Latest vulnerabilities of Tuesday, October 3, 2023

Latest vulnerabilities of Tuesday, October 3, 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 10/03/2023 at 11:58:02 PM

(7) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : incibe.es

Vulnerability ID : CVE-2022-47893

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
There is a remote code execution vulnerability that affects all versions of NetMan 204. A remote attacker could upload a firmware file containing a webshell, that could allow him to execute arbitrary code as root.

CVE ID : CVE-2022-47893
Source : cve-coordination@incibe.es
CVSS Score : 10.0

References :
https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups | source : cve-coordination@incibe.es

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-32670

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Scripting vulnerability in BuddyBoss 2.2.9 version , which could allow a local attacker with basic privileges to execute a malicious payload through the "[name]=image.jpg" parameter, allowing to assign a persistent javascript payload that would be triggered when the associated image is loaded.

CVE ID : CVE-2023-32670
Source : cve-coordination@incibe.es
CVSS Score : 9.0

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-budyboss | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Source : qualcomm.com

Vulnerability ID : CVE-2023-24855

First published on : 03-10-2023 06:15:23
Last modified on : 03-10-2023 12:51:48

Description :
Memory corruption in Modem while processing security related configuration before AS Security Exchange.

CVE ID : CVE-2023-24855
Source : product-security@qualcomm.com
CVSS Score : 9.8

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33028

First published on : 03-10-2023 06:15:27
Last modified on : 03-10-2023 12:51:48

Description :
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

CVE ID : CVE-2023-33028
Source : product-security@qualcomm.com
CVSS Score : 9.8

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28540

First published on : 03-10-2023 06:15:24
Last modified on : 03-10-2023 12:51:48

Description :
Cryptographic issue in Data Modem due to improper authentication during TLS handshake.

CVE ID : CVE-2023-28540
Source : product-security@qualcomm.com
CVSS Score : 9.1

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Source : cyberdanube.com

Vulnerability ID : CVE-2023-3656

First published on : 03-10-2023 08:15:35
Last modified on : 03-10-2023 12:51:44

Description :
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by an unauthenticated remote code execution vulnerability. This vulnerability can be triggered by an HTTP endpoint exposed to the network.

CVE ID : CVE-2023-3656
Source : office@cyberdanube.com
CVSS Score : 9.8

References :
https://www.cashit.at/ | source : office@cyberdanube.com

Vulnerability : CWE-749
Vulnerability : CWE-94


Vulnerability ID : CVE-2023-3654

First published on : 03-10-2023 09:15:10
Last modified on : 03-10-2023 12:51:44

Description :
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a origin bypass via the host header in an HTTP request. This vulnerability can be triggered by an HTTP endpoint exposed to the network.

CVE ID : CVE-2023-3654
Source : office@cyberdanube.com
CVSS Score : 9.4

References :
https://www.cashit.at/ | source : office@cyberdanube.com

Vulnerability : CWE-346


(39) HIGH VULNERABILITIES [7.0, 8.9]

Source : huntr.dev

Vulnerability ID : CVE-2023-5351

First published on : 03-10-2023 12:15:11
Last modified on : 03-10-2023 12:51:39

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1.

CVE ID : CVE-2023-5351
Source : security@huntr.dev
CVSS Score : 8.9

References :
https://github.com/salesagility/suitecrm/commit/c43eaa311fb010b7928983e6afc6f9075c3996aa | source : security@huntr.dev
https://huntr.dev/bounties/f7c7fcbc-5421-4a29-9385-346a1caa485b | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5353

First published on : 03-10-2023 13:15:11
Last modified on : 03-10-2023 13:52:20

Description :
Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1.

CVE ID : CVE-2023-5353
Source : security@huntr.dev
CVSS Score : 8.1

References :
https://github.com/salesagility/suitecrm/commit/c43eaa311fb010b7928983e6afc6f9075c3996aa | source : security@huntr.dev
https://huntr.dev/bounties/3b3bb4f1-1aea-4134-99eb-157f245fa752 | source : security@huntr.dev

Vulnerability : CWE-284


Source : purestorage.com

Vulnerability ID : CVE-2023-36628

First published on : 03-10-2023 00:15:10
Last modified on : 03-10-2023 12:51:52

Description :
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.

CVE ID : CVE-2023-36628
Source : psirt@purestorage.com
CVSS Score : 8.8

References :
https://support.purestorage.com/Pure_Storage_Technical_Services/Field_Bulletins/Security_Bulletins/Security_Bulletin_for_Privilege_Escalation_in_VASA_CVE-2023-36628 | source : psirt@purestorage.com


Source : sonicwall.com

Vulnerability ID : CVE-2023-44218

First published on : 03-10-2023 08:15:36
Last modified on : 03-10-2023 12:51:44

Description :
A flaw within the SonicWall NetExtender Pre-Logon feature enables an unauthorized user to gain access to the host Windows operating system with 'SYSTEM' level privileges, leading to a local privilege escalation (LPE) vulnerability.

CVE ID : CVE-2023-44218
Source : PSIRT@sonicwall.com
CVSS Score : 8.8

References :
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0014 | source : PSIRT@sonicwall.com

Vulnerability : CWE-267


Source : incibe.es

Vulnerability ID : CVE-2023-4097

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:39

Description :
The file upload functionality is not implemented correctly and allows uploading of any type of file. As a prerequisite, it is necessary for the attacker to log into the application with a valid username.

CVE ID : CVE-2023-4097
Source : cve-coordination@incibe.es
CVSS Score : 8.8

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige | source : cve-coordination@incibe.es

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-4098

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application.

CVE ID : CVE-2023-4098
Source : cve-coordination@incibe.es
CVSS Score : 8.8

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige | source : cve-coordination@incibe.es

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-4101

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
The QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.

CVE ID : CVE-2023-4101
Source : cve-coordination@incibe.es
CVSS Score : 8.8

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige | source : cve-coordination@incibe.es

Vulnerability : CWE-639


Vulnerability ID : CVE-2023-4102

First published on : 03-10-2023 12:15:11
Last modified on : 03-10-2023 12:51:39

Description :
QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.

CVE ID : CVE-2023-4102
Source : cve-coordination@incibe.es
CVSS Score : 8.8

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige | source : cve-coordination@incibe.es

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-4103

First published on : 03-10-2023 12:15:11
Last modified on : 03-10-2023 12:51:39

Description :
QSige statistics are affected by a remote SQLi vulnerability. It has been identified that the web application does not correctly filter input parameters, allowing SQL injections, DoS or information disclosure. As a prerequisite, it is necessary to log into the application.

