Latest vulnerabilities of Tuesday, November 7, 2023

Latest vulnerabilities of Tuesday, November 7, 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 11/07/2023 at 11:57:02 PM

(32) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : hackerone.com

Vulnerability ID : CVE-2023-38547

First published on : 07-11-2023 07:15:07
Last modified on : 07-11-2023 12:14:36

Description :
A vulnerability in Veeam ONE allows an unauthenticated user to gain information about the SQL server connection Veeam ONE uses to access its configuration database. This may lead to remote code execution on the SQL server hosting the Veeam ONE configuration database.

CVE ID : CVE-2023-38547
Source : support@hackerone.com
CVSS Score : 9.9

References :
https://www.veeam.com/kb4508 | source : support@hackerone.com


Vulnerability ID : CVE-2023-38548

First published on : 07-11-2023 07:15:08
Last modified on : 07-11-2023 12:14:36

Description :
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service.

CVE ID : CVE-2023-38548
Source : support@hackerone.com
CVSS Score : 9.8

References :
https://www.veeam.com/kb4508 | source : support@hackerone.com


Source : github.com

Vulnerability ID : CVE-2023-46243

First published on : 07-11-2023 20:15:08
Last modified on : 07-11-2023 21:36:29

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to execute any content with the right of an existing document's content author, provided the user have edit right on it. A crafted URL of the form ` /xwiki/bin/edit//?content=%7B%7Bgroovy%7D%7Dprintln%28%22Hello+from+Groovy%21%22%29%7B%7B%2Fgroovy%7D%7D&xpage=view` can be used to execute arbitrary groovy code on the server. This vulnerability has been patched in XWiki versions 14.10.6 and 15.2RC1. Users are advised to update. There are no known workarounds for this issue.

CVE ID : CVE-2023-46243
Source : security-advisories@github.com
CVSS Score : 9.9

References :
https://github.com/xwiki/xwiki-platform/commit/a0e6ca083b36be6f183b9af33ae735c1e02010f4 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g2qq-c5j9-5w5w | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20385 | source : security-advisories@github.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2023-46242

First published on : 07-11-2023 19:15:10
Last modified on : 07-11-2023 21:36:33

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible to execute a content with the right of any user via a crafted URL. A user must have `programming` privileges in order to exploit this vulnerability. This issue has been patched in XWiki 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for for this vulnerability.

CVE ID : CVE-2023-46242
Source : security-advisories@github.com
CVSS Score : 9.6

References :
https://github.com/xwiki/xwiki-platform/commit/cf8eb861998ea423c3645d2e5e974420b0e882be | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-hgpw-6p4h-j6h5 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20386 | source : security-advisories@github.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2023-46244

First published on : 07-11-2023 19:15:10
Last modified on : 07-11-2023 21:36:33

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions it's possible for a user to write a script in which any velocity content is executed with the right of any other document content author. Since this API require programming right and the user does not have it, the expected result is `$doc.document.authors.contentAuthor` (not executed script), unfortunately with the security vulnerability it is possible for the attacker to get `XWiki.superadmin` which shows that the title was executed with the right of the unmodified document. This has been patched in XWiki versions 14.10.7 and 15.2RC1. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-46244
Source : security-advisories@github.com
CVSS Score : 9.1

References :
https://github.com/xwiki/xwiki-platform/commit/11a9170dfe63e59f4066db67f84dbfce4ed619c6 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/commit/41d7dca2d30084966ca6a7ee537f39ee8354a7e3 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rmxw-c48h-2vf5 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20624 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20625 | source : security-advisories@github.com

Vulnerability : CWE-863


Vulnerability ID : CVE-2023-46253

First published on : 07-11-2023 19:15:12
Last modified on : 07-11-2023 21:36:33

Description :
Squidex is an open source headless CMS and content management hub. Affected versions are subject to an arbitrary file write vulnerability in the backup restore feature which allows an authenticated attacker to gain remote code execution (RCE). Squidex allows users with the `squidex.admin.restore` permission to create and restore backups. Part of these backups are the assets uploaded to an App. For each asset, the backup zip archive contains a `.asset` file with the actual content of the asset as well as a related `AssetCreatedEventV2` event, which is stored in a JSON file. Amongst other things, the JSON file contains the event type (`AssetCreatedEventV2`), the ID of the asset (`46c05041-9588-4179-b5eb-ddfcd9463e1e`), its filename (`test.txt`), and its file version (`0`). When a backup with this event is restored, the `BackupAssets.ReadAssetAsync` method is responsible for re-creating the asset. For this purpose, it determines the name of the `.asset` file in the zip archive, reads its content, and stores the content in the filestore. When the asset is stored in the filestore via the UploadAsync method, the assetId and fileVersion are passed as arguments. These are further passed to the method GetFileName, which determines the filename where the asset should be stored. The assetId is inserted into the filename without any sanitization and an attacker with squidex.admin.restore privileges to run arbitrary operating system commands on the underlying server (RCE).

CVE ID : CVE-2023-46253
Source : security-advisories@github.com
CVSS Score : 9.1

References :
https://github.com/Squidex/squidex/security/advisories/GHSA-phqq-8g7v-3pg5 | source : security-advisories@github.com

Vulnerability : CWE-22


Source : qualcomm.com

Vulnerability ID : CVE-2023-22388

First published on : 07-11-2023 06:15:08
Last modified on : 07-11-2023 12:14:36

Description :
Memory Corruption in Multi-mode Call Processor while processing bit mask API.

CVE ID : CVE-2023-22388
Source : product-security@qualcomm.com
CVSS Score : 9.8

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33045

First published on : 07-11-2023 06:15:10
Last modified on : 07-11-2023 12:14:36

Description :
Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

CVE ID : CVE-2023-33045
Source : product-security@qualcomm.com
CVSS Score : 9.8

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-21671

First published on : 07-11-2023 06:15:08
Last modified on : 07-11-2023 12:14:36

Description :
Memory Corruption in Core during syscall for Sectools Fuse comparison feature.

CVE ID : CVE-2023-21671
Source : product-security@qualcomm.com
CVSS Score : 9.3

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28574

First published on : 07-11-2023 06:15:10
Last modified on : 07-11-2023 12:14:36

Description :
Memory corruption in core services when Diag handler receives a command to configure event listeners.

CVE ID : CVE-2023-28574
Source : product-security@qualcomm.com
CVSS Score : 9.0

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Source : fluidattacks.com

Vulnerability ID : CVE-2023-46676

First published on : 07-11-2023 21:15:09
Last modified on : 07-11-2023 21:36:29

Description :
Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46676
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/netrebko | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46677

First published on : 07-11-2023 21:15:10
Last modified on : 07-11-2023 21:36:29

Description :
Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46677
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/netrebko | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46678

First published on : 07-11-2023 21:15:10
Last modified on : 07-11-2023 21:36:29

Description :
Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_upass' parameter of the sign-up.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46678
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/netrebko | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46679

First published on : 07-11-2023 21:15:11
Last modified on : 07-11-2023 21:36:29

Description :
Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_uname_email' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46679
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/netrebko | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46680

First published on : 07-11-2023 21:15:11
Last modified on : 07-11-2023 21:36:29

Description :
Online Job Portal v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'txt_password' parameter of the index.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46680
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/netrebko | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46785

First published on : 07-11-2023 21:15:12
Last modified on : 07-11-2023 21:36:29

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the partner_preference.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46785
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46786

First published on : 07-11-2023 21:15:13
Last modified on : 07-11-2023 21:36:29

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'password' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46786
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46787

First published on : 07-11-2023 21:15:13
Last modified on : 07-11-2023 21:36:29

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'username' parameter of the auth/auth.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46787
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46788

First published on : 07-11-2023 21:15:13
Last modified on : 07-11-2023 21:36:29

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter in the 'uploadphoto()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46788
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46789

First published on : 07-11-2023 21:15:13
Last modified on : 07-11-2023 21:36:29

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic1' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46789
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46790

First published on : 07-11-2023 21:15:13
Last modified on : 07-11-2023 21:36:29

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic2' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46790
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46792

First published on : 07-11-2023 22:15:11
Last modified on : 07-11-2023 22:15:11

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'filename' attribute of the 'pic4' multipart parameter of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46792
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46793

First published on : 07-11-2023 22:15:12
Last modified on : 07-11-2023 22:15:12

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'day' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46793
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46794

First published on : 07-11-2023 22:15:12
Last modified on : 07-11-2023 22:15:12

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'email' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46794
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46795

First published on : 07-11-2023 22:15:13
Last modified on : 07-11-2023 22:15:13

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'gender' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46795
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46796

First published on : 07-11-2023 22:15:13
Last modified on : 07-11-2023 22:15:13

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'month' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46796
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46797

First published on : 07-11-2023 22:15:13
Last modified on : 07-11-2023 22:15:13

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'name' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46797
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46798

First published on : 07-11-2023 22:15:13
Last modified on : 07-11-2023 22:15:13

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'pass' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46798
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46799

First published on : 07-11-2023 22:15:13
Last modified on : 07-11-2023 22:15:13

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'year' parameter in the 'register()' function of the functions.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46799
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-46800

First published on : 07-11-2023 22:15:14
Last modified on : 07-11-2023 22:15:14

Description :
Online Matrimonial Project v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'id' parameter of the view_profile.php resource does not validate the characters received and they are sent unfiltered to the database.

CVE ID : CVE-2023-46800
Source : help@fluidattacks.com
CVSS Score : 9.8

References :
https://fluidattacks.com/advisories/ros | source : help@fluidattacks.com
https://projectworlds.in | source : help@fluidattacks.com

Vulnerability : CWE-89


Source : arm.com

Vulnerability ID : CVE-2023-4295

First published on : 07-11-2023 16:15:29
Last modified on : 07-11-2023 16:17:59

Description :
A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory.

