Latest vulnerabilities of Wednesday, November 1, 2023

Latest vulnerabilities of Wednesday, November 1, 2023
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/VULNERABILITIES-REPORTS-LOGO.png
{{titre}}

Last update performed on 11/01/2023 at 08:07:06 PM

(5) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : cisco.com

Vulnerability ID : CVE-2023-20048

First published on : 01-11-2023 18:15:08
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in the web services interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute certain unauthorized configuration commands on a Firepower Threat Defense (FTD) device that is managed by the FMC Software. This vulnerability is due to insufficient authorization of configuration commands that are sent through the web service interface. An attacker could exploit this vulnerability by authenticating to the FMC web services interface and sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to execute certain configuration commands on the targeted FTD device. To successfully exploit this vulnerability, an attacker would need valid credentials on the FMC Software.

CVE ID : CVE-2023-20048
Source : ykramarz@cisco.com
CVSS Score : 9.9

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmd-inj-29MP49hN | source : ykramarz@cisco.com


Source : starlabs.sg

Vulnerability ID : CVE-2023-1717

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
Prototype pollution in bitrix/templates/bitrix24/components/bitrix/menu/left_vertical/script.js in Bitrix24 22.0.300 allows remote attackers to execute arbitrary JavaScript code in the victim’s browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via polluting `__proto__[tag]` and `__proto__[text]`.

CVE ID : CVE-2023-1717
Source : info@starlabs.sg
CVSS Score : 9.6

References :
https://starlabs.sg/advisories/23/23-1717/ | source : info@starlabs.sg

Vulnerability : CWE-1321
Vulnerability : CWE-79


Vulnerability ID : CVE-2023-1720

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through /desktop_app/file.ajax.php?action=uploadfile.

CVE ID : CVE-2023-1720
Source : info@starlabs.sg
CVSS Score : 9.6

References :
https://starlabs.sg/advisories/23/23-1720/ | source : info@starlabs.sg

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-1715

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
A logic error when using mb_strpos() to check for potential XSS payload in Bitrix24 22.0.300 allows attackers to bypass XSS sanitisation via placing HTML tags at the begining of the payload.

CVE ID : CVE-2023-1715
Source : info@starlabs.sg
CVSS Score : 9.0

References :
https://starlabs.sg/advisories/23/23-1715/ | source : info@starlabs.sg

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-1716

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
Cross-site scripting (XSS) vulnerability in Invoice Edit Page in Bitrix24 22.0.300 allows attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege.

CVE ID : CVE-2023-1716
Source : info@starlabs.sg
CVSS Score : 9.0

References :
https://starlabs.sg/advisories/23/23-1716/ | source : info@starlabs.sg

Vulnerability : CWE-79


(21) HIGH VULNERABILITIES [7.0, 8.9]

Source : starlabs.sg

Vulnerability ID : CVE-2023-1713

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:08

Description :
Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file.

CVE ID : CVE-2023-1713
Source : info@starlabs.sg
CVSS Score : 8.8

References :
https://starlabs.sg/advisories/23/23-1713/ | source : info@starlabs.sg

Vulnerability : CWE-434


Vulnerability ID : CVE-2023-1714

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
Unsafe variable extraction in bitrix/modules/main/classes/general/user_options.php in Bitrix24 22.0.300 allows remote authenticated attackers to execute arbitrary code via (1) appending arbitrary content to existing PHP files or (2) PHAR deserialization.

CVE ID : CVE-2023-1714
Source : info@starlabs.sg
CVSS Score : 8.8

References :
https://starlabs.sg/advisories/23/23-1714/ | source : info@starlabs.sg

Vulnerability : CWE-502


Vulnerability ID : CVE-2023-4197

First published on : 01-11-2023 08:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain php code from user-supplied input when creating a website, allowing an attacker inject and evaluate arbitrary code.< p>

CVE ID : CVE-2023-4197
Source : info@starlabs.sg
CVSS Score : 7.5

References :
https://github.com/Dolibarr/dolibarr/commit/0ed6a63fb06be88be5a4f8bcdee83185eee4087e | source : info@starlabs.sg
https://starlabs.sg/advisories/23/23-4197 | source : info@starlabs.sg

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-1718

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url".

CVE ID : CVE-2023-1718
Source : info@starlabs.sg
CVSS Score : 7.5

References :
https://starlabs.sg/advisories/23/23-1718/ | source : info@starlabs.sg

Vulnerability : CWE-835


Vulnerability ID : CVE-2023-1719

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
Global variable extraction in bitrix/modules/main/tools.php in Bitrix24 22.0.300 allows unauthenticated remote attackers to (1) enumerate attachments on the server and (2) execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via overwriting uninitialised variables.

CVE ID : CVE-2023-1719
Source : info@starlabs.sg
CVSS Score : 7.5

References :
https://starlabs.sg/advisories/23/23-1719/ | source : info@starlabs.sg

Vulnerability : CWE-665


Source : redhat.com

Vulnerability ID : CVE-2023-5178

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation in case that the attacker already has local privileges.

CVE ID : CVE-2023-5178
Source : secalert@redhat.com
CVSS Score : 8.8

References :
https://access.redhat.com/security/cve/CVE-2023-5178 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2241924 | source : secalert@redhat.com
https://lore.kernel.org/linux-nvme/20231002105428.226515-1-sagi@grimberg.me/ | source : secalert@redhat.com


Vulnerability ID : CVE-2023-3972

First published on : 01-11-2023 16:15:08
Last modified on : 01-11-2023 16:16:34

Description :
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).

