Latest vulnerabilities [Thursday, January 18, 2024]

Latest vulnerabilities [Thursday, January 18, 2024]
{{titre}}

Last update performed on 01/18/2024 at 11:57:06 PM

(5) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : usom.gov.tr

Vulnerability ID : CVE-2023-5806

First published on : 18-01-2024 13:15:08
Last modified on : 18-01-2024 13:41:52

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mergen Software Quality Management System allows SQL Injection.This issue affects Quality Management System: before v1.2.

CVE ID : CVE-2023-5806
Source : iletisim@usom.gov.tr
CVSS Score : 9.8

References :
https://www.usom.gov.tr/bildirim/tr-24-0040 | source : iletisim@usom.gov.tr

Vulnerability : CWE-89


Source : github.com

Vulnerability ID : CVE-2024-22416

First published on : 18-01-2024 00:15:38
Last modified on : 18-01-2024 13:42:01

Description :
pyLoad is a free and open-source Download Manager written in pure Python. The `pyload` API allows any API call to be made using GET requests. Since the session cookie is not set to `SameSite: strict`, this opens the library up to severe attack possibilities via a Cross-Site Request Forgery (CSRF) attack. As a result any API call can be made via a CSRF attack by an unauthenticated user. This issue has been addressed in release `0.5.0b3.dev78`. All users are advised to upgrade.

CVE ID : CVE-2024-22416
Source : security-advisories@github.com
CVSS Score : 9.6

References :
https://github.com/pyload/pyload/commit/1374c824271cb7e927740664d06d2e577624ca3e | source : security-advisories@github.com
https://github.com/pyload/pyload/commit/c7cdc18ad9134a75222974b39e8b427c4af845fc | source : security-advisories@github.com
https://github.com/pyload/pyload/security/advisories/GHSA-pgpj-v85q-h5fm | source : security-advisories@github.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-22212

First published on : 18-01-2024 19:15:10
Last modified on : 18-01-2024 19:25:46

Description :
Nextcloud Global Site Selector is a tool which allows you to run multiple small Nextcloud instances and redirect users to the right server. A problem in the password verification method allows an attacker to authenticate as another user. It is recommended that the Nextcloud Global Site Selector is upgraded to version 1.4.1, 2.1.2, 2.3.4 or 2.4.5. There are no known workarounds for this issue.

CVE ID : CVE-2024-22212
Source : security-advisories@github.com
CVSS Score : 9.6

References :
https://github.com/nextcloud/globalsiteselector/commit/ab5da57190d5bbc79079ce4109b6bcccccd893ee | source : security-advisories@github.com
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vj5q-f63m-wp77 | source : security-advisories@github.com
https://hackerone.com/reports/2248689 | source : security-advisories@github.com

Vulnerability : CWE-306


Source : us.ibm.com

Vulnerability ID : CVE-2024-22317

First published on : 18-01-2024 14:15:07
Last modified on : 18-01-2024 15:50:54

Description :
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143.

CVE ID : CVE-2024-22317
Source : psirt@us.ibm.com
CVSS Score : 9.1

References :
https://exchange.xforce.ibmcloud.com/vulnerabilities/279143 | source : psirt@us.ibm.com
https://www.ibm.com/support/pages/node/7108661 | source : psirt@us.ibm.com

Vulnerability : CWE-307


Source : progress.com

Vulnerability ID : CVE-2023-40051

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0. An attacker can formulate a request for a WEB transport that allows unintended file uploads to a server directory path on the system running PASOE. If the upload contains a payload that can further exploit the server or its network, the launch of a larger scale attack may be possible.

CVE ID : CVE-2023-40051
Source : security@progress.com
CVSS Score : 9.1

References :
https://community.progress.com/s/article/Important-Progress-OpenEdge-Critical-Alert-for-Progress-Application-Server-in-OpenEdge-PASOE-Arbitrary-File-Upload-Vulnerability-in-WEB-Transport | source : security@progress.com
https://www.progress.com/openedge | source : security@progress.com

Vulnerability : CWE-434


(17) HIGH VULNERABILITIES [7.0, 8.9]

Source : exodusintel.com

Vulnerability ID : CVE-2023-43818

First published on : 18-01-2024 22:15:09
Last modified on : 18-01-2024 22:15:09

Description :
A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.

