.org

Vulnerability : CWE-200


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.