CVE ID : CVE-2023-3972
Source : secalert@redhat.com
CVSS Score : 7.8

References :
https://access.redhat.com/security/cve/CVE-2023-3972 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2227027 | source : secalert@redhat.com
https://github.com/RedHatInsights/insights-core/pull/3878 | source : secalert@redhat.com


Source : cisco.com

Vulnerability ID : CVE-2023-20175

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Read-only-level privileges or higher on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

CVE ID : CVE-2023-20175
Source : ykramarz@cisco.com
CVSS Score : 8.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-QeXegrCw | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20086

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
A vulnerability in ICMPv6 processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to improper processing of ICMPv6 messages. An attacker could exploit this vulnerability by sending crafted ICMPv6 messages to a targeted Cisco ASA or FTD system with IPv6 enabled. A successful exploit could allow the attacker to cause the device to reload, resulting in a DoS condition.

CVE ID : CVE-2023-20086
Source : ykramarz@cisco.com
CVSS Score : 8.6

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-icmpv6-t5TzqwNd | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20244

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
A vulnerability in the internal packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain packets when they are sent to the inspection engine. An attacker could exploit this vulnerability by sending a series of crafted packets to an affected device. A successful exploit could allow the attacker to deplete all 9,472 byte blocks on the device, resulting in traffic loss across the device or an unexpected reload of the device. If the device does not reload on its own, a manual reload of the device would be required to recover from this state.

CVE ID : CVE-2023-20244
Source : ykramarz@cisco.com
CVSS Score : 8.6

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-intrusion-dos-DfT7wyGC | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20083

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in ICMPv6 inspection when configured with the Snort 2 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the CPU of an affected device to spike to 100 percent, which could stop all traffic processing and result in a denial of service (DoS) condition. FTD management traffic is not affected by this vulnerability. This vulnerability is due to improper error checking when parsing fields within the ICMPv6 header. An attacker could exploit this vulnerability by sending a crafted ICMPv6 packet through an affected device. A successful exploit could allow the attacker to cause the device to exhaust CPU resources and stop processing traffic, resulting in a DoS condition. Note: To recover from the DoS condition, the Snort 2 Detection Engine or the Cisco FTD device may need to be restarted.

CVE ID : CVE-2023-20083
Source : ykramarz@cisco.com
CVSS Score : 8.6

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-icmpv6-dos-4eMkLuN | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20095

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of HTTPS requests. An attacker could exploit this vulnerability by sending crafted HTTPS requests to an affected system. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a DoS condition.

CVE ID : CVE-2023-20095
Source : ykramarz@cisco.com
CVSS Score : 8.6

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-webvpn-dos-3GhZQBAS | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20063

First published on : 01-11-2023 18:15:08
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in the inter-device communication mechanisms between devices that are running Cisco Firepower Threat Defense (FTD) Software and devices that are running Cisco Firepower Management (FMC) Software could allow an authenticated, local attacker to execute arbitrary commands with root permissions on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by accessing the expert mode of an affected device and submitting specific commands to a connected system. A successful exploit could allow the attacker to execute arbitrary code in the context of an FMC device if the attacker has administrative privileges on an associated FTD device. Alternatively, a successful exploit could allow the attacker to execute arbitrary code in the context of an FTD device if the attacker has administrative privileges on an associated FMC device.

CVE ID : CVE-2023-20063
Source : ykramarz@cisco.com
CVSS Score : 8.2

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-fmc-code-inj-wSHrgz8L | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20155

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
A vulnerability in a logging API in Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause the device to become unresponsive or trigger an unexpected reload. This vulnerability could also allow an attacker with valid user credentials, but not Administrator privileges, to view a system log file that they would not normally have access to. This vulnerability is due to a lack of rate-limiting of requests that are sent to a specific API that is related to an FMC log. An attacker could exploit this vulnerability by sending a high rate of HTTP requests to the API. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the FMC CPU spiking to 100 percent utilization or to the device reloading. CPU utilization would return to normal if the attack traffic was stopped before an unexpected reload was triggered.

CVE ID : CVE-2023-20155
Source : ykramarz@cisco.com
CVSS Score : 7.5

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-logview-dos-AYJdeX55 | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20219

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. The attacker would need valid device credentials but does not require administrator privileges to exploit this vulnerability. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device including the underlying operating system which could also affect the availability of the device.

CVE ID : CVE-2023-20219
Source : ykramarz@cisco.com
CVSS Score : 7.2

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmdinj-bTEgufOX | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20220

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system. To exploit these vulnerabilities, the attacker must have valid device credentials, but does not need Administrator privileges. These vulnerabilities are due to insufficient validation of user-supplied input for certain configuration options. An attacker could exploit these vulnerabilities by using crafted input within the device configuration GUI. A successful exploit could allow the attacker to execute arbitrary commands on the device, including on the underlying operating system, which could also affect the availability of the device.

CVE ID : CVE-2023-20220
Source : ykramarz@cisco.com
CVSS Score : 7.2

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-cmdinj-bTEgufOX | source : ykramarz@cisco.com


Source : solarwinds.com

Vulnerability ID : CVE-2023-33226

First published on : 01-11-2023 16:15:08
Last modified on : 01-11-2023 16:16:34

Description :
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows a low-level user to perform the actions with SYSTEM privileges.

CVE ID : CVE-2023-33226
Source : psirt@solarwinds.com
CVSS Score : 8.0

References :
https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm | source : psirt@solarwinds.com
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33226 | source : psirt@solarwinds.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-33227

First published on : 01-11-2023 16:15:08
Last modified on : 01-11-2023 16:16:34

Description :
The Network Configuration Manager was susceptible to a Directory Traversal Remote Code Execution Vulnerability This vulnerability allows a low level user to perform the actions with SYSTEM privileges.