CVE ID : CVE-2023-4295
Source : arm-security@arm.com
CVSS Score : 9.3

References :
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | source : arm-security@arm.com

Vulnerability : CWE-190
Vulnerability : CWE-416


Source : progress.com

Vulnerability ID : CVE-2023-42659

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
In WS_FTP Server versions prior to 8.7.6 and 8.8.4, an unrestricted file upload flaw has been identified. An authenticated Ad Hoc Transfer user has the ability to craft an API call which allows them to upload a file to a specified location on the underlying operating system hosting the WS_FTP Server application.

CVE ID : CVE-2023-42659
Source : security@progress.com
CVSS Score : 9.1

References :
https://community.progress.com/s/article/WS-FTP-Server-Service-Pack-November-2023 | source : security@progress.com
https://www.progress.com/ws_ftp | source : security@progress.com

Vulnerability : CWE-434


(18) HIGH VULNERABILITIES [7.0, 8.9]

Source : wordfence.com

Vulnerability ID : CVE-2023-5709

First published on : 07-11-2023 12:15:13
Last modified on : 07-11-2023 13:58:18

Description :
The WD WidgetTwitter plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 1.0.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers with contributor-level and above permissions to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

CVE ID : CVE-2023-5709
Source : security@wordfence.com
CVSS Score : 8.8

References :
https://plugins.trac.wordpress.org/browser/widget-twitter/trunk/twitter.php?rev=2212825#L161 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/86cdbfec-b1af-48ec-ae70-f97768694e44?source=cve | source : security@wordfence.com


Source : qualcomm.com

Vulnerability ID : CVE-2023-24852

First published on : 07-11-2023 06:15:08
Last modified on : 07-11-2023 12:14:36

Description :
Memory Corruption in Core due to secure memory access by user while loading modem image.

CVE ID : CVE-2023-24852
Source : product-security@qualcomm.com
CVSS Score : 8.4

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33074

First published on : 07-11-2023 06:15:11
Last modified on : 07-11-2023 12:14:36

Description :
Memory corruption in Audio when SSR event is triggered after music playback is stopped.

CVE ID : CVE-2023-33074
Source : product-security@qualcomm.com
CVSS Score : 8.4

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28545

First published on : 07-11-2023 06:15:08
Last modified on : 07-11-2023 12:14:36

Description :
Memory corruption in TZ Secure OS while loading an app ELF.

CVE ID : CVE-2023-28545
Source : product-security@qualcomm.com
CVSS Score : 8.2

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33031

First published on : 07-11-2023 06:15:10
Last modified on : 07-11-2023 12:14:36

Description :
Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

CVE ID : CVE-2023-33031
Source : product-security@qualcomm.com
CVSS Score : 7.8

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33055

First published on : 07-11-2023 06:15:11
Last modified on : 07-11-2023 12:14:36

Description :
Memory Corruption in Audio while invoking callback function in driver from ADSP.

CVE ID : CVE-2023-33055
Source : product-security@qualcomm.com
CVSS Score : 7.8

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33059

First published on : 07-11-2023 06:15:11
Last modified on : 07-11-2023 12:14:36

Description :
Memory corruption in Audio while processing the VOC packet data from ADSP.

CVE ID : CVE-2023-33059
Source : product-security@qualcomm.com
CVSS Score : 7.8

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33047

First published on : 07-11-2023 06:15:10
Last modified on : 07-11-2023 12:14:36

Description :
Transient DOS in WLAN Firmware while parsing no-inherit IES.

CVE ID : CVE-2023-33047
Source : product-security@qualcomm.com
CVSS Score : 7.5

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33048

First published on : 07-11-2023 06:15:11
Last modified on : 07-11-2023 12:14:36

Description :
Transient DOS in WLAN Firmware while parsing t2lm buffers.

CVE ID : CVE-2023-33048
Source : product-security@qualcomm.com
CVSS Score : 7.5

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33056

First published on : 07-11-2023 06:15:11
Last modified on : 07-11-2023 12:14:36

Description :
Transient DOS in WLAN Firmware when firmware receives beacon including T2LM IE.

CVE ID : CVE-2023-33056
Source : product-security@qualcomm.com
CVSS Score : 7.5

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33061

First published on : 07-11-2023 06:15:11
Last modified on : 07-11-2023 12:14:36

Description :
Transient DOS in WLAN Firmware while parsing WLAN beacon or probe-response frame.

CVE ID : CVE-2023-33061
Source : product-security@qualcomm.com
CVSS Score : 7.5

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28556

First published on : 07-11-2023 06:15:09
Last modified on : 07-11-2023 12:14:36

Description :
Cryptographic issue in HLOS during key management.

CVE ID : CVE-2023-28556
Source : product-security@qualcomm.com
CVSS Score : 7.1

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Source : samsung.com

Vulnerability ID : CVE-2023-42535

First published on : 07-11-2023 08:15:17
Last modified on : 07-11-2023 12:14:36

Description :
Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

CVE ID : CVE-2023-42535
Source : mobile.security@samsung.com
CVSS Score : 8.4

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Source : arm.com

Vulnerability ID : CVE-2023-3889

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
A local non-privileged user can make improper GPU memory processing operations. If the operations are carefully prepared, then they could be used to gain access to already freed memory.

CVE ID : CVE-2023-3889
Source : arm-security@arm.com
CVSS Score : 8.1

References :
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | source : arm-security@arm.com

Vulnerability : CWE-119
Vulnerability : CWE-667


Source : github.com

Vulnerability ID : CVE-2023-41036

First published on : 07-11-2023 04:20:50
Last modified on : 07-11-2023 12:14:36

Description :
Macvim is a text editor for MacOS. Prior to version 178, Macvim makes use of an insecure interprocess communication (IPC) mechanism which could lead to a privilege escalation. Distributed objects are a concept introduced by Apple which allow one program to vend an interface to another program. What is not made clear in the documentation is that this service can vend this interface to any other program on the machine. The impact of exploitation is a privilege escalation to root - this is likely to affect anyone who is not careful about the software they download and use MacVim to edit files that would require root privileges. Version 178 contains a fix for this issue.

CVE ID : CVE-2023-41036
Source : security-advisories@github.com
CVSS Score : 7.8

References :
https://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMAppController.h#L28 | source : security-advisories@github.com
https://github.com/macvim-dev/macvim/commit/399b43e9e1dbf656a1780e87344f4d3c875e4cda | source : security-advisories@github.com
https://github.com/macvim-dev/macvim/security/advisories/GHSA-9jgj-jfwg-99fv | source : security-advisories@github.com
ttps://github.com/macvim-dev/macvim/blob/d9de087dddadbfd82fcb5dc9734380a2f829bd0a/src/MacVim/MMBackend.h | source : security-advisories@github.com

Vulnerability : CWE-269


Vulnerability ID : CVE-2023-46730

First published on : 07-11-2023 18:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Group-Office is an enterprise CRM and groupware tool. In affected versions there is full Server-Side Request Forgery (SSRF) vulnerability in the /api/upload.php endpoint. The /api/upload.php endpoint does not filter URLs which allows a malicious user to cause the server to make resource requests to untrusted domains. Note that protocols like file:// can also be used to access the server disk. The request result (on success) can then be retrieved using /api/download.php. This issue has been addressed in versions 6.8.15, 6.7.54, and 6.6.177. Users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2023-46730
Source : security-advisories@github.com
CVSS Score : 7.4

References :
https://github.com/Intermesh/groupoffice/commit/99205535e8cec6592fd7f1469837926f27c72d50 | source : security-advisories@github.com
https://github.com/Intermesh/groupoffice/security/advisories/GHSA-vw6c-h82w-mvfv | source : security-advisories@github.com

Vulnerability : CWE-918


Source : 8a9629cb-c5e7-4d2a-a894-111e8039b7ea

Vulnerability ID : CVE-2023-5179

First published on : 07-11-2023 16:15:29
Last modified on : 07-11-2023 16:17:59

Description :
An issue was discovered in Open Design Alliance Drawings SDK before 2024.10. A corrupted value for the start of MiniFat sector in a crafted DGN file leads to an out-of-bounds read. This can allow attackers to cause a crash, potentially enabling a denial-of-service attack (Crash, Exit, or Restart) or possible code execution.

CVE ID : CVE-2023-5179
Source : 8a9629cb-c5e7-4d2a-a894-111e8039b7ea
CVSS Score : 7.8

References :
https://www.opendesign.com/security-advisories | source : 8a9629cb-c5e7-4d2a-a894-111e8039b7ea

Vulnerability : CWE-125


Source : redhat.com

Vulnerability ID : CVE-2023-4154

First published on : 07-11-2023 20:15:08
Last modified on : 07-11-2023 21:36:29

Description :
A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allows RODCs and users possessing the GET_CHANGES right to access all attributes, including sensitive secrets and passwords. Even in a default setup, RODC DC accounts, which should only replicate some passwords, can gain access to all domain secrets, including the vital krbtgt, effectively eliminating the RODC / DC distinction. Furthermore, the vulnerability fails to account for error conditions (fail open), like out-of-memory situations, potentially granting access to secret attributes, even under low-privileged attacker influence.