CVE ID : CVE-2023-4103
Source : cve-coordination@incibe.es
CVSS Score : 8.8

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige | source : cve-coordination@incibe.es

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-2681

First published on : 03-10-2023 13:15:09
Last modified on : 03-10-2023 13:52:20

Description :
An SQL Injection vulnerability has been found on Jorani version 1.0.0. This vulnerability allows an authenticated remote user, with low privileges, to send queries with malicious SQL code on the "/leaves/validate" path and the โ€œidโ€ parameter, managing to extract arbritary information from the database.

CVE ID : CVE-2023-2681
Source : cve-coordination@incibe.es
CVSS Score : 8.8

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/jorani-sql-injection | source : cve-coordination@incibe.es

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-0506

First published on : 03-10-2023 14:15:10
Last modified on : 03-10-2023 14:29:08

Description :
The web service of ByDemes Group Airspace CCTV Web Service in its 2.616.BY00.11 version, contains a privilege escalation vulnerability, detected in the Camera Control Panel, whose exploitation could allow a low-privileged attacker to gain administrator access.

CVE ID : CVE-2023-0506
Source : cve-coordination@incibe.es
CVSS Score : 8.8

References :
https://github.com/zerolynx/wstg/blob/master/document/4-Web_Application_Security_Testing/05-Authorization_Testing/02-Testing_for_Bypassing_Authorization_Schema.md | source : cve-coordination@incibe.es
https://www.incibe.es/en/incibe-cert/notices/aviso/inadequate-access-control-demes-group-products | source : cve-coordination@incibe.es

Vulnerability : CWE-284


Vulnerability ID : CVE-2023-3349

First published on : 03-10-2023 14:15:10
Last modified on : 03-10-2023 14:29:08

Description :
Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries sent to the application. By accessing the URL /RPS2019Service/status.html, the application enables the logging mechanism by generating the log file, which can be downloaded.

CVE ID : CVE-2023-3349
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-ibermatica-rps-2019 | source : cve-coordination@incibe.es

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-3350

First published on : 03-10-2023 14:15:10
Last modified on : 03-10-2023 14:29:08

Description :
A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. By firstly downloading the log file, an attacker could retrieve the SQL query sent to the application in plaint text. This log file contains the password hashes coded with AES-CBC-128 bits algorithm, which can be decrypted with a .NET function, obtaining the username's password in plain text.

CVE ID : CVE-2023-3350
Source : cve-coordination@incibe.es
CVSS Score : 8.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-ibermatica-rps-2019 | source : cve-coordination@incibe.es


Vulnerability ID : CVE-2022-47891

First published on : 03-10-2023 12:15:09
Last modified on : 03-10-2023 12:51:39

Description :
All versions of NetMan 204 allow an attacker that knows the MAC and serial number of the device to reset the administrator password via the legitimate recovery function.

CVE ID : CVE-2022-47891
Source : cve-coordination@incibe.es
CVSS Score : 8.1

References :
https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups | source : cve-coordination@incibe.es

Vulnerability : CWE-798


Vulnerability ID : CVE-2023-4099

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
The QSige Monitor application does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.

CVE ID : CVE-2023-4099
Source : cve-coordination@incibe.es
CVSS Score : 7.6

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige | source : cve-coordination@incibe.es

Vulnerability : CWE-639


Vulnerability ID : CVE-2023-4882

First published on : 03-10-2023 15:15:40
Last modified on : 03-10-2023 16:13:07

Description :
DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. This action could trigger the args_assets() function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash.

CVE ID : CVE-2023-4882
Source : cve-coordination@incibe.es
CVSS Score : 7.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-open5gs | source : cve-coordination@incibe.es

Vulnerability : CWE-404


Vulnerability ID : CVE-2023-4883

First published on : 03-10-2023 15:15:40
Last modified on : 03-10-2023 16:13:07

Description :
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF (Virtual Network Function), and triggering the ogs_sbi_message_free function, which could cause a service outage.

CVE ID : CVE-2023-4883
Source : cve-coordination@incibe.es
CVSS Score : 7.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-open5gs | source : cve-coordination@incibe.es

Vulnerability : CWE-763


Vulnerability ID : CVE-2023-4817

First published on : 03-10-2023 16:15:10
Last modified on : 03-10-2023 16:16:38

Description :
This vulnerability allows an authenticated attacker to upload malicious files by bypassing the restrictions of the upload functionality, compromising the entire device.

CVE ID : CVE-2023-4817
Source : cve-coordination@incibe.es
CVSS Score : 7.2

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/unrestricted-file-upload-vulnerability-icp-das-et-7060 | source : cve-coordination@incibe.es

Vulnerability : CWE-434


Source : qualcomm.com

Vulnerability ID : CVE-2023-21673

First published on : 03-10-2023 06:15:16
Last modified on : 03-10-2023 12:51:48

Description :
Improper Access to the VM resource manager can lead to Memory Corruption.

CVE ID : CVE-2023-21673
Source : product-security@qualcomm.com
CVSS Score : 8.7

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-24844

First published on : 03-10-2023 06:15:22
Last modified on : 03-10-2023 12:51:48

Description :
Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.

CVE ID : CVE-2023-24844
Source : product-security@qualcomm.com
CVSS Score : 8.4

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-24853

First published on : 03-10-2023 06:15:23
Last modified on : 03-10-2023 12:51:48

Description :
Memory Corruption in HLOS while registering for key provisioning notify.

CVE ID : CVE-2023-24853
Source : product-security@qualcomm.com
CVSS Score : 8.4

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33029

First published on : 03-10-2023 06:15:27
Last modified on : 03-10-2023 12:51:48

Description :
Memory corruption in DSP Service during a remote call from HLOS to DSP.

CVE ID : CVE-2023-33029
Source : product-security@qualcomm.com
CVSS Score : 8.4

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33039

First published on : 03-10-2023 06:15:27
Last modified on : 03-10-2023 12:51:44

Description :
Memory corruption in Automotive Display while destroying the image handle created using connected display driver.

CVE ID : CVE-2023-33039
Source : product-security@qualcomm.com
CVSS Score : 8.4

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-22385

First published on : 03-10-2023 06:15:21
Last modified on : 03-10-2023 12:51:48

Description :
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

CVE ID : CVE-2023-22385
Source : product-security@qualcomm.com
CVSS Score : 8.2

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-24848

First published on : 03-10-2023 06:15:22
Last modified on : 03-10-2023 12:51:48

Description :
Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value.

CVE ID : CVE-2023-24848
Source : product-security@qualcomm.com
CVSS Score : 8.2

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-24849

First published on : 03-10-2023 06:15:23
Last modified on : 03-10-2023 12:51:48

Description :
Information Disclosure in data Modem while parsing an FMTP line in an SDP message.