CVE ID : CVE-2023-43818
Source : disclosures@exodusintel.com
CVSS Score : 8.8

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wtextlen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-43819

First published on : 18-01-2024 22:15:09
Last modified on : 18-01-2024 22:15:09

Description :
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the InitialMacroLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.

CVE ID : CVE-2023-43819
Source : disclosures@exodusintel.com
CVSS Score : 8.8

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-initialmacrolen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-43820

First published on : 18-01-2024 22:15:09
Last modified on : 18-01-2024 22:15:09

Description :
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesPrevValueLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.

CVE ID : CVE-2023-43820
Source : disclosures@exodusintel.com
CVSS Score : 8.8

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wlogtitlesprevvaluelen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-43821

First published on : 18-01-2024 22:15:10
Last modified on : 18-01-2024 22:15:10

Description :
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesActionLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.

CVE ID : CVE-2023-43821
Source : disclosures@exodusintel.com
CVSS Score : 8.8

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wlogtitlesactionlen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-43822

First published on : 18-01-2024 22:15:10
Last modified on : 18-01-2024 22:15:10

Description :
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wLogTitlesTimeLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.

CVE ID : CVE-2023-43822
Source : disclosures@exodusintel.com
CVSS Score : 8.8

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wlogtitlestimelen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-43823

First published on : 18-01-2024 22:15:10
Last modified on : 18-01-2024 22:15:10

Description :
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.

CVE ID : CVE-2023-43823
Source : disclosures@exodusintel.com
CVSS Score : 8.8

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wttitlelen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-43824

First published on : 18-01-2024 22:15:10
Last modified on : 18-01-2024 22:15:10

Description :
A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTitleTextLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution.

CVE ID : CVE-2023-43824
Source : disclosures@exodusintel.com
CVSS Score : 8.8

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wtitletextlen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-5130

First published on : 18-01-2024 22:15:10
Last modified on : 18-01-2024 22:15:10

Description :
A buffer overflow vulnerability exists in Delta Electronics WPLSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution.

CVE ID : CVE-2023-5130
Source : disclosures@exodusintel.com
CVSS Score : 8.2

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-wplsoft-buffer-overflow/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-5131

First published on : 18-01-2024 22:15:11
Last modified on : 18-01-2024 22:15:11

Description :
A heap buffer-overflow exists in Delta Electronics ISPSoft. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DVP file to achieve code execution.

CVE ID : CVE-2023-5131
Source : disclosures@exodusintel.com
CVSS Score : 8.2

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-ispsoft-heap-buffer-overflow/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-43817

First published on : 18-01-2024 22:15:09
Last modified on : 18-01-2024 22:15:09

Description :
A buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wMailContentLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution.

CVE ID : CVE-2023-43817
Source : disclosures@exodusintel.com
CVSS Score : 7.5

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wmailcontentlen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-43815

First published on : 18-01-2024 22:15:08
Last modified on : 18-01-2024 22:15:08

Description :
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution.

CVE ID : CVE-2023-43815
Source : disclosures@exodusintel.com
CVSS Score : 7.1

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wscreendesctextlen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Source : redhat.com

Vulnerability ID : CVE-2023-6816

First published on : 18-01-2024 05:15:08
Last modified on : 18-01-2024 13:41:52

Description :
A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

CVE ID : CVE-2023-6816
Source : secalert@redhat.com
CVSS Score : 7.8

References :
http://www.openwall.com/lists/oss-security/2024/01/18/1 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-6816 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2257691 | source : secalert@redhat.com

Vulnerability : CWE-119


Vulnerability ID : CVE-2024-0607

First published on : 18-01-2024 16:15:08
Last modified on : 18-01-2024 19:25:46

Description :
A flaw was found in the Netfilter subsystem in the Linux kernel. The issue is in the nft_byteorder_eval() function, where the code iterates through a loop and writes to the `dst` array. On each iteration, 8 bytes are written, but `dst` is an array of u32, so each element only has space for 4 bytes. That means every iteration overwrites part of the previous element, possibly leading to an out-of-bounds write. This flaw allows a local user to cause a denial of service or potentially escalate their privileges on the system.