CVE ID : CVE-2023-33227
Source : psirt@solarwinds.com
CVSS Score : 8.0

References :
https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm | source : psirt@solarwinds.com
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33227 | source : psirt@solarwinds.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-40062

First published on : 01-11-2023 16:15:08
Last modified on : 01-11-2023 16:16:34

Description :
SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges.

CVE ID : CVE-2023-40062
Source : psirt@solarwinds.com
CVSS Score : 8.0

References :
https://documentation.solarwinds.com/en/success_center/hco/content/release_notes/hco_2023-4_release_notes.htm | source : psirt@solarwinds.com
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40062 | source : psirt@solarwinds.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-40061

First published on : 01-11-2023 16:15:08
Last modified on : 01-11-2023 16:16:34

Description :
Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result.

CVE ID : CVE-2023-40061
Source : psirt@solarwinds.com
CVSS Score : 7.1

References :
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40061 | source : psirt@solarwinds.com

Vulnerability : CWE-20


Source : moxa.com

Vulnerability ID : CVE-2023-5627

First published on : 01-11-2023 16:15:08
Last modified on : 01-11-2023 16:16:34

Description :
A vulnerability has been identified in NPort 6000 Series, making the authentication mechanism vulnerable. This vulnerability arises from the incorrect implementation of sensitive information protection, potentially allowing malicious users to gain unauthorized access to the web service.

CVE ID : CVE-2023-5627
Source : psirt@moxa.com
CVSS Score : 7.5

References :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-232905-nport-6000-series-incorrect-implementation-of-authentication-algorithm-vulnerability | source : psirt@moxa.com

Vulnerability : CWE-257
Vulnerability : CWE-303
Vulnerability : CWE-327


(36) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : cisco.com

Vulnerability ID : CVE-2023-20042

First published on : 01-11-2023 18:15:08
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an implementation error within the SSL/TLS session handling process that can prevent the release of a session handler under specific conditions. An attacker could exploit this vulnerability by sending crafted SSL/TLS traffic to an affected device, increasing the probability of session handler leaks. A successful exploit could allow the attacker to eventually deplete the available session handler pool, preventing new sessions from being established and causing a DoS condition.

CVE ID : CVE-2023-20042
Source : ykramarz@cisco.com
CVSS Score : 6.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ssl-dos-kxG8mpUA | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20114

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
A vulnerability in the file download feature of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to download arbitrary files from an affected system. This vulnerability is due to a lack of input sanitation. An attacker could exploit this vulnerability by sending a crafted HTTPS request. A successful exploit could allow the attacker to download arbitrary files from the affected system.

CVE ID : CVE-2023-20114
Source : ykramarz@cisco.com
CVSS Score : 6.5

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-file-download-7js4ug2J | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20206

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.

CVE ID : CVE-2023-20206
Source : ykramarz@cisco.com
CVSS Score : 6.1

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-sK2gkfvJ | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20264

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:40

Description :
A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 single sign-on (SSO) for remote access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to intercept the SAML assertion of a user who is authenticating to a remote access VPN session. This vulnerability is due to insufficient validation of the login URL. An attacker could exploit this vulnerability by persuading a user to access a site that is under the control of the attacker, allowing the attacker to modify the login URL. A successful exploit could allow the attacker to intercept a successful SAML assertion and use that assertion to establish a remote access VPN session toward the affected device with the identity and permissions of the hijacked user, resulting in access to the protected network.

CVE ID : CVE-2023-20264
Source : ykramarz@cisco.com
CVSS Score : 6.1

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-saml-hijack-ttuQfyz | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20170

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker to perform command injection attacks on the underlying operating system and elevate privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by submitting a crafted CLI command. A successful exploit could allow the attacker to elevate privileges to root.

CVE ID : CVE-2023-20170
Source : ykramarz@cisco.com
CVSS Score : 6.0

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-injection-QeXegrCw | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20245

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.

CVE ID : CVE-2023-20245
Source : ykramarz@cisco.com
CVSS Score : 5.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20270

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
A vulnerability in the interaction between the Server Message Block (SMB) protocol preprocessor and the Snort 3 detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass the configured policies or cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error-checking when the Snort 3 detection engine is processing SMB traffic. An attacker could exploit this vulnerability by sending a crafted SMB packet stream through an affected device. A successful exploit could allow the attacker to cause the Snort process to reload, resulting in a DoS condition.

CVE ID : CVE-2023-20270
Source : ykramarz@cisco.com
CVSS Score : 5.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-smbsnort3-dos-pfOjOYUV | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20071

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a flaw in the FTP module of the Snort detection engine. An attacker could exploit this vulnerability by sending crafted FTP traffic through an affected device. A successful exploit could allow the attacker to bypass FTP inspection and deliver a malicious payload.

CVE ID : CVE-2023-20071
Source : ykramarz@cisco.com
CVSS Score : 5.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-snort-ftd-zXYtnjOM | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20246

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
Multiple Cisco products are affected by a vulnerability in Snort access control policies that could allow an unauthenticated, remote attacker to bypass the configured policies on an affected system. This vulnerability is due to a logic error that occurs when the access control policies are being populated. An attacker could exploit this vulnerability by establishing a connection to an affected device. A successful exploit could allow the attacker to bypass configured access control rules on the affected system.