CVE ID : CVE-2023-24849
Source : product-security@qualcomm.com
CVSS Score : 8.2

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-24850

First published on : 03-10-2023 06:15:23
Last modified on : 03-10-2023 12:51:48

Description :
Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

CVE ID : CVE-2023-24850
Source : product-security@qualcomm.com
CVSS Score : 7.8

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33034

First published on : 03-10-2023 06:15:27
Last modified on : 03-10-2023 12:51:48

Description :
Memory corruption while parsing the ADSP response command.

CVE ID : CVE-2023-33034
Source : product-security@qualcomm.com
CVSS Score : 7.8

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33035

First published on : 03-10-2023 06:15:27
Last modified on : 03-10-2023 12:51:44

Description :
Memory corruption while invoking callback function of AFE from ADSP.

CVE ID : CVE-2023-33035
Source : product-security@qualcomm.com
CVSS Score : 7.8

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-24843

First published on : 03-10-2023 06:15:22
Last modified on : 03-10-2023 12:51:48

Description :
Transient DOS in Modem while triggering a camping on an 5G cell.

CVE ID : CVE-2023-24843
Source : product-security@qualcomm.com
CVSS Score : 7.5

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-24847

First published on : 03-10-2023 06:15:22
Last modified on : 03-10-2023 12:51:48

Description :
Transient DOS in Modem while allocating DSM items.

CVE ID : CVE-2023-24847
Source : product-security@qualcomm.com
CVSS Score : 7.5

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33026

First published on : 03-10-2023 06:15:26
Last modified on : 03-10-2023 12:51:48

Description :
Transient DOS in WLAN Firmware while parsing a NAN management frame.

CVE ID : CVE-2023-33026
Source : product-security@qualcomm.com
CVSS Score : 7.5

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-33027

First published on : 03-10-2023 06:15:26
Last modified on : 03-10-2023 12:51:48

Description :
Transient DOS in WLAN Firmware while parsing rsn ies.

CVE ID : CVE-2023-33027
Source : product-security@qualcomm.com
CVSS Score : 7.5

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-22382

First published on : 03-10-2023 06:15:18
Last modified on : 03-10-2023 12:51:48

Description :
Weak configuration in Automotive while VM is processing a listener request from TEE.

CVE ID : CVE-2023-22382
Source : product-security@qualcomm.com
CVSS Score : 7.4

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Source : hitachi.co.jp

Vulnerability ID : CVE-2023-3440

First published on : 03-10-2023 02:15:09
Last modified on : 03-10-2023 12:51:52

Description :
Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation.This issue affects JP1/Performance Management - Manager: from 09-00 before 12-50-07; JP1/Performance Management - Base: from 09-00 through 10-50-*; JP1/Performance Management - Agent Option for Application Server: from 11-00 before 11-50-16; JP1/Performance Management - Agent Option for Enterprise Applications: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for HiRDB: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for IBM Lotus Domino: from 10-00 before 11-50-16; JP1/Performance Management - Agent Option for Microsoft(R) Exchange Server: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for Microsoft(R) Internet Information Server: from 09-00 before 12-00-14; JP1/Performance Management - Agent Option for Microsoft(R) SQL Server: from 09-00 before 12-50-07; JP1/Performance Management - Agent Option for Oracle: from 09-00 before 12-10-08; JP1/Performance Management - Agent Option for Platform: from 09-00 before 12-50-07; JP1/Performance Management - Agent Option for Service Response: from 09-00 before 11-50-16; JP1/Performance Management - Agent Option for Transaction System: from 11-00 before 12-00-14; JP1/Performance Management - Remote Monitor for Microsoft(R) SQL Server: from 09-00 before 12-50-07; JP1/Performance Management - Remote Monitor for Oracle: from 09-00 before 12-10-08; JP1/Performance Management - Remote Monitor for Platform: from 09-00 before 12-10-08; JP1/Performance Management - Remote Monitor for Virtual Machine: from 10-00 before 12-50-07; JP1/Performance Management - Agent Option for Domino: from 09-00 through 09-00-*; JP1/Performance Management - Agent Option for IBM WebSphere Application Server: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for IBM WebSphere MQ: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for JP1/AJS3: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for OpenTP1: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for Oracle WebLogic Server: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for uCosminexus Application Server: from 09-00 through 10-00-*; JP1/Performance Management - Agent Option for Virtual Machine: from 09-00 through 09-01-*.

CVE ID : CVE-2023-3440
Source : hirt@hitachi.co.jp
CVSS Score : 8.4

References :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-145/index.html | source : hirt@hitachi.co.jp

Vulnerability : CWE-276


Source : google.com

Vulnerability ID : CVE-2023-5345

First published on : 03-10-2023 03:15:09
Last modified on : 03-10-2023 12:51:52

Description :
A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password was freed but the field was not set to NULL which could lead to double free. We recommend upgrading past commit e6e43b8aa7cd3c3af686caf0c2e11819a886d705.

CVE ID : CVE-2023-5345
Source : cve-coordination@google.com
CVSS Score : 7.8

References :
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=e6e43b8aa7cd3c3af686caf0c2e11819a886d705 | source : cve-coordination@google.com
https://kernel.dance/e6e43b8aa7cd3c3af686caf0c2e11819a886d705 | source : cve-coordination@google.com

Vulnerability : CWE-416


Source : redhat.com

Vulnerability ID : CVE-2023-4911

First published on : 03-10-2023 18:15:10
Last modified on : 03-10-2023 21:15:10

Description :
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

CVE ID : CVE-2023-4911
Source : secalert@redhat.com
CVSS Score : 7.8

References :
http://www.openwall.com/lists/oss-security/2023/10/03/2 | source : secalert@redhat.com
http://www.openwall.com/lists/oss-security/2023/10/03/3 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-4911 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2238352 | source : secalert@redhat.com
https://www.qualys.com/2023/10/03/cve-2023-4911/looney-tunables-local-privilege-escalation-glibc-ld-so.txt | source : secalert@redhat.com
https://www.qualys.com/cve-2023-4911/ | source : secalert@redhat.com


Source : snyk.io

Vulnerability ID : CVE-2023-26152

First published on : 03-10-2023 05:15:50
Last modified on : 03-10-2023 12:51:52

Description :
All versions of the package static-server are vulnerable to Directory Traversal due to improper input sanitization passed via the validPath function of server.js.

CVE ID : CVE-2023-26152
Source : report@snyk.io
CVSS Score : 7.5

References :
https://gist.github.com/lirantal/1f7021703a2065ecaf9ec9e06a3a346d | source : report@snyk.io
https://github.com/nbluis/static-server/blob/master/server.js%23L218-L223 | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-JS-STATICSERVER-5722341 | source : report@snyk.io


Source : cyberdanube.com

Vulnerability ID : CVE-2023-3655

First published on : 03-10-2023 08:15:35
Last modified on : 03-10-2023 12:51:44

Description :
cashIT! - serving solutions. Devices from "PoS/ Dienstleistung, Entwicklung & Vertrieb GmbH" to 03.A06rks 2023.02.37 are affected by a dangerous methods, that allows to leak the database (system settings, user accounts,...). This vulnerability can be triggered by an HTTP endpoint exposed to the network.