CVE ID : CVE-2023-4154
Source : secalert@redhat.com
CVSS Score : 7.5

References :
https://access.redhat.com/security/cve/CVE-2023-4154 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2241883 | source : secalert@redhat.com
https://bugzilla.samba.org/show_bug.cgi?id=15424 | source : secalert@redhat.com
https://www.samba.org/samba/security/CVE-2023-4154.html | source : secalert@redhat.com

Vulnerability : CWE-200


(70) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : github.com

Vulnerability ID : CVE-2023-46252

First published on : 07-11-2023 19:15:11
Last modified on : 07-11-2023 21:36:33

Description :
Squidex is an open source headless CMS and content management hub. Affected versions are missing origin verification in a postMessage handler which introduces a Cross-Site Scripting (XSS) vulnerability. The editor-sdk.js file defines three different class-like functions, which employ a global message event listener: SquidexSidebar, SquidexWidget, and SquidexFormField. The registered event listener takes some action based on the type of the received message. For example, when the SquidexFormField receives a message with the type valueChanged, the value property is updated. The SquidexFormField class is for example used in the editor-editorjs.html file, which can be accessed via the public wwwroot folder. It uses the onValueChanged method to register a callback function, which passes the value provided from the message event to the editor.render. Passing an attacker-controlled value to this function introduces a Cross-Site Scripting (XSS) vulnerability.

CVE ID : CVE-2023-46252
Source : security-advisories@github.com
CVSS Score : 6.8

References :
https://github.com/Squidex/squidex/security/advisories/GHSA-7q4f-fprr-5jw8 | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-46744

First published on : 07-11-2023 18:15:09
Last modified on : 07-11-2023 19:07:44

Description :
Squidex is an open source headless CMS and content management hub. In affected versions a stored Cross-Site Scripting (XSS) vulnerability enables privilege escalation of authenticated users. The SVG element filtering mechanism intended to stop XSS attacks through uploaded SVG images, is insufficient resulting to stored XSS attacks. Squidex allows the CMS contributors to be granted the permission of uploading an SVG asset. When the asset is uploaded, a filtering mechanism is performed to validate that the SVG does not contain malicious code. The validation logic consists of traversing the HTML nodes in the DOM. In order for the validation to succeed, 2 conditions must be met: 1. No HTML tags included in a "blacklist" called "InvalidSvgElements" are present. This list only contains the element "script". and 2. No attributes of HTML tags begin with "on" (i.e. onerror, onclick) (line 65). If either of the 2 conditions is not satisfied, validation fails and the file/asset is not uploaded. However it is possible to bypass the above filtering mechanism and execute arbitrary JavaScript code by introducing other HTML elements such as an <iframe> element with a "src" attribute containing a "javascript:" value. Authenticated adversaries with the "assets.create" permission, can leverage this vulnerability to upload a malicious SVG as an asset, targeting any registered user that will attempt to open/view the asset through the Squidex CMS.

CVE ID : CVE-2023-46744
Source : security-advisories@github.com
CVSS Score : 5.4

References :
https://github.com/Squidex/squidex/security/advisories/GHSA-xfr4-qg2v-7v5m | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-38509

First published on : 07-11-2023 04:17:20
Last modified on : 07-11-2023 12:14:36

Description :
XWiki Platform is a generic wiki platform. In org.xwiki.platform:xwiki-platform-livetable-ui starting with version 3.5-milestone-1 and prior to versions 14.10.9 and 15.3-rc-1, the mail obfuscation configuration was not fully taken into account and is was still possible by obfuscated emails. This has been patched in XWiki 14.10.9 and XWiki 15.3-rc-1. A workaround is to modify the page `XWiki.LiveTableResultsMacros` following the patch.

CVE ID : CVE-2023-38509
Source : security-advisories@github.com
CVSS Score : 4.3

References :
https://github.com/xwiki/xwiki-platform/commit/1dfb6804d4d412794cbe0098d4972b8ac263df0c | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-g9w4-prf3-m25g | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-20601 | source : security-advisories@github.com
ttps://github.com/xwiki/xwiki-platform/commit/1dfb6804d4d412794cbe0098d4972b8ac263df0 | source : security-advisories@github.com

Vulnerability : CWE-402


Source : puppet.com

Vulnerability ID : CVE-2023-5309

First published on : 07-11-2023 19:15:12
Last modified on : 07-11-2023 21:36:29

Description :
Versions of Puppet Enterprise prior to 2021.7.6 and 2023.5 contain a flaw which results in broken session management for SAML implementations.

CVE ID : CVE-2023-5309
Source : security@puppet.com
CVSS Score : 6.8

References :
https://www.puppet.com/security/cve/cve-2023-5309-broken-session-management-puppet-enterprise | source : security@puppet.com

Vulnerability : CWE-384


Source : qualcomm.com

Vulnerability ID : CVE-2023-28570

First published on : 07-11-2023 06:15:10
Last modified on : 07-11-2023 12:14:36

Description :
Memory corruption while processing audio effects.

CVE ID : CVE-2023-28570
Source : product-security@qualcomm.com
CVSS Score : 6.7

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28572

First published on : 07-11-2023 06:15:10
Last modified on : 07-11-2023 12:14:36

Description :
Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

CVE ID : CVE-2023-28572
Source : product-security@qualcomm.com
CVSS Score : 6.6

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28553

First published on : 07-11-2023 06:15:08
Last modified on : 07-11-2023 12:14:36

Description :
Information Disclosure in WLAN Host when processing WMI event command.

CVE ID : CVE-2023-28553
Source : product-security@qualcomm.com
CVSS Score : 6.1

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28554

First published on : 07-11-2023 06:15:09
Last modified on : 07-11-2023 12:14:36

Description :
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.

CVE ID : CVE-2023-28554
Source : product-security@qualcomm.com
CVSS Score : 6.1

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28563

First published on : 07-11-2023 06:15:09
Last modified on : 07-11-2023 12:14:36

Description :
Information disclosure in IOE Firmware while handling WMI command.

CVE ID : CVE-2023-28563
Source : product-security@qualcomm.com
CVSS Score : 6.1

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28566

First published on : 07-11-2023 06:15:09
Last modified on : 07-11-2023 12:14:36

Description :
Information disclosure in WLAN HAL while handling the WMI state info command.

CVE ID : CVE-2023-28566
Source : product-security@qualcomm.com
CVSS Score : 6.1

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28568

First published on : 07-11-2023 06:15:09
Last modified on : 07-11-2023 12:14:36

Description :
Information disclosure in WLAN HAL when reception status handler is called.

CVE ID : CVE-2023-28568
Source : product-security@qualcomm.com
CVSS Score : 6.1

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28569

First published on : 07-11-2023 06:15:10
Last modified on : 07-11-2023 12:14:36

Description :
Information disclosure in WLAN HAL while handling command through WMI interfaces.

CVE ID : CVE-2023-28569
Source : product-security@qualcomm.com
CVSS Score : 6.1

References :
https://www.qualcomm.com/company/product-security/bulletins/november-2023-bulletin | source : product-security@qualcomm.com


Source : samsung.com

Vulnerability ID : CVE-2023-30739

First published on : 07-11-2023 08:15:10
Last modified on : 07-11-2023 12:14:36

Description :
Arbitrary File Descriptor Write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

CVE ID : CVE-2023-30739
Source : mobile.security@samsung.com
CVSS Score : 6.7

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42528

First published on : 07-11-2023 08:15:13
Last modified on : 07-11-2023 12:14:36

Description :
Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code.

CVE ID : CVE-2023-42528
Source : mobile.security@samsung.com
CVSS Score : 6.7

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42529

First published on : 07-11-2023 08:15:13
Last modified on : 07-11-2023 12:14:36

Description :
Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code.

CVE ID : CVE-2023-42529
Source : mobile.security@samsung.com
CVSS Score : 6.7

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42530

First published on : 07-11-2023 08:15:14
Last modified on : 07-11-2023 12:14:36

Description :
Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction.

CVE ID : CVE-2023-42530
Source : mobile.security@samsung.com
CVSS Score : 6.7

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42533

First published on : 07-11-2023 08:15:16
Last modified on : 07-11-2023 12:14:36

Description :
Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physical attacker to execute arbitrary code in Kernel.

CVE ID : CVE-2023-42533
Source : mobile.security@samsung.com
CVSS Score : 6.6

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42534

First published on : 07-11-2023 08:15:17
Last modified on : 07-11-2023 12:14:36

Description :
Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows local attackers to read arbitrary files with system privilege.

CVE ID : CVE-2023-42534
Source : mobile.security@samsung.com
CVSS Score : 6.3

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42555

First published on : 07-11-2023 08:15:23
Last modified on : 07-11-2023 12:14:36

Description :
Use of implicit intent for sensitive communication vulnerability in EasySetup prior to version 11.1.13 allows attackers to get the bluetooth address of user device.

CVE ID : CVE-2023-42555
Source : mobile.security@samsung.com
CVSS Score : 6.3

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42531

First published on : 07-11-2023 08:15:15
Last modified on : 07-11-2023 12:14:36

Description :
Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows attacker to bypass restrictions on starting activities from the background.

CVE ID : CVE-2023-42531
Source : mobile.security@samsung.com
CVSS Score : 6.2

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42543

First published on : 07-11-2023 08:15:20
Last modified on : 07-11-2023 12:14:36

Description :
Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version 3.3.35.12 allows attackers to access arbitrary data with Bixby Voice privilege.

CVE ID : CVE-2023-42543
Source : mobile.security@samsung.com
CVSS Score : 6.2

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42532

First published on : 07-11-2023 08:15:15
Last modified on : 07-11-2023 12:14:36

Description :
Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information.

CVE ID : CVE-2023-42532
Source : mobile.security@samsung.com
CVSS Score : 5.9

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42536

First published on : 07-11-2023 08:15:18
Last modified on : 07-11-2023 12:14:36

Description :
An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows attacker to cause out-of-bounds read and write.

CVE ID : CVE-2023-42536
Source : mobile.security@samsung.com
CVSS Score : 5.9

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42537

First published on : 07-11-2023 08:15:18
Last modified on : 07-11-2023 12:14:36

Description :
An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows attacker to cause out-of-bounds read and write.

CVE ID : CVE-2023-42537
Source : mobile.security@samsung.com
CVSS Score : 5.9

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42538

First published on : 07-11-2023 08:15:19
Last modified on : 07-11-2023 12:14:36

Description :
An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows attacker to cause out-of-bounds read and write.