CVE ID : CVE-2024-0607
Source : secalert@redhat.com
CVSS Score : 7.8

References :
https://access.redhat.com/security/cve/CVE-2024-0607 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2258635 | source : secalert@redhat.com

Vulnerability : CWE-787


Source : progress.com

Vulnerability ID : CVE-2023-40052

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
This issue affects Progress Application Server (PAS) for OpenEdge in versions 11.7 prior to 11.7.18, 12.2 prior to 12.2.13, and innovation releases prior to 12.8.0 . An attacker who can produce a malformed web request may cause the crash of a PASOE agent potentially disrupting the thread activities of many web application clients. Multiple of these DoS attacks could lead to the flooding of invalid requests as compared to the server’s remaining ability to process valid requests.

CVE ID : CVE-2023-40052
Source : security@progress.com
CVSS Score : 7.5

References :
https://community.progress.com/s/article/Important-Progress-OpenEdge-Product-Alert-for-Progress-Application-Server-for-OpenEdge-PASOE-Denial-of-Service-Vulnerability-in-WEB-Transport | source : security@progress.com
https://www.progress.com/openedge | source : security@progress.com

Vulnerability : CWE-119


Source : hq.dhs.gov

Vulnerability ID : CVE-2023-34348

First published on : 18-01-2024 18:15:08
Last modified on : 18-01-2024 19:25:46

Description :
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to remotely crash the PI Message Subsystem of a PI Server, resulting in a denial-of-service condition.

CVE ID : CVE-2023-34348
Source : ics-cert@hq.dhs.gov
CVSS Score : 7.5

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01 | source : ics-cert@hq.dhs.gov

Vulnerability : CWE-703


Source : github.com

Vulnerability ID : CVE-2024-22419

First published on : 18-01-2024 19:15:10
Last modified on : 18-01-2024 19:25:46

Description :
Vyper is a Pythonic Smart Contract Language for the Ethereum Virtual Machine. The `concat` built-in can write over the bounds of the memory buffer that was allocated for it and thus overwrite existing valid data. The root cause is that the `build_IR` for `concat` doesn't properly adhere to the API of copy functions (for `>=0.3.2` the `copy_bytes` function). A contract search was performed and no vulnerable contracts were found in production. The buffer overflow can result in the change of semantics of the contract. The overflow is length-dependent and thus it might go unnoticed during contract testing. However, certainly not all usages of concat will result in overwritten valid data as we require it to be in an internal function and close to the return statement where other memory allocations don't occur. This issue has been addressed in commit `55e18f6d1` which will be included in future releases. Users are advised to update when possible.

CVE ID : CVE-2024-22419
Source : security-advisories@github.com
CVSS Score : 7.3

References :
https://github.com/vyperlang/vyper/commit/55e18f6d128b2da8986adbbcccf1cd59a4b9ad6f | source : security-advisories@github.com
https://github.com/vyperlang/vyper/issues/3737 | source : security-advisories@github.com
https://github.com/vyperlang/vyper/security/advisories/GHSA-2q8v-3gqq-4f8p | source : security-advisories@github.com

Vulnerability : CWE-120


Vulnerability ID : CVE-2024-22415

First published on : 18-01-2024 21:15:09
Last modified on : 18-01-2024 21:15:09

Description :
jupyter-lsp is a coding assistance tool for JupyterLab (code navigation + hover suggestions + linters + autocompletion + rename) using Language Server Protocol. Installations of jupyter-lsp running in environments without configured file system access control (on the operating system level), and with jupyter-server instances exposed to non-trusted network are vulnerable to unauthorised access and modification of file system beyond the jupyter root directory. This issue has been patched in version 2.2.2 and all users are advised to upgrade. Users unable to upgrade should uninstall jupyter-lsp.

CVE ID : CVE-2024-22415
Source : security-advisories@github.com
CVSS Score : 7.3

References :
https://github.com/jupyter-lsp/jupyterlab-lsp/commit/4ad12f204ad0b85580fc32137c647baaff044e95 | source : security-advisories@github.com
https://github.com/jupyter-lsp/jupyterlab-lsp/security/advisories/GHSA-4qhp-652w-c22x | source : security-advisories@github.com

Vulnerability : CWE-23
Vulnerability : CWE-284
Vulnerability : CWE-306


(25) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : incibe.es

Vulnerability ID : CVE-2024-0580

First published on : 18-01-2024 09:15:07
Last modified on : 18-01-2024 13:41:52

Description :
Omission of user-controlled key authorization in the IDMSistemas platform, affecting the QSige product. This vulnerability allows an attacker to extract sensitive information from the API by making a request to the parameter '/qsige.locator/quotePrevious/centers/X', where X supports values 1,2,3, etc.