CVE ID : CVE-2023-20246
Source : ykramarz@cisco.com
CVSS Score : 5.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3acp-bypass-3bdR2BEh | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20255

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:40

Description :
A vulnerability in an API of the Web Bridge feature of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. This vulnerability is due to insufficient validation of HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP packets to an affected device. A successful exploit could allow the attacker to cause a partial availability condition, which could cause ongoing video calls to be dropped due to the invalid packets reaching the Web Bridge.

CVE ID : CVE-2023-20255
Source : ykramarz@cisco.com
CVSS Score : 5.3

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cms-segfault-G6ES4Ve8 | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20256

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
Multiple vulnerabilities in the per-user-override feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should be denied to flow through an affected device. These vulnerabilities are due to a logic error that could occur when the affected software constructs and applies per-user-override rules. An attacker could exploit these vulnerabilities by connecting to a network through an affected device that has a vulnerable configuration. A successful exploit could allow the attacker to bypass the interface ACL and access resources that would should be protected.

CVE ID : CVE-2023-20256
Source : ykramarz@cisco.com
CVSS Score : 5.0

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ac-acl-bypass-bwd7q6Gb | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20247

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:40

Description :
A vulnerability in the remote access SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to bypass a configured multiple certificate authentication policy and connect using only a valid username and password. This vulnerability is due to improper error handling during remote access VPN authentication. An attacker could exploit this vulnerability by sending crafted requests during remote access VPN session establishment. A successful exploit could allow the attacker to bypass the configured multiple certificate authentication policy while retaining the privileges and permissions associated with the original connection profile.

CVE ID : CVE-2023-20247
Source : ykramarz@cisco.com
CVSS Score : 5.0

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-multi-cert-dzA3h5PT | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20005

First published on : 01-11-2023 17:15:10
Last modified on : 01-11-2023 17:16:31

Description :
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.

CVE ID : CVE-2023-20005
Source : ykramarz@cisco.com
CVSS Score : 4.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-sK2gkfvJ | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20041

First published on : 01-11-2023 17:15:10
Last modified on : 01-11-2023 17:16:31

Description :
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.

CVE ID : CVE-2023-20041
Source : ykramarz@cisco.com
CVSS Score : 4.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-sK2gkfvJ | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20074

First published on : 01-11-2023 17:15:10
Last modified on : 01-11-2023 17:16:31

Description :
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a stored cross-site scripting (XSS) attack against a user of the interface of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. In some cases, it is also possible to cause a temporary availability impact to portions of the FMC Dashboard.

CVE ID : CVE-2023-20074
Source : ykramarz@cisco.com
CVSS Score : 4.8

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-xss-sK2gkfvJ | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20195

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit these vulnerabilities by uploading a crafted file to an affected device. A successful exploit could allow the attacker to store malicious files in specific directories on the device. The attacker could later use those files to conduct additional attacks, including executing arbitrary code on the affected device with root privileges.

CVE ID : CVE-2023-20195
Source : ykramarz@cisco.com
CVSS Score : 4.7

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20196

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
Two vulnerabilities in Cisco ISE could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit these vulnerabilities, an attacker must have valid Administrator credentials on the affected device. These vulnerabilities are due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit these vulnerabilities by uploading a crafted file to an affected device. A successful exploit could allow the attacker to store malicious files in specific directories on the device. The attacker could later use those files to conduct additional attacks, including executing arbitrary code on the affected device with root privileges.

CVE ID : CVE-2023-20196
Source : ykramarz@cisco.com
CVSS Score : 4.7

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20213

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
A vulnerability in the CDP processing feature of Cisco ISE could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of the CDP process on an affected device. This vulnerability is due to insufficient bounds checking when an affected device processes CDP traffic. An attacker could exploit this vulnerability by sending crafted CDP traffic to the device. A successful exploit could cause the CDP process to crash, impacting neighbor discovery and the ability of Cisco ISE to determine the reachability of remote devices. After a crash, the CDP process must be manually restarted using the cdp enable command in interface configuration mode.

CVE ID : CVE-2023-20213
Source : ykramarz@cisco.com
CVSS Score : 4.3

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-file-upload-FceLP4xs | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20177

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
A vulnerability in the SSL file policy implementation of Cisco Firepower Threat Defense (FTD) Software that occurs when the SSL/TLS connection is configured with a URL Category and the Snort 3 detection engine could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability exists because a logic error occurs when a Snort 3 detection engine inspects an SSL/TLS connection that has either a URL Category configured on the SSL file policy or a URL Category configured on an access control policy with TLS server identity discovery enabled. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted SSL/TLS connection through an affected device. A successful exploit could allow the attacker to trigger an unexpected reload of the Snort 3 detection engine, resulting in either a bypass or denial of service (DoS) condition, depending on device configuration. The Snort 3 detection engine will restart automatically. No manual intervention is required.

CVE ID : CVE-2023-20177
Source : ykramarz@cisco.com
CVSS Score : 4.0

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sa-ftd-snort3-urldos-OccFQTeX | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20031

First published on : 01-11-2023 18:15:08
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in the SSL/TLS certificate handling of Snort 3 Detection Engine integration with Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to restart. This vulnerability is due to a logic error that occurs when an SSL/TLS certificate that is under load is accessed when it is initiating an SSL connection. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a high rate of SSL/TLS connection requests to be inspected by the Snort 3 detection engine on an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in either a bypass or a denial of service (DoS) condition, depending on device configuration. The Snort detection engine will restart automatically. No manual intervention is required.