CVE ID : CVE-2023-42538
Source : mobile.security@samsung.com
CVSS Score : 5.9

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42527

First published on : 07-11-2023 08:15:12
Last modified on : 07-11-2023 12:14:36

Description :
Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information.

CVE ID : CVE-2023-42527
Source : mobile.security@samsung.com
CVSS Score : 5.6

References :
https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42544

First published on : 07-11-2023 08:15:20
Last modified on : 07-11-2023 12:14:36

Description :
Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to access local files.

CVE ID : CVE-2023-42544
Source : mobile.security@samsung.com
CVSS Score : 5.5

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42545

First published on : 07-11-2023 08:15:21
Last modified on : 07-11-2023 12:14:36

Description :
Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.12 in Android 11, 13.1.48, 13.5.28 in Android 12, and 14.7.38 in Android 13 allows attackers to access location data.

CVE ID : CVE-2023-42545
Source : mobile.security@samsung.com
CVSS Score : 5.5

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42546

First published on : 07-11-2023 08:15:21
Last modified on : 07-11-2023 12:14:36

Description :
Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVE ID : CVE-2023-42546
Source : mobile.security@samsung.com
CVSS Score : 5.5

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42547

First published on : 07-11-2023 08:15:21
Last modified on : 07-11-2023 12:14:36

Description :
Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVE ID : CVE-2023-42547
Source : mobile.security@samsung.com
CVSS Score : 5.5

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42548

First published on : 07-11-2023 08:15:21
Last modified on : 07-11-2023 12:14:36

Description :
Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVE ID : CVE-2023-42548
Source : mobile.security@samsung.com
CVSS Score : 5.5

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42549

First published on : 07-11-2023 08:15:22
Last modified on : 07-11-2023 12:14:36

Description :
Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVE ID : CVE-2023-42549
Source : mobile.security@samsung.com
CVSS Score : 5.5

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42550

First published on : 07-11-2023 08:15:22
Last modified on : 07-11-2023 12:14:36

Description :
Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVE ID : CVE-2023-42550
Source : mobile.security@samsung.com
CVSS Score : 5.5

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42551

First published on : 07-11-2023 08:15:22
Last modified on : 07-11-2023 12:14:36

Description :
Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CVE ID : CVE-2023-42551
Source : mobile.security@samsung.com
CVSS Score : 5.5

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42554

First published on : 07-11-2023 08:15:23
Last modified on : 07-11-2023 12:14:36

Description :
Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical attackers to bypass authentication.

CVE ID : CVE-2023-42554
Source : mobile.security@samsung.com
CVSS Score : 5.4

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42539

First published on : 07-11-2023 08:15:19
Last modified on : 07-11-2023 12:14:36

Description :
PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to version 6.25 allows local attackers to access data.

CVE ID : CVE-2023-42539
Source : mobile.security@samsung.com
CVSS Score : 4.7

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42552

First published on : 07-11-2023 08:15:23
Last modified on : 07-11-2023 12:14:36

Description :
Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 in Android 12 and 14.1.00.7 in Android 13 allows 3rd party application to tamper the database of Firewall.

CVE ID : CVE-2023-42552
Source : mobile.security@samsung.com
CVSS Score : 4.4

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42540

First published on : 07-11-2023 08:15:19
Last modified on : 07-11-2023 12:14:36

Description :
Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers to access sensitive information via implicit intent.

CVE ID : CVE-2023-42540
Source : mobile.security@samsung.com
CVSS Score : 4.0

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42541

First published on : 07-11-2023 08:15:19
Last modified on : 07-11-2023 12:14:36

Description :
Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows attacker to access unique id.

CVE ID : CVE-2023-42541
Source : mobile.security@samsung.com
CVSS Score : 4.0

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Vulnerability ID : CVE-2023-42553

First published on : 07-11-2023 08:15:23
Last modified on : 07-11-2023 12:14:36

Description :
Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4 allows attackers to read sandbox data of email.

CVE ID : CVE-2023-42553
Source : mobile.security@samsung.com
CVSS Score : 4.0

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Source : microsoft.com

Vulnerability ID : CVE-2023-36409

First published on : 07-11-2023 00:15:07
Last modified on : 07-11-2023 12:14:36

Description :
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

CVE ID : CVE-2023-36409
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36409 | source : secure@microsoft.com


Source : redhat.com

Vulnerability ID : CVE-2023-4956

First published on : 07-11-2023 20:15:08
Last modified on : 07-11-2023 21:36:29

Description :
A flaw was found in Quay. Clickjacking is when an attacker uses multiple transparent or opaque layers to trick a user into clicking on a button or link on another page when they intend to click on the top-level page. During the pentest, it has been detected that the config-editor page is vulnerable to clickjacking. This flaw allows an attacker to trick an administrator user into clicking on buttons on the config-editor panel, possibly reconfiguring some parts of the Quay instance.

CVE ID : CVE-2023-4956
Source : secalert@redhat.com
CVSS Score : 6.5

References :
https://access.redhat.com/security/cve/CVE-2023-4956 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2238886 | source : secalert@redhat.com

Vulnerability : CWE-451


Source : wordfence.com

Vulnerability ID : CVE-2023-5076

First published on : 07-11-2023 08:15:24
Last modified on : 07-11-2023 12:14:36

Description :
The Ziteboard Online Whiteboard plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'ziteboard' shortcode in versions up to, and including, 2.9.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5076
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/changeset/2988896/ziteboard-online-whiteboard | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/f5608f50-e17a-471f-b644-dceb64d82f0c?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5507

First published on : 07-11-2023 11:15:11
Last modified on : 07-11-2023 12:14:36

Description :
The ImageMapper plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'imagemap' shortcode in versions up to, and including, 1.2.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5507
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/imagemapper/tags/1.2.6/imagemapper.php#L402 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/a6e687e9-6ffe-4457-8d57-3c03f657eb74?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5658

First published on : 07-11-2023 11:15:11
Last modified on : 07-11-2023 12:14:36

Description :
The WP MapIt plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_mapit' shortcode in all versions up to, and including, 2.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5658
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/wp-mapit/tags/2.7.1/wp_mapit/classes/class.wp_mapit_map.php#L235 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/7ef6f598-e1a7-4036-9485-1aad0416349a?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5743

First published on : 07-11-2023 11:15:11
Last modified on : 07-11-2023 12:14:36

Description :
The Telephone Number Linker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'telnumlink' shortcode in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5743
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/telephone-number-linker/tags/1.2/telnumlinker.php#L34 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/telephone-number-linker/tags/1.2/telnumlinker.php#L36 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/06424d9f-0064-4101-b819-688489a18eee?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-4842

First published on : 07-11-2023 12:15:12
Last modified on : 07-11-2023 13:58:18

Description :
The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4842
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.1/lib/buttons-panel/SWP_Buttons_Panel_Trait.php#L304 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/social-warfare/tags/4.4.1/lib/buttons-panel/SWP_Buttons_Panel_Trait.php#L877 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2982662/social-warfare#file0 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/8f5b9aff-0833-4887-ae59-df5bc88c7f91?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-4888

First published on : 07-11-2023 12:15:12
Last modified on : 07-11-2023 13:58:18

Description :
The Simple Like Page Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sfp-page-plugin' shortcode in versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-4888
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/simple-facebook-plugin/trunk/views/view-page-plugin.php?rev=2083359#L37 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/simple-facebook-plugin/trunk/views/view-page-plugin.php?rev=2083359#L38 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/simple-facebook-plugin/trunk/views/view-page-plugin.php?rev=2083359#L39 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2988694/simple-facebook-plugin#file17 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/f81df26f-4390-4626-8539-367a52f8a027?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5567

First published on : 07-11-2023 12:15:12
Last modified on : 07-11-2023 13:58:18

Description :
The QR Code Tag plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'qrcodetag' shortcode in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5567
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/qr-code-tag/trunk/lib/qrct/QrctWp.php?rev=1705525#L369 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/be004002-a3ac-46e9-b0c1-258f05f97b2a?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5577

First published on : 07-11-2023 12:15:12
Last modified on : 07-11-2023 13:58:18

Description :
The Bitly's plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wpbitly' shortcode in all versions up to, and including, 2.7.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5577
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/wp-bitly/trunk/includes/class-wp-bitly-shortlink.php?rev=2767772#L238 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/31522e54-f260-46d0-8d57-2d46af7d3450?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5659

First published on : 07-11-2023 12:15:13
Last modified on : 07-11-2023 13:58:18

Description :
The Interact: Embed A Quiz On Your Site plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'interact-quiz' shortcode in all versions up to, and including, 3.0.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5659
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/interact-quiz-embed/tags/3.0.7/interact-quiz-embed.php#L53 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/69ba1a39-ddb0-4661-8104-d8bb71710e0c?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5660

First published on : 07-11-2023 12:15:13
Last modified on : 07-11-2023 13:58:18

Description :
The SendPress Newsletters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.22.3.31 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5660
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/sendpress/tags/1.22.3.31/classes/sc/class-sendpress-sc-unsubscribe-form.php#L57 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/cbce42a0-29a7-40df-973c-1fe7338f6c94?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5661

First published on : 07-11-2023 12:15:13
Last modified on : 07-11-2023 13:58:18

Description :
The Social Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'socialfeed' shortcode in all versions up to, and including, 1.5.4.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with author-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5661
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/add-facebook/tags/1.5.4.6/public/templates/default/template.php#L417 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/8b145772-624e-4af0-9156-03c483bf8381?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5669

First published on : 07-11-2023 12:15:13
Last modified on : 07-11-2023 13:58:18

Description :
The Featured Image Caption plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode and post meta in all versions up to, and including, 0.8.10 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5669
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/featured-image-caption/trunk/classes/MetaBox.php?rev=2300545#L91 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/featured-image-caption/trunk/classes/MetaBox.php?rev=2300545#L92 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/0c43a88c-6374-414f-97ae-26ba15d75cdc?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5703

First published on : 07-11-2023 12:15:13
Last modified on : 07-11-2023 13:58:18

Description :
The Gift Up Gift Cards for WordPress and WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'giftup' shortcode in all versions up to, and including, 2.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5703
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/gift-up/tags/2.20.1/view/giftup-checkout.php#L46 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/gift-up/tags/2.20.1/view/giftup-checkout.php#L48 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/2989802/gift-up#file3 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/4e498706-3dbe-4c48-9c0d-0d90677aba0d?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5532

First published on : 07-11-2023 11:15:11
Last modified on : 07-11-2023 12:14:36

Description :
The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.6. This is due to missing or incorrect nonce validation on the 'imgmap_save_area_title' function. This makes it possible for unauthenticated attackers to update the post title and inject malicious JavaScript via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2023-5532
Source : security@wordfence.com
CVSS Score : 6.1

References :
https://plugins.trac.wordpress.org/browser/imagemapper/tags/1.2.6/imagemapper.php#L894 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/bbb67f02-87e8-4ca3-8a9d-6663a700ab5b?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5506

First published on : 07-11-2023 11:15:11
Last modified on : 07-11-2023 12:14:36

Description :
The ImageMapper plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'imgmap_delete_area_ajax' function in versions up to, and including, 1.2.6. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary posts and pages.