CVE ID : CVE-2024-0580
Source : cve-coordination@incibe.es
CVSS Score : 6.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/omission-key-controlled-authorization-qsige | source : cve-coordination@incibe.es

Vulnerability : CWE-639


Vulnerability ID : CVE-2024-0669

First published on : 18-01-2024 13:15:09
Last modified on : 18-01-2024 13:41:52

Description :
A Cross-Frame Scripting vulnerability has been found on Plone CMS affecting verssion below 6.0.5. An attacker could store a malicious URL to be opened by an administrator and execute a malicios iframe element.

CVE ID : CVE-2024-0669
Source : cve-coordination@incibe.es
CVSS Score : 6.3

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/cross-frame-scripting-xfs-plone-cms | source : cve-coordination@incibe.es

Vulnerability : CWE-1021


Source : github.com

Vulnerability ID : CVE-2024-22418

First published on : 18-01-2024 21:15:09
Last modified on : 18-01-2024 21:15:09

Description :
Group-Office is an enterprise CRM and groupware tool. Affected versions are subject to a vulnerability which is present in the file upload mechanism of Group Office. It allows an attacker to execute arbitrary JavaScript code by embedding it within a file's name. For instance, using a filename such as “><img src=x onerror=prompt('XSS')>.jpg” triggers the vulnerability. When this file is uploaded, the JavaScript code within the filename is executed. This issue has been addressed in version 6.8.29. All users are advised to upgrade. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-22418
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/Intermesh/groupoffice/commit/2a52a5d42d080db6738d70eba30294bcd94ebd09 | source : security-advisories@github.com
https://github.com/Intermesh/groupoffice/security/advisories/GHSA-p7w9-h6c3-wqpp | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22402

First published on : 18-01-2024 21:15:08
Last modified on : 18-01-2024 21:15:08

Description :
Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users were able to load the first page of apps they were actually not allowed to access. However subsequent API calls all failed correctly, so in most apps no additional information was leaked. Depending on the selection of apps installed this may present a permissions bypass. It is recommended that the Guests app is upgraded to 2.4.1, 2.5.1 or 3.0.1. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-22402
Source : security-advisories@github.com
CVSS Score : 5.4

References :
https://github.com/nextcloud/guests/pull/1082 | source : security-advisories@github.com
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v3qw-7vgv-2fxj | source : security-advisories@github.com
https://hackerone.com/reports/2251074 | source : security-advisories@github.com

Vulnerability : CWE-281


Vulnerability ID : CVE-2024-22401

First published on : 18-01-2024 21:15:08
Last modified on : 18-01-2024 21:15:08

Description :
Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users could change the allowed list of apps, allowing them to use apps that were not intended to be used. It is recommended that the Guests app is upgraded to 2.4.1, 2.5.1 or 3.0.1. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-22401
Source : security-advisories@github.com
CVSS Score : 4.1

References :
https://github.com/nextcloud/guests/pull/1082 | source : security-advisories@github.com
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wr87-hx3w-29hh | source : security-advisories@github.com
https://hackerone.com/reports/2250398 | source : security-advisories@github.com

Vulnerability : CWE-281


Vulnerability ID : CVE-2024-22404

First published on : 18-01-2024 21:15:08
Last modified on : 18-01-2024 21:15:08

Description :
Nextcloud files Zip app is a tool to create zip archives from one or multiple files from within Nextcloud. In affected versions users can download "view-only" files by zipping the complete folder. It is recommended that the Files ZIP app is upgraded to 1.2.1, 1.4.1, or 1.5.0. Users unable to upgrade should disable the file zip app.