CVE ID : CVE-2023-20031
Source : ykramarz@cisco.com
CVSS Score : 4.0

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-8U4HHxH8 | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20070

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:43

Description :
A vulnerability in the TLS 1.3 implementation of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the Snort 3 detection engine to unexpectedly restart. This vulnerability is due to a logic error in how memory allocations are handled during a TLS 1.3 session. Under specific, time-based constraints, an attacker could exploit this vulnerability by sending a crafted TLS 1.3 message sequence through an affected device. A successful exploit could allow the attacker to cause the Snort 3 detection engine to reload, resulting in a denial of service (DoS) condition. While the Snort detection engine reloads, packets going through the FTD device that are sent to the Snort detection engine will be dropped. The Snort detection engine will restart automatically. No manual intervention is required.

CVE ID : CVE-2023-20070
Source : ykramarz@cisco.com
CVSS Score : 4.0

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftd-snort3-uAnUntcV | source : ykramarz@cisco.com


Vulnerability ID : CVE-2023-20267

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:40

Description :
A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability by spoofing an IP address until they bypass the restriction. A successful exploit could allow the attacker to bypass location-based IP address restrictions.

CVE ID : CVE-2023-20267
Source : ykramarz@cisco.com
CVSS Score : 4.0

References :
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ftdsnort3sip-bypass-LMz2ThKn | source : ykramarz@cisco.com


Source : tenable.com

Vulnerability ID : CVE-2023-5847

First published on : 01-11-2023 16:15:08
Last modified on : 01-11-2023 16:16:34

Description :
Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux hosts.

CVE ID : CVE-2023-5847
Source : vulnreport@tenable.com
CVSS Score : 6.7

References :
https://www.tenable.com/security/tns-2023-37 | source : vulnreport@tenable.com
https://www.tenable.com/security/tns-2023-38 | source : vulnreport@tenable.com

Vulnerability : CWE-269


Source : hitachienergy.com

Vulnerability ID : CVE-2023-2621

First published on : 01-11-2023 03:15:07
Last modified on : 01-11-2023 12:51:15

Description :
The McFeeder server (distributed as part of SSW package), is susceptible to an arbitrary file write vulnerability on the MAIN computer system. This vulnerability stems from the use of an outdated version of a third-party library, which is used to extract archives uploaded to McFeeder server. An authenticated malicious client can exploit this vulnerability by uploading a crafted ZIP archive via the network to McFeeder’s service endpoint.

CVE ID : CVE-2023-2621
Source : cybersecurity@hitachienergy.com
CVSS Score : 6.5

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000177&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2023-5514

First published on : 01-11-2023 03:15:07
Last modified on : 01-11-2023 12:51:15

Description :
The response messages received from the eSOMS report generation using certain parameter queries with full file path can be abused for enumerating the local file system structure.

CVE ID : CVE-2023-5514
Source : cybersecurity@hitachienergy.com
CVSS Score : 5.3

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000175&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com

Vulnerability : CWE-209


Vulnerability ID : CVE-2023-5515

First published on : 01-11-2023 03:15:07
Last modified on : 01-11-2023 12:51:15

Description :
The responses for web queries with certain parameters disclose internal path of resources. This information can be used to learn internal structure of the application and to further plot attacks against web servers and deployed web applications.

CVE ID : CVE-2023-5515
Source : cybersecurity@hitachienergy.com
CVSS Score : 5.3

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000175&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-5516

First published on : 01-11-2023 03:15:08
Last modified on : 01-11-2023 12:51:15

Description :
Poorly constructed webap requests and URI components with special characters trigger unhandled errors and exceptions, disclosing information about the underlying technology and other sensitive information details. The website unintentionally reveals sensitive information including technical details like version Info, endpoints, backend server, Internal IP. etc., which can potentially expose additional attack surface containing other interesting vulnerabilities.

CVE ID : CVE-2023-5516
Source : cybersecurity@hitachienergy.com
CVSS Score : 5.3

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000175&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com

Vulnerability : CWE-200


Source : starlabs.sg

Vulnerability ID : CVE-2023-4198

First published on : 01-11-2023 09:15:09
Last modified on : 01-11-2023 12:51:15

Description :
Improper Access Control in Dolibarr ERP CRM <= v17.0.3 allows an unauthorized authenticated user to read a database table containing customer data< p>

CVE ID : CVE-2023-4198
Source : info@starlabs.sg
CVSS Score : 6.5

References :
https://github.com/Dolibarr/dolibarr/commit/3065b9ca6ade988e8d7a8a8550415c0abb56b9cb#diff-7d68365a708c954051853ade884c7e97c6ff13150ee92657d6ffc8603e0f947b | source : info@starlabs.sg
https://starlabs.sg/advisories/23/23-4198 | source : info@starlabs.sg

Vulnerability : CWE-862


Source : moxa.com

Vulnerability ID : CVE-2023-4452

First published on : 01-11-2023 15:15:08
Last modified on : 01-11-2023 16:16:34

Description :
A vulnerability has been identified in the EDR-810, EDR-G902, and EDR-G903 Series, making them vulnerable to the denial-of-service vulnerability. This vulnerability stems from insufficient input validation in the URI, potentially enabling malicious users to trigger the device reboot.

CVE ID : CVE-2023-4452
Source : psirt@moxa.com
CVSS Score : 6.5

References :
https://www.moxa.com/en/support/product-support/security-advisory/mpsa-234880-edr-810-g902-g903-series-web-server-buffer-overflow-vulnerability | source : psirt@moxa.com

Vulnerability : CWE-120


Source : huntr.dev

Vulnerability ID : CVE-2023-5897

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/customLocale prior to 1.2.0-1.