CVE ID : CVE-2023-3655
Source : office@cyberdanube.com
CVSS Score : 7.5

References :
https://www.cashit.at/ | source : office@cyberdanube.com

Vulnerability : CWE-749


(62) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : qualcomm.com

Vulnerability ID : CVE-2023-22384

First published on : 03-10-2023 06:15:19
Last modified on : 03-10-2023 12:51:48

Description :
Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).

CVE ID : CVE-2023-22384
Source : product-security@qualcomm.com
CVSS Score : 6.7

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28539

First published on : 03-10-2023 06:15:24
Last modified on : 03-10-2023 12:51:48

Description :
Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

CVE ID : CVE-2023-28539
Source : product-security@qualcomm.com
CVSS Score : 6.6

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Vulnerability ID : CVE-2023-28571

First published on : 03-10-2023 06:15:24
Last modified on : 03-10-2023 12:51:48

Description :
Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan.

CVE ID : CVE-2023-28571
Source : product-security@qualcomm.com
CVSS Score : 6.1

References :
https://www.qualcomm.com/company/product-security/bulletins/october-2023-bulletin | source : product-security@qualcomm.com


Source : incibe.es

Vulnerability ID : CVE-2023-0828

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:44

Description :
Cross-site Scripting (XSS) vulnerability in Syslog Section of Pandora FMS allows attacker to cause that users cookie value will be transferred to the attackers users server. This issue affects Pandora FMS v767 version and prior versions on all platforms.

CVE ID : CVE-2023-0828
Source : cve-coordination@incibe.es
CVSS Score : 6.7

References :
https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/ | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-24518

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:44

Description :
A Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they are currently authenticated against. This issue affects Pandora FMS version 767 and earlier versions on all platforms.

CVE ID : CVE-2023-24518
Source : cve-coordination@incibe.es
CVSS Score : 6.7

References :
https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/ | source : cve-coordination@incibe.es

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-4100

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
Allows an attacker to perform XSS attacks stored on certain resources. Exploiting this vulnerability can lead to a DoS condition, among other actions.

CVE ID : CVE-2023-4100
Source : cve-coordination@incibe.es
CVSS Score : 6.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-idm-sistemas-qsige | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-32791

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to manipulate and delete user accounts within the platform by sending a specifically crafted query to the server. The vulnerability is based on the lack of proper validation of the origin of incoming requests.

CVE ID : CVE-2023-32791
Source : cve-coordination@incibe.es
CVSS Score : 6.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-nxlog-manager | source : cve-coordination@incibe.es

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-32792

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to eliminate roles within the platform by sending a specifically crafted query to the server. The vulnerability is based on the absence of proper validation of the origin of incoming requests.

CVE ID : CVE-2023-32792
Source : cve-coordination@incibe.es
CVSS Score : 6.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-nxlog-manager | source : cve-coordination@incibe.es

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-4884

First published on : 03-10-2023 15:15:40
Last modified on : 03-10-2023 16:13:07

Description :
An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication.

CVE ID : CVE-2023-4884
Source : cve-coordination@incibe.es
CVSS Score : 6.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-open5gs | source : cve-coordination@incibe.es

Vulnerability : CWE-306


Vulnerability ID : CVE-2023-4885

First published on : 03-10-2023 15:15:40
Last modified on : 03-10-2023 16:13:07

Description :
Man in the Middle vulnerability, which could allow an attacker to intercept VNF (Virtual Network Function) communications resulting in the exposure of sensitive information.

CVE ID : CVE-2023-4885
Source : cve-coordination@incibe.es
CVSS Score : 6.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-open5gs | source : cve-coordination@incibe.es

Vulnerability : CWE-300


Vulnerability ID : CVE-2023-32671

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
A stored XSS vulnerability has been found on BuddyBoss Platform affecting version 2.2.9. This vulnerability allows an attacker to store a malicious javascript payload via POST request when sending an invitation.

CVE ID : CVE-2023-32671
Source : cve-coordination@incibe.es
CVSS Score : 6.3

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-budyboss | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-32669

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Authorization bypass vulnerability in BuddyBoss 2.2.9 version, the exploitation of which could allow an authenticated user to access and rename other users' albums. This vulnerability can be exploited by changing the album identification (id).

CVE ID : CVE-2023-32669
Source : cve-coordination@incibe.es
CVSS Score : 5.4

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-budyboss | source : cve-coordination@incibe.es

Vulnerability : CWE-639


Vulnerability ID : CVE-2022-47892

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
All versions of NetMan 204 could allow an unauthenticated remote attacker to read a file (config.cgi) containing sensitive information, like credentials.

CVE ID : CVE-2022-47892
Source : cve-coordination@incibe.es
CVSS Score : 5.3

References :
https://www.incibe.es/incibe-cert/alerta-temprana/avisos-sci/multiples-vulnerabilidades-netman-204-riello-ups | source : cve-coordination@incibe.es

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-2544

First published on : 03-10-2023 14:15:10
Last modified on : 03-10-2023 14:29:08

Description :
Authorization bypass vulnerability in UPV PEIX, affecting the component "pdf_curri_new.php". Through a POST request, an authenticated user could change the ID parameter to retrieve all the stored information of other registered users.

CVE ID : CVE-2023-2544
Source : cve-coordination@incibe.es
CVSS Score : 5.3

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-upv-peix | source : cve-coordination@incibe.es

Vulnerability : CWE-639


Vulnerability ID : CVE-2023-3196

First published on : 03-10-2023 16:15:10
Last modified on : 03-10-2023 16:16:38

Description :
This vulnerability could allow an attacker to store a malicious JavaScript payload in the login footer and login page description parameters within the administration panel.

CVE ID : CVE-2023-3196
Source : cve-coordination@incibe.es
CVSS Score : 4.7

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-4564

First published on : 03-10-2023 16:15:10
Last modified on : 03-10-2023 16:16:38

Description :
This vulnerability could allow an attacker to store a malicious JavaScript payload in the broadcast message parameter within the admin panel.

CVE ID : CVE-2023-4564
Source : cve-coordination@incibe.es
CVSS Score : 4.7

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canopsis-capensis | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-32790

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Scripting (XSS) vulnerability in NXLog Manager 5.6.5633 version. This vulnerability allows an attacker to inject a malicious JavaScript payload into the 'Full Name' field during a user edit, due to improper sanitization of the input parameter.

CVE ID : CVE-2023-32790
Source : cve-coordination@incibe.es
CVSS Score : 4.6

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-nxlog-manager | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Source : redhat.com

Vulnerability ID : CVE-2023-4886

First published on : 03-10-2023 15:15:40
Last modified on : 03-10-2023 16:13:07

Description :
A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.