CVE ID : CVE-2024-22404
Source : security-advisories@github.com
CVSS Score : 4.1

References :
https://github.com/nextcloud/files_zip/commit/43204539d517a13e945b90652718e2a213f46820 | source : security-advisories@github.com
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-vhj3-mch4-67fq | source : security-advisories@github.com
https://hackerone.com/reports/2247457 | source : security-advisories@github.com

Vulnerability : CWE-281


Source : wordfence.com

Vulnerability ID : CVE-2023-6958

First published on : 18-01-2024 08:15:39
Last modified on : 18-01-2024 13:41:52

Description :
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-6958
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/general/class-wprm-sc-text.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/ec201702-8c8c-4049-b647-422d18001b7f?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-0381

First published on : 18-01-2024 08:15:40
Last modified on : 18-01-2024 13:41:52

Description :
The WP Recipe Maker plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the use of the 'tag' attribute in the wprm-recipe-name, wprm-recipe-date, and wprm-recipe-counter shortcodes in all versions up to, and including, 9.1.0. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2024-0381
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/recipe/class-wprm-sc-counter.php | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/recipe/class-wprm-sc-date.php | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/includes/public/shortcodes/recipe/class-wprm-sc-name.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/a7c949f0-fcd1-4984-95a2-b19fb72f04bb?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-6970

First published on : 18-01-2024 08:15:39
Last modified on : 18-01-2024 13:41:52

Description :
The WP Recipe Maker plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘Referer' header in all versions up to, and including, 9.1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

CVE ID : CVE-2023-6970
Source : security@wordfence.com
CVSS Score : 6.1

References :
https://plugins.trac.wordpress.org/changeset/3019769/wp-recipe-maker/trunk/templates/public/print.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/20842e95-4b91-4138-9e32-7c090724bf64?source=cve | source : security@wordfence.com


Source : vuldb.com

Vulnerability ID : CVE-2024-0651

First published on : 18-01-2024 01:15:43
Last modified on : 18-01-2024 13:42:01

Description :
A vulnerability was found in PHPGurukul Company Visitor Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file search-visitor.php. The manipulation leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-251377 was assigned to this vulnerability.

CVE ID : CVE-2024-0651
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://drive.google.com/file/d/1J3YaxX9RYZ_41-AYdwrCAPMT-YTqILKr/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.251377 | source : cna@vuldb.com
https://vuldb.com/?id.251377 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0655

First published on : 18-01-2024 03:15:59
Last modified on : 18-01-2024 13:41:52

Description :
A vulnerability has been found in Novel-Plus 4.3.0-RC1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /novel/bookSetting/list. The manipulation of the argument sort leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-251383.

CVE ID : CVE-2024-0655
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://github.com/red0-ZhaoSi/CVE/blob/main/novel-plus/sql/sql_1.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.251383 | source : cna@vuldb.com
https://vuldb.com/?id.251383 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2021-4433

First published on : 18-01-2024 01:15:43
Last modified on : 18-01-2024 13:42:01

Description :
A vulnerability was found in Karjasoft Sami HTTP Server 2.0. It has been classified as problematic. Affected is an unknown function of the component HTTP HEAD Rrequest Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250836.

CVE ID : CVE-2021-4433
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://packetstormsecurity.com/files/163138/Sami-HTTP-Server-2.0-Denial-Of-Service.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.250836 | source : cna@vuldb.com
https://vuldb.com/?id.250836 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0654

First published on : 18-01-2024 01:15:44
Last modified on : 18-01-2024 13:42:01

Description :
A vulnerability, which was classified as problematic, was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22. Affected is an unknown function of the file mainscripts/Util.py. The manipulation leads to deserialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-251382 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0654
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://github.com/bayuncao/vul-cve-4 | source : cna@vuldb.com
https://github.com/bayuncao/vul-cve-4/blob/main/picture/1071705290840_.pic_hd.jpg | source : cna@vuldb.com
https://vuldb.com/?ctiid.251382 | source : cna@vuldb.com
https://vuldb.com/?id.251382 | source : cna@vuldb.com

Vulnerability : CWE-502


Vulnerability ID : CVE-2024-0650

First published on : 18-01-2024 00:15:38
Last modified on : 18-01-2024 13:42:01

Description :
A vulnerability was found in Project Worlds Visitor Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file dataset.php of the component URL Handler. The manipulation of the argument name with the input "><script>alert('torada')</script> leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-251376.

CVE ID : CVE-2024-0650
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://torada.notion.site/XSS-at-datatest-php-660aabd1437d4df7a492d19a461a1f3c?pvs=4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.251376 | source : cna@vuldb.com
https://vuldb.com/?id.251376 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : exodusintel.com

Vulnerability ID : CVE-2023-43816

First published on : 18-01-2024 22:15:08
Last modified on : 18-01-2024 22:15:08

Description :
A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wKPFStringLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution.