CVE ID : CVE-2023-5897
Source : security@huntr.dev
CVSS Score : 6.3

References :
https://github.com/pkp/customLocale/commit/407ba30f12f78efe79122591c1d85709c10b6831 | source : security@huntr.dev
https://huntr.com/bounties/7c215b8e-63f6-4146-b8e3-8482c731876f | source : security@huntr.dev

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-5891

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Cross-site Scripting (XSS) - Reflected in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5891
Source : security@huntr.dev
CVSS Score : 5.4

References :
https://github.com/pkp/pkp-lib/commit/d4111c4d0eef783f1ed2e55654a5b83d9d527d97 | source : security@huntr.dev
https://huntr.com/bounties/ce4956e4-9ef5-4e0e-bfb2-481ec5cfb0a5 | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5892

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5892
Source : security@huntr.dev
CVSS Score : 5.4

References :
https://github.com/pkp/pkp-lib/commit/a0485a5c7410821e0432c079ca676ee6026bffb9 | source : security@huntr.dev
https://huntr.com/bounties/16719252-d88d-43cc-853a-24ff75a067d8 | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5890

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5890
Source : security@huntr.dev
CVSS Score : 4.6

References :
https://github.com/pkp/pkp-lib/commit/a868f1cdd98a4f1255a70fd6d8320511e0083f38 | source : security@huntr.dev
https://huntr.com/bounties/b60e6e1f-e44d-4b11-acf8-b0548b915686 | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5889

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Insufficient Session Expiration in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5889
Source : security@huntr.dev
CVSS Score : 4.3

References :
https://github.com/pkp/pkp-lib/commit/32d071ef2090fc336bc17d56a86d1dff90c26f0b | source : security@huntr.dev
https://huntr.com/bounties/fba2991a-1b8a-4c89-9689-d708526928e1 | source : security@huntr.dev

Vulnerability : CWE-613


Source : redhat.com

Vulnerability ID : CVE-2023-5625

First published on : 01-11-2023 14:15:38
Last modified on : 01-11-2023 16:16:34

Description :
A regression was introduced in the Red Hat build of python-eventlet due to a change in the patch application strategy, resulting in a patch for CVE-2021-21419 not being applied for all builds of all products.

CVE ID : CVE-2023-5625
Source : secalert@redhat.com
CVSS Score : 5.3

References :
https://access.redhat.com/errata/RHSA-2023:6128 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-5625 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2244717 | source : secalert@redhat.com


Source : solarwinds.com

Vulnerability ID : CVE-2023-33228

First published on : 01-11-2023 16:15:08
Last modified on : 01-11-2023 16:16:34

Description :
The SolarWinds Network Configuration Manager was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to obtain sensitive information.

CVE ID : CVE-2023-33228
Source : psirt@solarwinds.com
CVSS Score : 4.5

References :
https://documentation.solarwinds.com/en/success_center/ncm/content/release_notes/ncm_2023-4_release_notes.htm | source : psirt@solarwinds.com
https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-33228 | source : psirt@solarwinds.com

Vulnerability : CWE-311


(7) LOW VULNERABILITIES [0.1, 3.9]

Source : huntr.dev

Vulnerability ID : CVE-2023-5893

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5893
Source : security@huntr.dev
CVSS Score : 3.5

References :
https://github.com/pkp/pkp-lib/commit/992ca674e9fb705751b1cbf929a1856ebe29b30a | source : security@huntr.dev
https://huntr.com/bounties/a965aa16-79ce-4185-8f58-3d3b0d74a71e | source : security@huntr.dev

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-5894

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/ojs prior to 3.3.0-16.

CVE ID : CVE-2023-5894
Source : security@huntr.dev
CVSS Score : 3.5

References :
https://github.com/pkp/ojs/commit/66927de1a82e3a3004db9741d1505ddac0980e63 | source : security@huntr.dev
https://huntr.com/bounties/aba3ba5b-aa6b-4076-b663-4237b4a0761d | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5895

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Cross-site Scripting (XSS) - DOM in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5895
Source : security@huntr.dev
CVSS Score : 3.5

References :
https://github.com/pkp/pkp-lib/commit/83fa560d6fb54458b312addd23a91ee6520dbe63 | source : security@huntr.dev
https://huntr.com/bounties/2cc80417-32b2-4024-bbcd-d95a039c11ae | source : security@huntr.dev

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-5898

First published on : 01-11-2023 01:15:08
Last modified on : 01-11-2023 12:51:15

Description :
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5898
Source : security@huntr.dev
CVSS Score : 3.5

References :
https://github.com/pkp/pkp-lib/commit/01feef7a9392d314bf75b97a7e099cf0a307acd9 | source : security@huntr.dev
https://huntr.com/bounties/19801d12-b8ad-45e7-86e1-8f0230667c9e | source : security@huntr.dev

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-5899

First published on : 01-11-2023 01:15:08
Last modified on : 01-11-2023 12:51:15

Description :
Cross-Site Request Forgery (CSRF) in GitHub repository pkp/pkp-lib prior to 3.3.0-16.

CVE ID : CVE-2023-5899
Source : security@huntr.dev
CVSS Score : 3.5

References :
https://github.com/pkp/pkp-lib/commit/04e0e0eaeacd5d754b2f39c42148b31f646113c5 | source : security@huntr.dev
https://huntr.com/bounties/0c7f1981-3bba-4508-a07e-4cb9a2553216 | source : security@huntr.dev

Vulnerability : CWE-352


Vulnerability ID : CVE-2023-5896

First published on : 01-11-2023 01:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Cross-site Scripting (XSS) - Stored in GitHub repository pkp/pkp-lib prior to 3.4.0-4.