CVE ID : CVE-2023-4886
Source : secalert@redhat.com
CVSS Score : 6.7

References :
https://access.redhat.com/security/cve/CVE-2023-4886 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2230135 | source : secalert@redhat.com


Vulnerability ID : CVE-2023-4732

First published on : 03-10-2023 17:15:09
Last modified on : 03-10-2023 18:09:47

Description :
A flaw was found in the Linux Kernel's memory management subsytem. A task exits and releases a 2MB page in a vma (vm_area_struct) and hits the BUG statement in pfn_swap_entry_to_page() referencing pmd_t x.

CVE ID : CVE-2023-4732
Source : secalert@redhat.com
CVSS Score : 4.7

References :
https://access.redhat.com/security/cve/CVE-2023-4732 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2236982 | source : secalert@redhat.com


Source : purestorage.com

Vulnerability ID : CVE-2023-32572

First published on : 03-10-2023 00:15:09
Last modified on : 03-10-2023 12:51:52

Description :
A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection.

CVE ID : CVE-2023-32572
Source : psirt@purestorage.com
CVSS Score : 6.5

References :
https://https://support.purestorage.com/Pure_Storage_Technical_Services/Field_Bulletins/Security_Bulletins/Security_Bulletin_-_FlashArray_pgroup_Retention_Lock_SafeMode_Protection_CVE-2023-32572 | source : psirt@purestorage.com


Vulnerability ID : CVE-2023-28373

First published on : 03-10-2023 00:15:09
Last modified on : 03-10-2023 12:51:52

Description :
A flaw exists in FlashArray Purity whereby an array administrator by configuring an external key manager can affect the availability of data on the system including snapshots protected by SafeMode.

CVE ID : CVE-2023-28373
Source : psirt@purestorage.com
CVSS Score : 4.4

References :
https://support.purestorage.com/Employee_Handbooks/Technical_Services/PSIRT/Security_Bulletin_for_FlashArray_SafeMode_Immutable_Vulnerability_CVE-2023-28373 | source : psirt@purestorage.com


Source : hitachi.co.jp

Vulnerability ID : CVE-2023-3335

First published on : 03-10-2023 02:15:09
Last modified on : 03-10-2023 12:51:52

Description :
Insertion of Sensitive Information into Log File vulnerability in Hitachi Ops Center Administrator on Linux allows local users to gain sensive information.This issue affects Hitachi Ops Center Administrator: before 10.9.3-00.

CVE ID : CVE-2023-3335
Source : hirt@hitachi.co.jp
CVSS Score : 6.5

References :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-140/index.html | source : hirt@hitachi.co.jp

Vulnerability : CWE-532


Vulnerability ID : CVE-2023-3967

First published on : 03-10-2023 02:15:09
Last modified on : 03-10-2023 12:51:52

Description :
Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.This issue affects Hitachi Ops Center Common Services: before 10.9.3-00.

CVE ID : CVE-2023-3967
Source : hirt@hitachi.co.jp
CVSS Score : 5.3

References :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2023-142/index.html | source : hirt@hitachi.co.jp

Vulnerability : CWE-770


Source : snyk.io

Vulnerability ID : CVE-2023-26150

First published on : 03-10-2023 05:15:49
Last modified on : 03-10-2023 12:51:52

Description :
Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. **Note:** This issue is a result of missing checks for services that require an active session.

CVE ID : CVE-2023-26150
Source : report@snyk.io
CVSS Score : 6.5

References :
https://gist.github.com/artfire52/84f7279a4119d6f90381ac49d7121121 | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/commit/2be7ce80df05de8d6c6ae1ebce6fa2bb7147844a | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/commit/b4106dfd5037423c9d1810b48a97296b59cde513 | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/issues/1014 | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/pull/1015 | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/releases/tag/v0.9.96 | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-PYTHON-ASYNCUA-5673435 | source : report@snyk.io


Vulnerability ID : CVE-2023-26151

First published on : 03-10-2023 05:15:50
Last modified on : 03-10-2023 12:51:52

Description :
Versions of the package asyncua before 0.9.96 are vulnerable to Denial of Service (DoS) such that an attacker can send a malformed packet and as a result, the server will enter into an infinite loop and consume excessive memory.

CVE ID : CVE-2023-26151
Source : report@snyk.io
CVSS Score : 5.3

References :
https://gist.github.com/artfire52/1540b234350795e0ecb4d672608dbec8 | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/commit/f6603daa34a93a658f0e176cb0b9ee5a6643b262 | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/issues/1013 | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/pull/1039 | source : report@snyk.io
https://github.com/FreeOpcUa/opcua-asyncio/releases/tag/v0.9.96 | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-PYTHON-ASYNCUA-5673709 | source : report@snyk.io


Source : patchstack.com

Vulnerability ID : CVE-2023-40201

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in FuturioWP Futurio Extra plugin <= 1.8.4 versions leads to activation of arbitrary plugin.

CVE ID : CVE-2023-40201
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/futurio-extra/wordpress-futurio-extra-plugin-1-8-2-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-27435

First published on : 03-10-2023 14:15:10
Last modified on : 03-10-2023 14:29:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Sami Ahmed Siddiqui HTTP Auth plugin <= 0.3.2 versions.

CVE ID : CVE-2023-27435
Source : audit@patchstack.com
CVSS Score : 6.3

References :
https://patchstack.com/database/vulnerability/http-auth/wordpress-http-auth-plugin-0-3-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-37992

First published on : 03-10-2023 10:15:10
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in PressPage Entertainment Inc. Smarty for WordPress plugin <= 3.1.35 versions.

CVE ID : CVE-2023-37992
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/smarty-for-wordpress/wordpress-smarty-for-wordpress-plugin-3-1-35-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-37996

First published on : 03-10-2023 10:15:10
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.7 versions.

CVE ID : CVE-2023-37996
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/gtmetrix-for-wordpress/wordpress-gtmetrix-for-wordpress-plugin-0-4-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-38381

First published on : 03-10-2023 10:15:10
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Cyle Conoly WP-FlyBox plugin <= 6.46 versions.

CVE ID : CVE-2023-38381
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/wp-flybox/wordpress-wp-flybox-plugin-6-46-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2022-46841

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Soflyy Oxygen Builder plugin <= 4.4 versions.

CVE ID : CVE-2022-46841
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/oxygen/wordpress-oxygen-builder-plugin-4-6-2-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-25463

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Gopi Ramasamy WP tell a friend popup form plugin <= 7.1 versions.

CVE ID : CVE-2023-25463
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/wp-tell-a-friend-popup-form/wordpress-wp-tell-a-friend-popup-form-plugin-7-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-38396

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Alain Gonzalez plugin <= 3.1.2 versions.