CVE ID : CVE-2023-43816
Source : disclosures@exodusintel.com
CVSS Score : 6.3

References :
https://blog.exodusintel.com/2024/01/18/delta-electronics-delta-industrial-automation-dopsoft-dps-file-wkpfstringlen-buffer-overflow-remote-code-execution/ | source : disclosures@exodusintel.com

Vulnerability : CWE-119


Source : usom.gov.tr

Vulnerability ID : CVE-2023-7153

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Macroturk Software and Internet Technologies Macro-Bel allows Reflected XSS.This issue affects Macro-Bel: before V.1.0.1.

CVE ID : CVE-2023-7153
Source : iletisim@usom.gov.tr
CVSS Score : 6.1

References :
https://www.usom.gov.tr/bildirim/tr-24-0041 | source : iletisim@usom.gov.tr

Vulnerability : CWE-79


Source : openeuler.org

Vulnerability ID : CVE-2021-33630

First published on : 18-01-2024 15:15:08
Last modified on : 18-01-2024 15:50:54

Description :
NULL Pointer Dereference vulnerability in openEuler kernel on Linux (network modules) allows Pointer Manipulation. This vulnerability is associated with program files net/sched/sch_cbs.C. This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3.

CVE ID : CVE-2021-33630
Source : securities@openeuler.org
CVSS Score : 5.5

References :
https://gitee.com/src-openeuler/kernel/pulls/1389 | source : securities@openeuler.org
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030 | source : securities@openeuler.org
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031 | source : securities@openeuler.org

Vulnerability : CWE-476


Vulnerability ID : CVE-2021-33631

First published on : 18-01-2024 15:15:08
Last modified on : 18-01-2024 15:50:54

Description :
Integer Overflow or Wraparound vulnerability in openEuler kernel on Linux (filesystem modules) allows Forced Integer Overflow.This issue affects openEuler kernel: from 4.19.90 before 4.19.90-2401.3, from 5.10.0-60.18.0 before 5.10.0-183.0.0.

CVE ID : CVE-2021-33631
Source : securities@openeuler.org
CVSS Score : 5.5

References :
https://gitee.com/src-openeuler/kernel/pulls/1389 | source : securities@openeuler.org
https://gitee.com/src-openeuler/kernel/pulls/1396 | source : securities@openeuler.org
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1030 | source : securities@openeuler.org
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1031 | source : securities@openeuler.org
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1032 | source : securities@openeuler.org
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1033 | source : securities@openeuler.org
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1034 | source : securities@openeuler.org
https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2024-1035 | source : securities@openeuler.org

Vulnerability : CWE-190


Source : redhat.com

Vulnerability ID : CVE-2024-0408

First published on : 18-01-2024 16:15:08
Last modified on : 18-01-2024 19:25:46

Description :
A flaw was found in the X.Org server. The GLX PBuffer code does not call the XACE hook when creating the buffer, leaving it unlabeled. When the client issues another request to access that resource (as with a GetGeometry) or when it creates another resource that needs to access that buffer, such as a GC, the XSELINUX code will try to use an object that was never labeled and crash because the SID is NULL.

CVE ID : CVE-2024-0408
Source : secalert@redhat.com
CVSS Score : 5.5

References :
https://access.redhat.com/security/cve/CVE-2024-0408 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2257689 | source : secalert@redhat.com

Vulnerability : CWE-158


Source : adobe.com

Vulnerability ID : CVE-2023-51463

First published on : 18-01-2024 11:15:08
Last modified on : 18-01-2024 13:41:52

Description :
Adobe Experience Manager versions 6.5.18 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.

CVE ID : CVE-2023-51463
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html | source : psirt@adobe.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-51464

First published on : 18-01-2024 11:15:08
Last modified on : 18-01-2024 13:41:52

Description :
Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.

CVE ID : CVE-2023-51464
Source : psirt@adobe.com
CVSS Score : 5.4

References :
https://helpx.adobe.com/security/products/experience-manager/apsb23-72.html | source : psirt@adobe.com

Vulnerability : CWE-79


Source : asrg.io

Vulnerability ID : CVE-2023-28900

First published on : 18-01-2024 17:15:13
Last modified on : 18-01-2024 19:25:46

Description :
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing to obtain nicknames and other user identifiers of Skoda Connect service users by specifying an arbitrary vehicle VIN number.