CVE ID : CVE-2023-5506
Source : security@wordfence.com
CVSS Score : 5.4

References :
https://plugins.trac.wordpress.org/browser/imagemapper/tags/1.2.6/imagemapper.php#L748 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/31dff395-c3ce-4ebe-8d38-5243fc4510d6?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5982

First published on : 07-11-2023 21:15:14
Last modified on : 07-11-2023 21:36:29

Description :
The UpdraftPlus: WordPress Backup & Migration Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.23.10. This is due to a lack of nonce validation and insufficient validation of the instance_id on the 'updraftmethod-googledrive-auth' action used to update Google Drive remote storage location. This makes it possible for unauthenticated attackers to modify the Google Drive location that backups are sent to via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This can make it possible for attackers to receive backups for a site which may contain sensitive information.

CVE ID : CVE-2023-5982
Source : security@wordfence.com
CVSS Score : 5.4

References :
https://plugins.trac.wordpress.org/changeset/2989669/updraftplus/tags/1.23.11/class-updraftplus.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/e1be11c5-0a44-4816-b6bf-d330cb51dbf3?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5819

First published on : 07-11-2023 20:15:09
Last modified on : 07-11-2023 21:36:29

Description :
The Amazonify plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 0.8.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. However, please note that this can also be combined with CVE-2023-5818 for CSRF to XSS.

CVE ID : CVE-2023-5819
Source : security@wordfence.com
CVSS Score : 4.4

References :
https://plugins.trac.wordpress.org/browser/amazonify/trunk/amazonify.php#L142 | source : security@wordfence.com
https://wordpress.org/plugins/amazonify/ | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/41adfb58-d79f-40a3-8a7e-f3f08f64659f?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5975

First published on : 07-11-2023 11:15:12
Last modified on : 07-11-2023 12:14:36

Description :
The ImageMapper plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.2.6. This is due to missing or incorrect nonce validation on multiple functions. This makes it possible for unauthenticated attackers to update the plugin settings via a forged request, granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2023-5975
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://plugins.trac.wordpress.org/browser/imagemapper/tags/1.2.6/imagemapper.php#L904 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/imagemapper/tags/1.2.6/imagemapper.php#L916 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/imagemapper/tags/1.2.6/imagemapper.php#L939 | source : security@wordfence.com
https://plugins.trac.wordpress.org/browser/imagemapper/tags/1.2.6/imagemapper.php#L958 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/a128018b-f19b-4b18-a53c-cf1310d3d0e7?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-5818

First published on : 07-11-2023 20:15:09
Last modified on : 07-11-2023 21:36:29

Description :
The Amazonify plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.8.1. This is due to missing or incorrect nonce validation on the amazonifyOptionsPage() function. This makes it possible for unauthenticated attackers to update the plugins settings, including the Amazon Tracking ID, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2023-5818
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://plugins.trac.wordpress.org/browser/amazonify/trunk/amazonify.php#L142 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/33f3c466-bdeb-402f-bf34-bc703f35e1e2?source=cve | source : security@wordfence.com


Source : huntr.dev

Vulnerability ID : CVE-2023-2675

First published on : 07-11-2023 04:13:06
Last modified on : 07-11-2023 12:14:36

Description :
Improper Restriction of Excessive Authentication Attempts in GitHub repository linagora/twake prior to 2023.Q1.1223.

CVE ID : CVE-2023-2675
Source : security@huntr.dev
CVSS Score : 5.5

References :
https://github.com/linagora/twake/commit/0770da3b184b5d5e71fee8251a5847a04c7cb9bc | source : security@huntr.dev
https://huntr.dev/bounties/474d3b39-1882-4d2c-b8f7-ff9f68f14cee | source : security@huntr.dev

Vulnerability : CWE-307


Vulnerability ID : CVE-2023-5976

First published on : 07-11-2023 04:24:37
Last modified on : 07-11-2023 12:14:36

Description :
Improper Access Control in GitHub repository microweber/microweber prior to 2.0.

CVE ID : CVE-2023-5976
Source : security@huntr.dev
CVSS Score : 4.6

References :
https://github.com/microweber/microweber/commit/bc537ebe235bf9924c6557a46114f5f9557cd16a | source : security@huntr.dev
https://huntr.com/bounties/2004e4a9-c5f6-406a-89b0-571f808882fa | source : security@huntr.dev

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-5902

First published on : 07-11-2023 04:24:32
Last modified on : 07-11-2023 12:14:36

Description :
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5902
Source : security@huntr.dev
CVSS Score : 4.3

References :
https://github.com/pkp/pkp-lib/commit/2d04e770d2bbbdd899fdec382fbf2a1d4a4ffec8 | source : security@huntr.dev
https://huntr.com/bounties/8b93c7bf-5052-424a-85cc-7e5491c61f20 | source : security@huntr.dev

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-5998

First published on : 07-11-2023 19:15:12
Last modified on : 07-11-2023 21:36:29

Description :
Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3.0-DEV.

CVE ID : CVE-2023-5998
Source : security@huntr.dev
CVSS Score : 4.0

References :
https://github.com/gpac/gpac/commit/db74835944548fc3bdf03121b0e012373bdebb3e | source : security@huntr.dev
https://huntr.com/bounties/ea02a231-b688-422b-a881-ef415bcf6113 | source : security@huntr.dev

Vulnerability : CWE-125


Source : zyxel.com.tw

Vulnerability ID : CVE-2023-35140

First published on : 07-11-2023 05:15:12
Last modified on : 07-11-2023 12:14:36

Description :
The improper privilege management vulnerability in the Zyxel GS1900-24EP switch firmware version V2.70(ABTO.5) could allow an authenticated local user with read-only access to modify system settings on a vulnerable device.

CVE ID : CVE-2023-35140
Source : security@zyxel.com.tw
CVSS Score : 5.5

References :
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-improper-privilege-management-vulnerability-in-gs1900-series-switches | source : security@zyxel.com.tw

Vulnerability : CWE-269


Source : hq.dhs.gov

Vulnerability ID : CVE-2023-0898

First published on : 07-11-2023 17:15:09
Last modified on : 07-11-2023 19:07:44

Description :
General Electric MiCOM S1 Agile is vulnerable to an attacker achieving code execution by placing malicious DLL files in the directory of the application.

CVE ID : CVE-2023-0898
Source : ics-cert@hq.dhs.gov
CVSS Score : 5.3

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-23-311-23 | source : ics-cert@hq.dhs.gov

Vulnerability : CWE-427


Source : hackerone.com

Vulnerability ID : CVE-2023-38549

First published on : 07-11-2023 07:15:09
Last modified on : 07-11-2023 12:14:36

Description :
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service. Note: The criticality of this vulnerability is reduced as it requires interaction by a user with the Veeam ONE Administrator role.

CVE ID : CVE-2023-38549
Source : support@hackerone.com
CVSS Score : 4.5

References :
https://www.veeam.com/kb4508 | source : support@hackerone.com


Vulnerability ID : CVE-2023-41723

First published on : 07-11-2023 07:15:10
Last modified on : 07-11-2023 12:14:36

Description :
A vulnerability in Veeam ONE allows a user with the Veeam ONE Read-Only User role to view the Dashboard Schedule. Note: The criticality of this vulnerability is reduced because the user with the Read-Only role is only able to view the schedule and cannot make changes.