CVE ID : CVE-2023-5896
Source : security@huntr.dev
CVSS Score : 2.7

References :
https://github.com/pkp/pkp-lib/commit/18b318f83105ffa7fa214179f8e20507b0754236 | source : security@huntr.dev
https://huntr.com/bounties/a1f05be5-24ed-4ec5-9858-fce4233f7bb1 | source : security@huntr.dev

Vulnerability : CWE-79


Source : hitachienergy.com

Vulnerability ID : CVE-2023-2622

First published on : 01-11-2023 03:15:07
Last modified on : 01-11-2023 12:51:15

Description :
Authenticated clients can read arbitrary files on the MAIN Computer system using the remote procedure call (RPC) of the InspectSetup service endpoint. The low privilege client is then allowed to read arbitrary files that they do not have authorization to read.

CVE ID : CVE-2023-2622
Source : cybersecurity@hitachienergy.com
CVSS Score : 2.7

References :
https://publisher.hitachienergy.com/preview?DocumentId=8DBD000177&languageCode=en&Preview=true | source : cybersecurity@hitachienergy.com

Vulnerability : CWE-668


(62) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : jpcert.or.jp

Vulnerability ID : CVE-2023-46278

First published on : 01-11-2023 00:15:09
Last modified on : 01-11-2023 12:51:21

Description :
Uncontrolled resource consumption vulnerability in Cybozu Remote Service 4.1.0 to 4.1.1 allows a remote authenticated attacker to consume huge storage space or cause significantly delayed communication.

CVE ID : CVE-2023-46278
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://cs.cybozu.co.jp/2023/010657.html | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN94132951/ | source : vultures@jpcert.or.jp


Source : mitre.org

Vulnerability ID : CVE-2023-47094

First published on : 01-11-2023 00:15:09
Last modified on : 01-11-2023 12:51:21

Description :
An issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripting (XSS) vulnerability was discovered in the Account Plans tab of System Settings via the Plan Name field. Whenever the module is accessed, the XSS payload is executed.

CVE ID : CVE-2023-47094
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/pavanughade43/Virtualmin-7.7/blob/main/CVE-2023-47094 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47095

First published on : 01-11-2023 00:15:09
Last modified on : 01-11-2023 12:51:21

Description :
An issue was discovered in Virtualmin 7.7. The Custom Fields feature of Edit Virtual Server under System Customization allows XSS.

CVE ID : CVE-2023-47095
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/pavanughade43/Virtualmin-7.7/blob/main/CVE-2023-47095 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47096

First published on : 01-11-2023 00:15:09
Last modified on : 01-11-2023 12:51:21

Description :
An issue was discovered in Virtualmin 7.7. The Cloudmin Services Client under System Settings allows XSS.

CVE ID : CVE-2023-47096
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/pavanughade43/Virtualmin-7.7/blob/main/CVE-2023-47096 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47097

First published on : 01-11-2023 00:15:09
Last modified on : 01-11-2023 12:51:21

Description :
An issue was discovered in Virtualmin 7.7. The Server Templates feature under System Settings allows XSS.

CVE ID : CVE-2023-47097
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/pavanughade43/Virtualmin-7.7/blob/main/CVE-2023-47097 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47098

First published on : 01-11-2023 00:15:09
Last modified on : 01-11-2023 12:51:21

Description :
An issue was discovered in Virtualmin 7.7. A Stored Cross-Site Scripting (XSS) vulnerability exists in the Create Extra Administrator tab via the "Real name or description" field.

CVE ID : CVE-2023-47098
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/pavanughade43/Virtualmin-7.7/blob/main/CVE-2023-47098 | source : cve@mitre.org


Vulnerability ID : CVE-2023-47099

First published on : 01-11-2023 00:15:09
Last modified on : 01-11-2023 12:51:21

Description :
An issue was discovered in Virtualmin 7.7. The Create Virtual Server functionality allows XSS attacks against anyone who accesses the Virtual Server Summary tab.

CVE ID : CVE-2023-47099
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/pavanughade43/Virtualmin-7.7/blob/main/CVE-2023-47099 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46930

First published on : 01-11-2023 14:15:38
Last modified on : 01-11-2023 16:16:34

Description :
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14.

CVE ID : CVE-2023-46930
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gpac/gpac/commit/3809955065afa3da1ad580012ec43deadbb0f2c8 | source : cve@mitre.org
https://github.com/gpac/gpac/issues/2666 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46931

First published on : 01-11-2023 14:15:38
Last modified on : 01-11-2023 16:16:34

Description :
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in ffdmx_parse_side_data /afltest/gpac/src/filters/ff_dmx.c:202:14 in gpac/MP4Box.

CVE ID : CVE-2023-46931
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gpac/gpac/commit/671976fccc971b3dff8d3dcf6ebd600472ca64bf. | source : cve@mitre.org
https://github.com/gpac/gpac/issues/2664 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46927

First published on : 01-11-2023 15:15:08
Last modified on : 01-11-2023 16:16:34

Description :
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a heap-buffer-overflow in gf_isom_use_compact_size gpac/src/isomedia/isom_write.c:3403:3 in gpac/MP4Box.