CVE ID : CVE-2023-38396
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/google-map-shortcode/wordpress-google-map-shortcode-plugin-3-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-2830

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Trustindex.Io WP Testimonials plugin <= 1.4.2 versions.

CVE ID : CVE-2023-2830
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/testimonial-widgets/wordpress-wp-testimonials-plugin-1-4-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-39165

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Fetch Designs Sign-up Sheets plugin <= 2.2.8 versions.

CVE ID : CVE-2023-39165
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/sign-up-sheets/wordpress-sign-up-sheets-plugin-2-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-39923

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
Cross-Site Request Forgery (CSRF) vulnerability in RadiusTheme The Post Grid plugin <= 7.2.7 versions.

CVE ID : CVE-2023-39923
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/the-post-grid/wordpress-the-post-grid-plugin-7-2-7-cross-site-request-forgery-csrf-leading-to-css-change-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-39989

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
Cross-Site Request Forgery (CSRF) vulnerability in 99robots Header Footer Code Manager plugin <= 1.1.34 versions.

CVE ID : CVE-2023-39989
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/header-footer-code-manager/wordpress-header-footer-code-manager-plugin-1-1-34-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-40210

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Sean Barton (Tortoise IT) SB Child List plugin <= 4.5 versions.

CVE ID : CVE-2023-40210
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/sb-child-list/wordpress-sb-child-list-plugin-4-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-40009

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in ThimPress WP Pipes plugin <= 1.4.0 versions.

CVE ID : CVE-2023-40009
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/wp-pipes/wordpress-wp-pipes-plugin-1-4-0-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-40198

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Antsanchez Easy Cookie Law plugin <= 3.1 versions.

CVE ID : CVE-2023-40198
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/easy-cookie-law/wordpress-easy-cookie-law-plugin-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-40199

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab WP Like Button plugin <= 1.7.0 versions.

CVE ID : CVE-2023-40199
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/wp-like-button/wordpress-wp-like-button-plugin-1-6-11-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-40202

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Hannes Etzelstorfer // codemiq WP HTML Mail plugin <= 3.4.1 versions.

CVE ID : CVE-2023-40202
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/wp-html-mail/wordpress-email-template-designer-wp-html-mail-plugin-3-4-0-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-32091

First published on : 03-10-2023 14:15:10
Last modified on : 03-10-2023 14:29:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in POEditor plugin <= 0.9.4 versions.

CVE ID : CVE-2023-32091
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/poeditor/wordpress-poeditor-plugin-0-9-4-cross-site-request-forgery-csrf-to-stored-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-40558

First published on : 03-10-2023 14:15:10
Last modified on : 03-10-2023 14:29:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in eMarket Design YouTube Video Gallery by YouTube Showcase plugin <= 3.3.5 versions.

CVE ID : CVE-2023-40558
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/youtube-showcase/wordpress-video-gallery-management-plugin-3-3-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-41693

First published on : 03-10-2023 14:15:11
Last modified on : 03-10-2023 14:29:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in edward_plainview MyCryptoCheckout plugin <= 2.125 versions.

CVE ID : CVE-2023-41693
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/mycryptocheckout/wordpress-mycryptocheckout-plugin-2-125-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-37891

First published on : 03-10-2023 10:15:10
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in OptiMonk OptiMonk: Popups, Personalization & A/B Testing plugin <= 2.0.4 versions.

CVE ID : CVE-2023-37891
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/exit-intent-popups-by-optimonk/wordpress-exit-popups-onsite-retargeting-by-optimonk-plugin-2-0-4-cross-site-request-forgery-csrf?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-37991

First published on : 03-10-2023 10:15:10
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Monchito.Net WP Emoji One plugin <= 0.6.0 versions.

CVE ID : CVE-2023-37991
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/wp-emoji-one/wordpress-wp-emoji-one-plugin-0-6-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-37998

First published on : 03-10-2023 10:15:10
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Saas Disabler plugin <= 3.0.3 versions.

CVE ID : CVE-2023-37998
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/disabler/wordpress-disabler-plugin-3-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-37990

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Mike Perelink Pro plugin <= 2.1.4 versions.

CVE ID : CVE-2023-37990
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/perelink/wordpress-perelink-pro-plugin-2-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-38390

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:44

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Anshul Labs Mobile Address Bar Changer plugin <= 3.0 versions.

CVE ID : CVE-2023-38390
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/mobile-address-bar-changer/wordpress-mobile-address-bar-changer-plugin-3-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-38398

First published on : 03-10-2023 11:15:25
Last modified on : 03-10-2023 12:51:39

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Taboola plugin <= 2.0.1 versions.

CVE ID : CVE-2023-38398
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/taboola/wordpress-taboola-plugin-2-0-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-25989

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Meks Video Importer, Meks Time Ago, Meks ThemeForest Smart Widget, Meks Smart Author Widget, Meks Audio Player, Meks Easy Maps, Meks Easy Photo Feed Widget, Meks Simple Flickr Widget, Meks Easy Ads Widget, Meks Smart Social Widget plugins leading to dismiss or the popup.

CVE ID : CVE-2023-25989
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/meks-audio-player/wordpress-meks-audio-player-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-easy-ads-widget/wordpress-meks-easy-ads-widget-plugin-2-0-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-easy-instagram-widget/wordpress-meks-easy-photo-feed-widget-plugin-1-2-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-easy-maps/wordpress-meks-easy-maps-plugin-2-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-simple-flickr-widget/wordpress-meks-simple-flickr-widget-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-smart-author-widget/wordpress-meks-smart-author-widget-plugin-1-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-smart-social-widget/wordpress-meks-smart-social-widget-plugin-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-themeforest-smart-widget/wordpress-meks-themeforest-smart-widget-plugin-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-time-ago/wordpress-meks-time-ago-plugin-1-1-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com
https://patchstack.com/database/vulnerability/meks-video-importer/wordpress-meks-video-importer-plugin-1-0-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-39917

First published on : 03-10-2023 12:15:10
Last modified on : 03-10-2023 12:51:39

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Photo Gallery Team Photo Gallery by Ays โ€“ Responsive Image Gallery plugin <= 5.2.6 versions.

CVE ID : CVE-2023-39917
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-2-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-39159

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Fraud Prevention For Woocommerce plugin <= 2.1.5 versions.

CVE ID : CVE-2023-39159
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/woo-blocker-lite-prevent-fake-orders-and-blacklist-fraud-customers/wordpress-fraud-prevention-for-woocommerce-plugin-2-1-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-40212

First published on : 03-10-2023 13:15:10
Last modified on : 03-10-2023 13:52:20

Description :
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Product Attachment for WooCommerce plugin <= 2.1.8 versions.