CVE ID : CVE-2023-41723
Source : support@hackerone.com
CVSS Score : 4.3

References :
https://www.veeam.com/kb4508 | source : support@hackerone.com


Source : mongodb.com

Vulnerability ID : CVE-2023-0436

First published on : 07-11-2023 12:15:08
Last modified on : 07-11-2023 13:58:18

Description :
The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. This issue affects MongoDB Atlas Kubernetes Operator versions: 1.5.0, 1.6.0, 1.6.1, 1.7.0. Please note that this is reported on an EOL version of the product, and users are advised to upgrade to the latest supported version. Required Configuration: DEBUG logging is not enabled by default, and must be configured by the end-user. To check the log-level of the Operator, review the flags passed in your deployment configuration (eg. https://github.com/mongodb/mongodb-atlas-kubernetes/blob/main/config/manager/manager.yaml#L27 https://github.com/mongodb/mongodb-atlas-kubernetes/blob/main/config/manager/manager.yaml#L27 )

CVE ID : CVE-2023-0436
Source : cna@mongodb.com
CVSS Score : 4.5

References :
https://github.com/mongodb/mongodb-atlas-kubernetes/releases/tag/v1.7.1 | source : cna@mongodb.com

Vulnerability : CWE-532


(9) LOW VULNERABILITIES [0.1, 3.9]

Source : huntr.dev

Vulnerability ID : CVE-2023-5900

First published on : 07-11-2023 04:24:31
Last modified on : 07-11-2023 12:14:36

Description :
Missing Authorization in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5900
Source : security@huntr.dev
CVSS Score : 3.5

References :
https://github.com/pkp/pkp-lib/commit/4d77a00be9050fac7eb8d2d1cbedcdaaa1a5a803 | source : security@huntr.dev
https://huntr.com/bounties/c3f011d4-9f76-4b2b-b3d4-a5e2ecd2e354 | source : security@huntr.dev

Vulnerability : CWE-862


Vulnerability ID : CVE-2023-5901

First published on : 07-11-2023 04:24:31
Last modified on : 07-11-2023 12:14:36

Description :
Unrestricted Upload of File with Dangerous Type in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5901
Source : security@huntr.dev
CVSS Score : 3.5

References :
https://github.com/pkp/pkp-lib/commit/44d8bde60eb2575fd4087b76540aec9b49389e23 | source : security@huntr.dev
https://huntr.com/bounties/8fb9b06b-cadd-469e-862d-5ce026019597 | source : security@huntr.dev

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-5903

First published on : 07-11-2023 04:24:32
Last modified on : 07-11-2023 12:14:36

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5903
Source : security@huntr.dev
CVSS Score : 2.7

References :
https://github.com/pkp/pkp-lib/commit/8b26ee404af3b11803a40e904f985f0a0b215a5c | source : security@huntr.dev
https://huntr.com/bounties/5c147ff8-3cc4-4f21-9f1c-13fd50957dad | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5904

First published on : 07-11-2023 04:24:32
Last modified on : 07-11-2023 12:14:36

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5904
Source : security@huntr.dev
CVSS Score : 2.7

References :
https://github.com/pkp/pkp-lib/commit/aa5c6acb634fbe460765facb2dc26df4b0d7424b | source : security@huntr.dev
https://huntr.com/bounties/4df6bce6-dbe3-48e4-9830-e95cdc5138b6 | source : security@huntr.dev

Vulnerability : CWE-79


Source : vuldb.com

Vulnerability ID : CVE-2019-25156

First published on : 07-11-2023 06:15:07
Last modified on : 07-11-2023 12:14:36

Description :
A vulnerability classified as problematic was found in dstar2018 Agency up to 61. Affected by this vulnerability is an unknown functionality of the file search.php. The manipulation of the argument QSType/QuickSearch leads to cross site scripting. The attack can be launched remotely. The patch is named 975b56953efabb434519d9feefcc53685fb8d0ab. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-244495.

CVE ID : CVE-2019-25156
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/dstar2018/agency-code-repo/commit/975b56953efabb434519d9feefcc53685fb8d0ab | source : cna@vuldb.com
https://vuldb.com/?ctiid.244495 | source : cna@vuldb.com
https://vuldb.com/?id.244495 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2021-4431

First published on : 07-11-2023 11:15:10
Last modified on : 07-11-2023 12:14:36

Description :
A vulnerability classified as problematic has been found in msyk FMDataAPI up to 22. Affected is an unknown function of the file FMDataAPI_Sample.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 23 is able to address this issue. The patch is identified as 3bd1709a8f7b1720529bf5dfc9855ad609f436cf. It is recommended to upgrade the affected component. VDB-244494 is the identifier assigned to this vulnerability.

CVE ID : CVE-2021-4431
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/msyk/FMDataAPI/commit/3bd1709a8f7b1720529bf5dfc9855ad609f436cf | source : cna@vuldb.com
https://github.com/msyk/FMDataAPI/pull/54 | source : cna@vuldb.com
https://github.com/msyk/FMDataAPI/releases/tag/23 | source : cna@vuldb.com
https://vuldb.com/?ctiid.244494 | source : cna@vuldb.com
https://vuldb.com/?id.244494 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : synology.com

Vulnerability ID : CVE-2023-5748

First published on : 07-11-2023 04:24:19
Last modified on : 07-11-2023 12:14:36

Description :
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology SSL VPN Client before 1.4.7-0687 allows local users to conduct denial-of-service attacks via unspecified vectors.

CVE ID : CVE-2023-5748
Source : security@synology.com
CVSS Score : 3.3

References :
https://www.synology.com/en-global/security/advisory/Synology_SA_23_12 | source : security@synology.com


Source : samsung.com

Vulnerability ID : CVE-2023-42542

First published on : 07-11-2023 08:15:20
Last modified on : 07-11-2023 12:14:36

Description :
Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID to identify the device.

CVE ID : CVE-2023-42542
Source : mobile.security@samsung.com
CVSS Score : 3.3

References :
https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=11 | source : mobile.security@samsung.com


Source : github.com

Vulnerability ID : CVE-2023-46737

First published on : 07-11-2023 18:15:09
Last modified on : 07-11-2023 19:07:44

Description :
Cosign is a sigstore signing tool for OCI containers. Cosign is susceptible to a denial of service by an attacker controlled registry. An attacker who controls a remote registry can return a high number of attestations and/or signatures to Cosign and cause Cosign to enter a long loop resulting in an endless data attack. The root cause is that Cosign loops through all attestations fetched from the remote registry in pkg/cosign.FetchAttestations. The attacker needs to compromise the registry or make a request to a registry they control. When doing so, the attacker must return a high number of attestations in the response to Cosign. The result will be that the attacker can cause Cosign to go into a long or infinite loop that will prevent other users from verifying their data. In Kyvernos case, an attacker whose privileges are limited to making requests to the cluster can make a request with an image reference to their own registry, trigger the infinite loop and deny other users from completing their admission requests. Alternatively, the attacker can obtain control of the registry used by an organization and return a high number of attestations instead the expected number of attestations. The issue can be mitigated rather simply by setting a limit to the limit of attestations that Cosign will loop through. The limit does not need to be high to be within the vast majority of use cases and still prevent the endless data attack. This issue has been patched in version 2.2.1 and users are advised to upgrade.

CVE ID : CVE-2023-46737
Source : security-advisories@github.com
CVSS Score : 3.1

References :
https://github.com/sigstore/cosign/commit/8ac891ff0e29ddc67965423bee8f826219c6eb0f | source : security-advisories@github.com
https://github.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9 | source : security-advisories@github.com

Vulnerability : CWE-400


(54) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2019-25155

First published on : 07-11-2023 03:09:22
Last modified on : 07-11-2023 12:14:36

Description :
DOMPurify before 1.0.11 allows reverse tabnabbing in demos/hooks-target-blank-demo.html because links lack a 'rel="noopener noreferrer"' attribute.

CVE ID : CVE-2019-25155
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cure53/DOMPurify/compare/1.0.10...1.0.11 | source : cve@mitre.org
https://github.com/cure53/DOMPurify/pull/337/files | source : cve@mitre.org


Vulnerability ID : CVE-2023-40453

First published on : 07-11-2023 04:20:15
Last modified on : 07-11-2023 12:14:36

Description :
Docker Machine through 0.16.2 allows an attacker, who has control of a worker node, to provide crafted version data, which might potentially trick an administrator into performing an unsafe action (via escape sequence injection), or might have a data size that causes a denial of service to a bastion node. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

CVE ID : CVE-2023-40453
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/docker/machine/releases | source : cve@mitre.org
https://hackerone.com/reports/1916285 | source : cve@mitre.org
https://vin01.github.io/piptagole/docker/security/gitlab/docker-machine/2023/07/07/docker-machine-attack-surface.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-46998

First published on : 07-11-2023 05:15:13
Last modified on : 07-11-2023 12:14:36

Description :
Cross Site Scripting vulnerability in BootBox Bootbox.js v.3.2 through 6.0 allows a remote attacker to execute arbitrary code via a crafted payload to alert(), confirm(), prompt() functions.

CVE ID : CVE-2023-46998
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/bootboxjs/bootbox/issues/661 | source : cve@mitre.org
https://github.com/soy-oreocato/CVE-2023-46998/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-47102

First published on : 07-11-2023 06:15:12
Last modified on : 07-11-2023 12:14:36

Description :
UrBackup Server 2.5.31 allows brute-force enumeration of user accounts because a failure message confirms that a username is not valid.

CVE ID : CVE-2023-47102
Source : cve@mitre.org
CVSS Score : /

References :
https://quantiano.github.io/cve-2023-47102/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-42283

First published on : 07-11-2023 08:15:12
Last modified on : 07-11-2023 12:14:36

Description :
Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query.

CVE ID : CVE-2023-42283
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/andreysanyuk/CVE-2023-42283 | source : cve@mitre.org


Vulnerability ID : CVE-2023-42284

First published on : 07-11-2023 08:15:12
Last modified on : 07-11-2023 12:14:36

Description :
Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access and dump the database via a crafted SQL query.

CVE ID : CVE-2023-42284
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/andreysanyuk/CVE-2023-42284 | source : cve@mitre.org


Vulnerability ID : CVE-2023-43885

First published on : 07-11-2023 08:15:24
Last modified on : 07-11-2023 12:14:36

Description :
Missing error handling in the HTTP server component of Tenda RX9 Pro Firmware V22.03.02.20 allows authenticated attackers to arbitrarily lock the device.

CVE ID : CVE-2023-43885
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.rtlcopymemory.com/tenda-rx9-pro/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-43886

First published on : 07-11-2023 08:15:24
Last modified on : 07-11-2023 12:14:36

Description :
A buffer overflow in the HTTP server component of Tenda RX9 Pro v22.03.02.20 might allow an authenticated attacker to overwrite memory.