CVE ID : CVE-2023-46927
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gpac/gpac/commit/a7b467b151d9b54badbc4dd71e7a366b7c391817 | source : cve@mitre.org
https://github.com/gpac/gpac/issues/2657 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46928

First published on : 01-11-2023 15:15:08
Last modified on : 01-11-2023 16:16:34

Description :
GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_media_change_pl /afltest/gpac/src/media_tools/isom_tools.c:3293:42.

CVE ID : CVE-2023-46928
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gpac/gpac/commit/0753bf6d867343a80a044bf47a27d0b7accc8bf1 | source : cve@mitre.org
https://github.com/gpac/gpac/issues/2661 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46911

First published on : 01-11-2023 17:15:11
Last modified on : 01-11-2023 17:16:31

Description :
There is a Cross Site Scripting (XSS) vulnerability in the choose_style_tree.do interface of Jspxcms v10.2.0 backend.

CVE ID : CVE-2023-46911
Source : cve@mitre.org
CVSS Score : /

References :
https://gitee.com/jspxcms/Jspxcms/issues/I8AK2H | source : cve@mitre.org


Source : unisoc.com

Vulnerability ID : CVE-2022-48454

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:15

Description :
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48454
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48455

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:15

Description :
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48455
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48456

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:08

Description :
In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2022-48456
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48457

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:08

Description :
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48457
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48458

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:08

Description :
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48458
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48459

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:08

Description :
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48459
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48460

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:08

Description :
In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2022-48460
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2022-48461

First published on : 01-11-2023 10:15:08
Last modified on : 01-11-2023 12:51:08

Description :
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2022-48461
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42631

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42631
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42632

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42632
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42633

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42633
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42634

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42634
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42635

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42635
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42636

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:08

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42636
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42637

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:03

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42637
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42638

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:03

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42638
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42639

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:03

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42639
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42640

First published on : 01-11-2023 10:15:09
Last modified on : 01-11-2023 12:51:03

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42640
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42641

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42641
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42642

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42642
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42643

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In validationtools, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42643
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42644

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42644
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42645

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42645
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42646

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In Ifaa service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42646
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42647

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In Ifaa service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42647
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42648

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42648
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42649

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42649
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42650

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42650
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42651

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42651
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42652

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In engineermode, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42652
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42653

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In faceid service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges

CVE ID : CVE-2023-42653
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42654

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In dm service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-42654
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42655

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In sim service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed

CVE ID : CVE-2023-42655
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Vulnerability ID : CVE-2023-42750

First published on : 01-11-2023 10:15:10
Last modified on : 01-11-2023 12:51:03

Description :
In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-42750
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1719615756246777857 | source : security@unisoc.com


Source : devolutions.net

Vulnerability ID : CVE-2023-5358

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:40

Description :
Improper access control in Report log filters feature in Devolutions Server 2023.2.10.0 and earlier allows attackers to retrieve logs from vaults or entries they are not allowed to access via the report request url query parameters.

CVE ID : CVE-2023-5358
Source : security@devolutions.net
CVSS Score : /

References :
https://devolutions.net/security/advisories/DEVO-2023-0019/ | source : security@devolutions.net


Vulnerability ID : CVE-2023-5765

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Improper access control in the password analyzer feature in Devolutions Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to bypass permissions via data source switching.

CVE ID : CVE-2023-5765
Source : security@devolutions.net
CVSS Score : /

References :
https://devolutions.net/security/advisories/DEVO-2023-0019/ | source : security@devolutions.net


Vulnerability ID : CVE-2023-5766

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
A remote code execution vulnerability in Remote Desktop Manager 2023.2.33 and earlier on Windows allows an attacker to remotely execute code from another windows user session on the same host via a specially crafted TCP packet.

CVE ID : CVE-2023-5766
Source : security@devolutions.net
CVSS Score : /

References :
https://devolutions.net/security/advisories/DEVO-2023-0019/ | source : security@devolutions.net


Source : google.com

Vulnerability ID : CVE-2023-5480

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:40

Description :
Inappropriate implementation in Payments in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to bypass XSS preventions via a malicious file. (Chromium security severity: High)

CVE ID : CVE-2023-5480
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1492698 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5482

First published on : 01-11-2023 18:15:09
Last modified on : 01-11-2023 18:17:40

Description :
Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-5482
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1492381 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5849

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Integer overflow in USB in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2023-5849
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1492384 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5850

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted domain name. (Chromium security severity: Medium)

CVE ID : CVE-2023-5850
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1281972 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5851

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-5851
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1473957 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5852

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Use after free in Printing in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

CVE ID : CVE-2023-5852
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1480852 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5853

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Incorrect security UI in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-5853
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1456876 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5854

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Use after free in Profiles in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

CVE ID : CVE-2023-5854
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1488267 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5855

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Use after free in Reading Mode in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via specific UI gestures. (Chromium security severity: Medium)

CVE ID : CVE-2023-5855
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1492396 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5856

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Use after free in Side Panel in Google Chrome prior to 119.0.6045.105 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)

CVE ID : CVE-2023-5856
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1493380 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5857

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Inappropriate implementation in Downloads in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to potentially execute arbitrary code via a malicious file. (Chromium security severity: Medium)

CVE ID : CVE-2023-5857
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1493435 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5858

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low)

CVE ID : CVE-2023-5858
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1457704 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2023-5859

First published on : 01-11-2023 18:15:10
Last modified on : 01-11-2023 18:17:40

Description :
Incorrect security UI in Picture In Picture in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to perform domain spoofing via a crafted local HTML page. (Chromium security severity: Low)

CVE ID : CVE-2023-5859
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_31.html | source : chrome-cve-admin@google.com
https://crbug.com/1482045 | source : chrome-cve-admin@google.com


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.