CVE ID : CVE-2023-40212
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/woo-product-attachment/wordpress-product-attachment-for-woocommerce-plugin-2-1-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-39158

First published on : 03-10-2023 14:15:10
Last modified on : 03-10-2023 14:29:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in theDotstore Banner Management For WooCommerce plugin <= 2.4.2 versions.

CVE ID : CVE-2023-39158
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/banner-management-for-woocommerce/wordpress-banner-management-for-woocommerce-plugin-2-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-41244

First published on : 03-10-2023 14:15:11
Last modified on : 03-10-2023 14:29:08

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Buildfail Localize Remote Images plugin <= 1.0.9 versions.

CVE ID : CVE-2023-41244
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/localize-remote-images/wordpress-localize-remote-images-plugin-1-0-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Source : jfrog.com

Vulnerability ID : CVE-2023-42508

First published on : 03-10-2023 13:15:11
Last modified on : 03-10-2023 13:52:20

Description :
JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body.

CVE ID : CVE-2023-42508
Source : reefs@jfrog.com
CVSS Score : 6.5

References :
https://jfrog.com/help/r/jfrog-release-information/jfrog-security-advisories | source : reefs@jfrog.com

Vulnerability : CWE-20


Source : moxa.com

Vulnerability ID : CVE-2023-4929

First published on : 03-10-2023 14:15:11
Last modified on : 03-10-2023 14:29:08

Description :
All firmware versions of the NPort 5000 Series are affected by an improper validation of integrity check vulnerability. This vulnerability results from insufficient checks on firmware updates or upgrades, potentially allowing malicious users to manipulate the firmware and gain control of devices.

CVE ID : CVE-2023-4929
Source : psirt@moxa.com
CVSS Score : 6.5

References :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-233328-nport-5000-series-firmware-improper-validation-of-integrity-check-vulnerability | source : psirt@moxa.com

Vulnerability : CWE-354


Source : wordfence.com

Vulnerability ID : CVE-2023-5334

First published on : 03-10-2023 02:15:10
Last modified on : 03-10-2023 12:51:52

Description :
The WP Responsive header image slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sp_responsiveslider' shortcode in versions up to, and including, 3.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-5334
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/browser/responsive-header-image-slider/trunk/responsive_headerimageslider.php#L343 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/6953dea2-ca2d-4283-97c2-45c3420d9390?source=cve | source : security@wordfence.com

Vulnerability : CWE-79


Source : huntr.dev

Vulnerability ID : CVE-2023-5350

First published on : 03-10-2023 12:15:11
Last modified on : 03-10-2023 12:51:39

Description :
SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1.

CVE ID : CVE-2023-5350
Source : security@huntr.dev
CVSS Score : 6.4

References :
https://github.com/salesagility/suitecrm/commit/c43eaa311fb010b7928983e6afc6f9075c3996aa | source : security@huntr.dev
https://huntr.dev/bounties/c56563cb-b74e-4174-a09a-cd07689d6736 | source : security@huntr.dev

Vulnerability : CWE-89


Source : puppet.com

Vulnerability ID : CVE-2023-5255

First published on : 03-10-2023 18:15:10
Last modified on : 03-10-2023 18:15:10

Description :
For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked.

CVE ID : CVE-2023-5255
Source : security@puppet.com
CVSS Score : 4.4

References :
https://www.puppet.com/security/cve/cve-2023-5255-denial-service-revocation-auto-renewed-certificates-0 | source : security@puppet.com

Vulnerability : CWE-404


(0) LOW VULNERABILITIES [0.1, 3.9]

(26) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : jpcert.or.jp

Vulnerability ID : CVE-2023-39222

First published on : 03-10-2023 01:15:56
Last modified on : 03-10-2023 12:51:52

Description :
OS command injection vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to execute an arbitrary OS command that is not intended to be executed from the web interface by sending a specially crafted request. Affected products and versions are as follows: ACERA 1320 firmware ver.01.26 and earlier, ACERA 1310 firmware ver.01.26 and earlier, ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.

CVE ID : CVE-2023-39222
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://jvn.jp/en/vu/JVNVU94497038/ | source : vultures@jpcert.or.jp
https://www.furunosystems.co.jp/news/info/vulner20231002.html | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2023-39429

First published on : 03-10-2023 01:15:56
Last modified on : 03-10-2023 12:51:52

Description :
Cross-site scripting vulnerability in FURUNO SYSTEMS wireless LAN access point devices allows an authenticated user to inject an arbitrary script via a crafted configuration. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.

CVE ID : CVE-2023-39429
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://jvn.jp/en/vu/JVNVU94497038/ | source : vultures@jpcert.or.jp
https://www.furunosystems.co.jp/news/info/vulner20231002.html | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2023-41086

First published on : 03-10-2023 01:15:56
Last modified on : 03-10-2023 12:51:52

Description :
Cross-site request forgery (CSRF) vulnerability exists in FURUNO SYSTEMS wireless LAN access point devices. If a user views a malicious page while logged in, unintended operations may be performed. Affected products and versions are as follows: ACERA 1210 firmware ver.02.36 and earlier, ACERA 1150i firmware ver.01.35 and earlier, ACERA 1150w firmware ver.01.35 and earlier, ACERA 1110 firmware ver.01.76 and earlier, ACERA 1020 firmware ver.01.86 and earlier, ACERA 1010 firmware ver.01.86 and earlier, ACERA 950 firmware ver.01.60 and earlier, ACERA 850F firmware ver.01.60 and earlier, ACERA 900 firmware ver.02.54 and earlier, ACERA 850M firmware ver.02.06 and earlier, ACERA 810 firmware ver.03.74 and earlier, and ACERA 800ST firmware ver.07.35 and earlier. They are affected when running in ST(Standalone) mode.

CVE ID : CVE-2023-41086
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://jvn.jp/en/vu/JVNVU94497038/ | source : vultures@jpcert.or.jp
https://www.furunosystems.co.jp/news/info/vulner20231002.html | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2023-42771

First published on : 03-10-2023 01:15:56
Last modified on : 03-10-2023 12:51:52

Description :
Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent unauthenticated attacker who can access the affected product to download configuration files and/or log files, and upload configuration files and/or firmware. They are affected when running in ST(Standalone) mode.

CVE ID : CVE-2023-42771
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://jvn.jp/en/vu/JVNVU94497038/ | source : vultures@jpcert.or.jp
https://www.furunosystems.co.jp/news/info/vulner20231002.html | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2023-43627

First published on : 03-10-2023 01:15:57
Last modified on : 03-10-2023 12:51:52

Description :
Path traversal vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 firmware ver.01.26 and earlier allows a network-adjacent authenticated attacker to alter critical information such as system files by sending a specially crafted request. They are affected when running in ST(Standalone) mode.