CVE ID : CVE-2023-43886
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.rtlcopymemory.com/tenda-rx9-pro/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-33478

First published on : 07-11-2023 15:15:10
Last modified on : 07-11-2023 15:47:19

Description :
RemoteClinic 2.0 has a SQL injection vulnerability in the ID parameter of /medicines/stocks.php.

CVE ID : CVE-2023-33478
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/remoteclinic/RemoteClinic/issues/22 | source : cve@mitre.org


Vulnerability ID : CVE-2023-33479

First published on : 07-11-2023 15:15:10
Last modified on : 07-11-2023 15:47:19

Description :
RemoteClinic version 2.0 contains a SQL injection vulnerability in the /staff/edit.php file.

CVE ID : CVE-2023-33479
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/remoteclinic/RemoteClinic/issues/23 | source : cve@mitre.org


Vulnerability ID : CVE-2023-33480

First published on : 07-11-2023 15:15:10
Last modified on : 07-11-2023 15:47:19

Description :
RemoteClinic 2.0 contains a critical vulnerability chain that can be exploited by a remote attacker with low-privileged user credentials to create admin users, escalate privileges, and execute arbitrary code on the target system via a PHP shell. The vulnerabilities are caused by a lack of input validation and access control in the staff/register.php endpoint and the edit-my-profile.php page. By sending a series of specially crafted requests to the RemoteClinic application, an attacker can create admin users with more privileges than their own, upload a PHP file containing arbitrary code, and execute arbitrary commands via the PHP shell.

CVE ID : CVE-2023-33480
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/remoteclinic/RemoteClinic/issues/24 | source : cve@mitre.org


Vulnerability ID : CVE-2023-33481

First published on : 07-11-2023 15:15:10
Last modified on : 07-11-2023 15:47:19

Description :
RemoteClinic 2.0 is vulnerable to a time-based blind SQL injection attack in the 'start' GET parameter of patients/index.php.

CVE ID : CVE-2023-33481
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/remoteclinic/RemoteClinic/issues/25 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47455

First published on : 07-11-2023 15:15:10
Last modified on : 07-11-2023 15:47:19

Description :
Tenda AX1806 V1.0.0.1 contains a heap overflow vulnerability in setSchedWifi function, in which the src and v12 are directly obtained from http request parameter schedStartTime and schedEndTime without checking their size.

CVE ID : CVE-2023-47455
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/setSchedWifi.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-47456

First published on : 07-11-2023 15:15:10
Last modified on : 07-11-2023 15:47:19

Description :
Tenda AX1806 V1.0.0.1 contains a stack overflow vulnerability in function sub_455D4, called by function fromSetWirelessRepeat.

CVE ID : CVE-2023-47456
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Anza2001/IOT_VULN/blob/main/Tenda/AX1806/fromSetWirelessRepeat.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-41425

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
Cross Site Scripting vulnerability in Wonder CMS v.3.2.0 thru v.3.4.2 allows a remote attacker to execute arbitrary code via a crafted script uploaded to the installModule component.

CVE ID : CVE-2023-41425
Source : cve@mitre.org
CVSS Score : /

References :
http://wondercms.com | source : cve@mitre.org
https://gist.github.com/prodigiousMind/fc69a79629c4ba9ee88a7ad526043413 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47359

First published on : 07-11-2023 16:15:29
Last modified on : 07-11-2023 16:17:59

Description :
Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.

CVE ID : CVE-2023-47359
Source : cve@mitre.org
CVSS Score : /

References :
https://0xariana.github.io/blog/real_bugs/vlc/mms | source : cve@mitre.org


Vulnerability ID : CVE-2023-47360

First published on : 07-11-2023 16:15:29
Last modified on : 07-11-2023 16:17:59

Description :
Videolan VLC prior to version 3.0.20 contains an Integer underflow that leads to an incorrect packet length.

CVE ID : CVE-2023-47360
Source : cve@mitre.org
CVSS Score : /

References :
https://0xariana.github.io/blog/real_bugs/vlc/mms | source : cve@mitre.org


Vulnerability ID : CVE-2023-46501

First published on : 07-11-2023 18:15:08
Last modified on : 07-11-2023 19:07:44

Description :
An issue in BoltWire v.6.03 allows a remote attacker to obtain sensitive information via a crafted payload to the view and change admin password function.

CVE ID : CVE-2023-46501
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Cyber-Wo0dy/CVE-2023-46501 | source : cve@mitre.org
https://github.com/Cyber-Wo0dy/report/blob/main/boltwire/v6.03/boltwire_improper_access_control | source : cve@mitre.org


Vulnerability ID : CVE-2023-37835

First published on : 07-11-2023 20:15:08
Last modified on : 07-11-2023 20:15:08

Description :
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-45396. Reason: This record is a duplicate of CVE-2023-45396. Notes: All CVE users should reference CVE-2023-45396 instead of this record. All references and descriptions in this record have been removed to prevent accidental usage.

CVE ID : CVE-2023-37835
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2021-43419

First published on : 07-11-2023 21:15:08
Last modified on : 07-11-2023 21:36:29

Description :
An Information Disclosure vulnerability exists in Opay Mobile application 1.5.1.26 and maybe be higher in the logcat app.

CVE ID : CVE-2021-43419
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Patrick0x41/Security-Advisories/blob/main/CVE-2021-43419/README.md | source : cve@mitre.org
https://www.youtube.com/watch?v=HJUj3PgH7Ag | source : cve@mitre.org


Vulnerability ID : CVE-2023-42361

First published on : 07-11-2023 22:15:11
Last modified on : 07-11-2023 22:15:11

Description :
Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Data Center v.10.3.0 and before allows an attacker to view arbitrary files and cause other impacts via use of crafted image during PDF export.

CVE ID : CVE-2023-42361
Source : cve@mitre.org
CVSS Score : /

References :
https://gccybermonks.com/posts/pdfjira/ | source : cve@mitre.org
https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=datacenter | source : cve@mitre.org
https://marketplace.atlassian.com/apps/5167/better-pdf-exporter-for-jira?tab=versions&hosting=server | source : cve@mitre.org


Vulnerability ID : CVE-2023-46001

First published on : 07-11-2023 22:15:11
Last modified on : 07-11-2023 22:15:11

Description :
Buffer Overflow vulnerability in gpac MP4Box v.2.3-DEV-rev573-g201320819-master allows a local attacker to cause a denial of service via the gpac/src/isomedia/isom_read.c:2807:51 function in gf_isom_get_user_data.

CVE ID : CVE-2023-46001
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gpac/gpac/commit/e79b0cf7e72404750630bc01340e999f3940dbc4 | source : cve@mitre.org
https://github.com/gpac/gpac/issues/2629 | source : cve@mitre.org


Source : jpcert.or.jp

Vulnerability ID : CVE-2023-46845

First published on : 07-11-2023 08:15:24
Last modified on : 07-11-2023 12:14:36

Description :
EC-CUBE 3 series (3.0.0 to 3.0.18-p6) and 4 series (4.0.0 to 4.0.6-p3, 4.1.0 to 4.1.2-p2, and 4.2.0 to 4.2.2) contain an arbitrary code execution vulnerability due to improper settings of the template engine Twig included in the product. As a result, arbitrary code may be executed on the server where the product is running by a user with an administrative privilege.

CVE ID : CVE-2023-46845
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://jvn.jp/en/jp/JVN29195731/ | source : vultures@jpcert.or.jp
https://www.ec-cube.net/info/weakness/20231026/index.php | source : vultures@jpcert.or.jp
https://www.ec-cube.net/info/weakness/20231026/index_3.php | source : vultures@jpcert.or.jp
https://www.ec-cube.net/info/weakness/20231026/index_40.php | source : vultures@jpcert.or.jp


Source : apache.org

Vulnerability ID : CVE-2023-46851

First published on : 07-11-2023 09:15:07
Last modified on : 07-11-2023 12:14:36

Description :
Allura Discussion and Allura Forum importing does not restrict URL values specified in attachments. Project administrators can run these imports, which could cause Allura to read local files and expose them. Exposing internal files then can lead to other exploits, like session hijacking, or remote code execution. This issue affects Apache Allura from 1.0.1 through 1.15.0. Users are recommended to upgrade to version 1.16.0, which fixes the issue. If you are unable to upgrade, set "disable_entry_points.allura.importers = forge-tracker, forge-discussion" in your .ini config file.

CVE ID : CVE-2023-46851
Source : security@apache.org
CVSS Score : /

References :
https://allura.apache.org/posts/2023-allura-1.16.0.html | source : security@apache.org
https://lists.apache.org/thread/hqk0vltl7qgrq215zgwjfoj0khbov0gx | source : security@apache.org

Vulnerability : CWE-20
Vulnerability : CWE-200
Vulnerability : CWE-73


Vulnerability ID : CVE-2023-46819

First published on : 07-11-2023 11:15:10
Last modified on : 07-11-2023 12:15:10

Description :
Missing Authentication in Apache Software Foundation Apache OFBiz when using the Solr plugin. This issue affects Apache OFBiz: before 18.12.09. Users are recommended to upgrade to version 18.12.09

CVE ID : CVE-2023-46819
Source : security@apache.org
CVSS Score : /

References :
http://www.openwall.com/lists/oss-security/2023/11/07/2 | source : security@apache.org
https://lists.apache.org/thread/h1m85f18yh0oljbf10p603o9h4nmfxrc | source : security@apache.org
https://ofbiz.apache.org/download.html | source : security@apache.org
https://ofbiz.apache.org/release-notes-18.12.09.html | source : security@apache.org
https://ofbiz.apache.org/security.html | source : security@apache.org

Vulnerability : CWE-306


Source : patchstack.com

Vulnerability ID : CVE-2023-47510

First published on : 07-11-2023 10:15:08
Last modified on : 07-11-2023 12:14:36

Description :
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPSolutions-HQ WPDBSpringClean plugin <= 1.6 versions.