CVE ID : CVE-2023-43627
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://jvn.jp/en/vu/JVNVU94497038/ | source : vultures@jpcert.or.jp
https://www.furunosystems.co.jp/news/info/vulner20231002.html | source : vultures@jpcert.or.jp


Source : sonicwall.com

Vulnerability ID : CVE-2023-44217

First published on : 03-10-2023 08:15:36
Last modified on : 03-10-2023 12:51:44

Description :
A local privilege escalation vulnerability in SonicWall Net Extender MSI client for Windows 10.2.336 and earlier versions allows a local low-privileged user to gain system privileges through running repair functionality.

CVE ID : CVE-2023-44217
Source : PSIRT@sonicwall.com
CVSS Score : /

References :
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0013 | source : PSIRT@sonicwall.com

Vulnerability : CWE-269


Source : redhat.com

Vulnerability ID : CVE-2023-2222

First published on : 03-10-2023 16:15:10
Last modified on : 03-10-2023 16:15:10

Description :
** REJECT ** This was deemed not a security vulnerability by upstream.

CVE ID : CVE-2023-2222
Source : secalert@redhat.com
CVSS Score : /

References :


Source : arm.com

Vulnerability ID : CVE-2023-33200

First published on : 03-10-2023 17:15:09
Last modified on : 03-10-2023 18:09:47

Description :
A local non-privileged user can make improper GPU processing operations to exploit a software race condition. If the systemโ€™s memory is carefully prepared by the user, then this in turn could give them access to already freed memory.

CVE ID : CVE-2023-33200
Source : arm-security@arm.com
CVSS Score : /

References :
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | source : arm-security@arm.com

Vulnerability : CWE-416


Vulnerability ID : CVE-2023-34970

First published on : 03-10-2023 17:15:09
Last modified on : 03-10-2023 18:09:47

Description :
A local non-privileged user can make improper GPU processing operations to access a limited amount outside of buffer bounds or to exploit a software race condition. If the systemโ€™s memory is carefully prepared by the user, then this in turn could give them access to already freed memory

CVE ID : CVE-2023-34970
Source : arm-security@arm.com
CVSS Score : /

References :
https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities | source : arm-security@arm.com

Vulnerability : CWE-416


Source : mitre.org

Vulnerability ID : CVE-2023-43976

First published on : 03-10-2023 19:15:09
Last modified on : 03-10-2023 19:15:09

Description :
An issue in CatoNetworks CatoClient before v.5.4.0 allows attackers to escalate privileges and winning the race condition (TOCTOU) via the PrivilegedHelperTool component.

CVE ID : CVE-2023-43976
Source : cve@mitre.org
CVSS Score : /

References :
https://www.catonetworks.com | source : cve@mitre.org
https://www.ns-echo.com/posts/cve_2023_43976.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-40830

First published on : 03-10-2023 20:15:09
Last modified on : 03-10-2023 20:15:09

Description :
Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.

CVE ID : CVE-2023-40830
Source : cve@mitre.org
CVSS Score : /

References :
https://reference1.example.com/goform/WifiWpsOOB | source : cve@mitre.org


Vulnerability ID : CVE-2023-33268

First published on : 03-10-2023 21:15:09
Last modified on : 03-10-2023 21:15:09

Description :
An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection (blind).

CVE ID : CVE-2023-33268
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33268.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-33269

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
An issue was discovered in DTS Monitoring 3.57.0. The parameter options within the WGET check function is vulnerable to OS command injection (blind).

CVE ID : CVE-2023-33269
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33269.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-33270

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check function is vulnerable to OS command injection (blind).

CVE ID : CVE-2023-33270
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33270.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-33271

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
An issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL Certificate check function is vulnerable to OS command injection (blind).

CVE ID : CVE-2023-33271
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33271.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-33272

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
An issue was discovered in DTS Monitoring 3.57.0. The parameter ip within the Ping check function is vulnerable to OS command injection (blind).

CVE ID : CVE-2023-33272
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33272.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-33273

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check function is vulnerable to OS command injection (blind).

CVE ID : CVE-2023-33273
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/l4rRyxz/CVE-Disclosures/blob/main/CVE-2023-33273.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-39645

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
Theme volty tvcmspaymenticon up to v4.0.1 was discovered to contain a SQL injection vulnerability via the component /tvcmspaymenticon/ajax.php?action=update_position&recordsArray.

CVE ID : CVE-2023-39645
Source : cve@mitre.org
CVSS Score : /

References :
https://security.friendsofpresta.org/modules/2023/09/26/tvcmspaymenticon.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-40519

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
A cross-site scripting (XSS) vulnerability in the bpk-common/auth/login/index.html login portal in Broadpeak Centralized Accounts Management Auth Agent 01.01.00.19219575_ee9195b0, 01.01.01.30097902_fd999e76, and 00.12.01.9565588_1254b459 allows remote attackers to inject arbitrary web script or HTML via the disconnectMessage parameter.

CVE ID : CVE-2023-40519
Source : cve@mitre.org
CVSS Score : /

References :
https://medium.com/munchy-bytes/security-disclosure-of-vulnerabilities-cve-2023-40519-2fc319737dfa | source : cve@mitre.org


Vulnerability ID : CVE-2023-43176

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
A deserialization vulnerability in Afterlogic Aurora Files v9.7.3 allows attackers to execute arbitrary code via supplying a crafted .sabredav file.

CVE ID : CVE-2023-43176
Source : cve@mitre.org
CVSS Score : /

References :
http://afterlogic.com | source : cve@mitre.org
http://aurora.com | source : cve@mitre.org
https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H&version=3.1 | source : cve@mitre.org
https://sec.leonardini.dev/blog/cve-2023-43176-rce_aurora_files/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-43898

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
Nothings stb 2.28 was discovered to contain a Null Pointer Dereference via the function stbi__convert_format. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted pic file.

CVE ID : CVE-2023-43898
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/peccc/null-stb | source : cve@mitre.org


Vulnerability ID : CVE-2023-43951

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column Management component.

CVE ID : CVE-2023-43951
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-43951 | source : cve@mitre.org


Vulnerability ID : CVE-2023-43952

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component.

CVE ID : CVE-2023-43952
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-43952 | source : cve@mitre.org


Vulnerability ID : CVE-2023-43953

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Content Management component.

CVE ID : CVE-2023-43953
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/M19O/Security-Advisories/tree/main/CVE-2023-43953 | source : cve@mitre.org


Vulnerability ID : CVE-2023-44973

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

CVE ID : CVE-2023-44973
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/yangliukk/emlog/blob/main/Template-getshell.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-44974

First published on : 03-10-2023 21:15:10
Last modified on : 03-10-2023 21:15:10

Description :
An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

CVE ID : CVE-2023-44974
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/yangliukk/emlog/blob/main/Plugin-getshell.md | source : cve@mitre.org


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.