CVE ID : CVE-2023-47510
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/wpdbspringclean/wordpress-wpdbspringclean-plugin-1-6-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2022-45350

First published on : 07-11-2023 15:15:09
Last modified on : 07-11-2023 15:47:19

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Pรคr Thernstrรถm Simple History โ€“ user activity log, audit tool.This issue affects Simple History โ€“ user activity log, audit tool: from n/a through 3.3.1.

CVE ID : CVE-2022-45350
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/simple-history/wordpress-simple-history-plugin-3-3-1-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-47442

First published on : 07-11-2023 15:15:10
Last modified on : 07-11-2023 15:47:19

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in AyeCode Ltd UsersWP.This issue affects UsersWP: from n/a through 1.2.3.9.

CVE ID : CVE-2022-47442
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/userswp/wordpress-userswp-front-end-login-form-user-registration-user-profile-members-directory-plugin-for-wordpress-plugin-1-2-3-9-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-45357

First published on : 07-11-2023 16:15:27
Last modified on : 07-11-2023 16:17:59

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Lenderd 1003 Mortgage Application.This issue affects 1003 Mortgage Application: from n/a through 1.75.

CVE ID : CVE-2022-45357
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/1003-mortgage-application/wordpress-1003-mortgage-application-plugin-1-73-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-46802

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee Product Reviews Import Export for WooCommerce.This issue affects Product Reviews Import Export for WooCommerce: from n/a through 1.4.8.

CVE ID : CVE-2022-46802
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/product-reviews-import-export-for-woocommerce/wordpress-product-reviews-import-export-for-woocommerce-plugin-1-4-8-unauth-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2023-22719

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in GiveWP.This issue affects GiveWP: from n/a through 2.25.1.

CVE ID : CVE-2023-22719
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/give/wordpress-givewp-plugin-2-25-1-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2023-23678

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPEkaClub WP Cookie Consent ( for GDPR, CCPA & ePrivacy ).This issue affects WP Cookie Consent ( for GDPR, CCPA & ePrivacy ): from n/a through 2.2.5.

CVE ID : CVE-2023-23678
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/gdpr-cookie-consent/wordpress-wp-cookie-notice-for-gdpr-ccpa-eprivacy-consent-plugin-2-2-5-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2023-23796

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.This issue affects Form Builder | Create Responsive Contact Forms: from n/a through 1.9.9.0.

CVE ID : CVE-2023-23796
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/contact-form-add/wordpress-form-builder-create-responsive-contact-forms-plugin-1-9-9-0-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2023-25983

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.5.84.

CVE ID : CVE-2023-25983
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/kb-support/wordpress-kb-support-wordpress-help-desk-plugin-1-5-84-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2023-36527

First published on : 07-11-2023 16:15:28
Last modified on : 07-11-2023 16:17:59

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in BestWebSoft Post to CSV by BestWebSoft.This issue affects Post to CSV by BestWebSoft: from n/a through 1.4.0.

CVE ID : CVE-2023-36527
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/post-to-csv/wordpress-post-to-csv-by-bestwebsoft-plugin-1-4-0-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-45078

First published on : 07-11-2023 17:15:07
Last modified on : 07-11-2023 19:07:48

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Solwin Infotech User Blocker.This issue affects User Blocker: from n/a through 1.5.5.

CVE ID : CVE-2022-45078
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/user-blocker/wordpress-user-blocker-plugin-1-5-5-auth-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-45348

First published on : 07-11-2023 17:15:08
Last modified on : 07-11-2023 19:07:48

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in anmari amr users.This issue affects amr users: from n/a through 4.59.4.

CVE ID : CVE-2022-45348
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/amr-users/wordpress-amr-users-plugin-4-59-4-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-45360

First published on : 07-11-2023 17:15:08
Last modified on : 07-11-2023 19:07:48

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Scott Reilly Commenter Emails.This issue affects Commenter Emails: from n/a through 2.6.1.

CVE ID : CVE-2022-45360
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/commenter-emails/wordpress-commenter-emails-plugin-2-6-1-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-45370

First published on : 07-11-2023 17:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in WebToffee WordPress Comments Import & Export.This issue affects WordPress Comments Import & Export: from n/a through 2.3.1.

CVE ID : CVE-2022-45370
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/comments-import-export-woocommerce/wordpress-wordpress-comments-import-export-plugin-2-3-1-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-45810

First published on : 07-11-2023 17:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Icegram Icegram Express โ€“ Email Marketing, Newsletters and Automation for WordPress & WooCommerce.This issue affects Icegram Express โ€“ Email Marketing, Newsletters and Automation for WordPress & WooCommerce: from n/a through 5.5.2.

CVE ID : CVE-2022-45810
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/email-subscribers/wordpress-icegram-express-email-subscribers-newsletters-and-marketing-automation-plugin-plugin-5-5-2-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-46801

First published on : 07-11-2023 17:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0.

CVE ID : CVE-2022-46801
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/site-reviews/wordpress-site-reviews-plugin-6-2-0-unauth-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-46803

First published on : 07-11-2023 17:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Noptin Newsletter Simple Newsletter Plugin โ€“ Noptin.This issue affects Simple Newsletter Plugin โ€“ Noptin: from n/a through 1.9.5.

CVE ID : CVE-2022-46803
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/newsletter-optin-box/wordpress-simple-newsletter-plugin-noptin-plugin-1-9-5-unauth-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-46804

First published on : 07-11-2023 17:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Narola Infotech Solutions LLP Export Users Data Distinct.This issue affects Export Users Data Distinct: from n/a through 1.3.

CVE ID : CVE-2022-46804
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/export-users-data-distinct/wordpress-export-users-data-distinct-plugin-1-3-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-46809

First published on : 07-11-2023 17:15:09
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX โ€“ Multi-criteria Rating & Reviews for WooCommerce.This issue affects ReviewX โ€“ Multi-criteria Rating & Reviews for WooCommerce: from n/a through 1.6.7.

CVE ID : CVE-2022-46809
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/reviewx/wordpress-reviewx-plugin-1-6-6-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-46821

First published on : 07-11-2023 17:15:09
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Jackmail & Sarbacane Emails & Newsletters with Jackmail.This issue affects Emails & Newsletters with Jackmail: from n/a through 1.2.22.

CVE ID : CVE-2022-46821
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/jackmail-newsletters/wordpress-emails-newsletters-with-jackmail-plugin-1-2-22-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-38702

First published on : 07-11-2023 18:15:07
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Nakashima Masahiro WP CSV Exporter.This issue affects WP CSV Exporter: from n/a through 2.0.

CVE ID : CVE-2022-38702
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/wp-csv-exporter/wordpress-wp-csv-exporter-plugin-1-3-6-authenticated-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-41616

First published on : 07-11-2023 18:15:07
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Kaushik Kalathiya Export Users Data CSV.This issue affects Export Users Data CSV: from n/a through 2.1.

CVE ID : CVE-2022-41616
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/export-users-data-csv/wordpress-export-users-data-csv-plugin-2-1-auth-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-42882

First published on : 07-11-2023 18:15:07
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Shambix Simple CSV/XLS Exporter.This issue affects Simple CSV/XLS Exporter: from n/a through 1.5.8.

CVE ID : CVE-2022-42882
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/simple-csv-xls-exporter/wordpress-simple-csv-xls-exporter-plugin-1-5-8-authenticated-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-44738

First published on : 07-11-2023 18:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in Patrick Robrecht Posts and Users Stats.This issue affects Posts and Users Stats: from n/a through 1.1.3.

CVE ID : CVE-2022-44738
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/posts-and-users-stats/wordpress-posts-and-users-stats-plugin-1-1-3-csv-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Vulnerability ID : CVE-2022-47181

First published on : 07-11-2023 18:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in wpexpertsio Email Templates Customizer and Designer for WordPress and WooCommerce email-templates allows Cross Site Request Forgery.This issue affects Email Templates Customizer and Designer for WordPress and WooCommerce: from n/a through 1.4.2.

CVE ID : CVE-2022-47181
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/email-templates/wordpress-email-templates-plugin-1-4-2-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-28499

First published on : 07-11-2023 18:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Auth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in simonpedge Slide Anything โ€“ Responsive Content / HTML Slider and Carousel plugin <= 2.4.9 versions.

CVE ID : CVE-2023-28499
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/slide-anything/wordpress-slide-anything-plugin-2-4-7-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-32966

First published on : 07-11-2023 18:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab Jazz Popups leads to Stored XSS.This issue affects Jazz Popups: from n/a through 1.8.7.

CVE ID : CVE-2023-32966
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/jazz-popups/wordpress-jazz-popups-plugin-1-8-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-41798

First published on : 07-11-2023 18:15:08
Last modified on : 07-11-2023 19:07:44

Description :
Improper Neutralization of Formula Elements in a CSV File vulnerability in wpWax Directorist โ€“ WordPress Business Directory Plugin with Classified Ads Listing.This issue affects Directorist โ€“ WordPress Business Directory Plugin with Classified Ads Listings: from n/a through 7.7.1.

CVE ID : CVE-2023-41798
Source : audit@patchstack.com
CVSS Score : /

References :
https://patchstack.com/database/vulnerability/directorist/wordpress-directorist-plugin-7-7-0-csv-injection?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-1236


Source : arm.com

Vulnerability ID : CVE-2023-4272

First published on : 07-11-2023 16:15:29
Last modified on : 07-11-2023 16:17:59

Description :
A local non-privileged user can make GPU processing operations that expose sensitive data from previously freed memory.

CVE ID : CVE-2023-4272
Source : arm-security@arm.com
CVSS Score : /

References :
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | source : arm-security@arm.com

Vulnerability : CWE-1251
Vulnerability : CWE-200


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.