CVE ID : CVE-2023-28900
Source : cve@asrg.io
CVSS Score : 5.3

References :
https://asrg.io/security-advisories/cve-2023-28900 | source : cve@asrg.io

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-28901

First published on : 18-01-2024 17:15:14
Last modified on : 18-01-2024 19:25:46

Description :
The Skoda Automotive cloud contains a Broken Access Control vulnerability, allowing remote attackers to obtain recent trip data, vehicle mileage, fuel consumption, average and maximum speed, and other information of Skoda Connect service users by specifying an arbitrary vehicle VIN number.

CVE ID : CVE-2023-28901
Source : cve@asrg.io
CVSS Score : 5.3

References :
https://asrg.io/security-advisories/cve-2023-28901/ | source : cve@asrg.io

Vulnerability : CWE-200


Source : hq.dhs.gov

Vulnerability ID : CVE-2023-31274

First published on : 18-01-2024 18:15:08
Last modified on : 18-01-2024 19:25:46

Description :
AVEVA PI Server versions 2023 and 2018 SP3 P05 and prior contain a vulnerability that could allow an unauthenticated user to cause the PI Message Subsystem of a PI Server to consume available memory resulting in throttled processing of new PI Data Archive events and a partial denial-of-service condition.

CVE ID : CVE-2023-31274
Source : ics-cert@hq.dhs.gov
CVSS Score : 5.3

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-24-018-01 | source : ics-cert@hq.dhs.gov

Vulnerability : CWE-772


Source : citrix.com

Vulnerability ID : CVE-2023-6184

First published on : 18-01-2024 01:15:43
Last modified on : 18-01-2024 13:42:01

Description :
Cross SiteScripting vulnerability in Citrix Session Recording allows attacker to perform Cross Site Scripting

CVE ID : CVE-2023-6184
Source : secure@citrix.com
CVSS Score : 5.0

References :
https://support.citrix.com/article/CTX583930/citrix-session-recording-security-bulletin-for-cve20236184 | source : secure@citrix.com

Vulnerability : CWE-913


(4) LOW VULNERABILITIES [0.1, 3.9]

Source : vuldb.com

Vulnerability ID : CVE-2024-0652

First published on : 18-01-2024 01:15:44
Last modified on : 18-01-2024 13:42:01

Description :
A vulnerability was found in PHPGurukul Company Visitor Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file search-visitor.php. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-251378 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0652
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://drive.google.com/file/d/1YHm4WtiYjbxNAd3FKo85qcdHfn1VJYEl/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.251378 | source : cna@vuldb.com
https://vuldb.com/?id.251378 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : github.com

Vulnerability ID : CVE-2024-22400

First published on : 18-01-2024 20:15:08
Last modified on : 18-01-2024 20:15:08

Description :
Nextcloud User Saml is an app for authenticating Nextcloud users using SAML. In affected versions users can be given a link to the Nextcloud server and end up on a uncontrolled thirdparty server. It is recommended that the User Saml app is upgraded to version 5.1.5, 5.2.5, or 6.0.1. There are no known workarounds for this issue.

CVE ID : CVE-2024-22400
Source : security-advisories@github.com
CVSS Score : 3.1

References :
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-622q-xhfr-xmv7 | source : security-advisories@github.com
https://github.com/nextcloud/user_saml/commit/b184304a476deeba36e92b70562d5de7c2f85f8a | source : security-advisories@github.com
https://github.com/nextcloud/user_saml/pull/788 | source : security-advisories@github.com
https://hackerone.com/reports/2263044 | source : security-advisories@github.com

Vulnerability : CWE-601


Vulnerability ID : CVE-2024-22403

First published on : 18-01-2024 20:15:08
Last modified on : 18-01-2024 20:15:08

Description :
Nextcloud server is a self hosted personal cloud system. In affected versions OAuth codes did not expire. When an attacker would get access to an authorization code they could authenticate at any time using the code. As of version 28.0.0 OAuth codes are invalidated after 10 minutes and will no longer be authenticated. To exploit this vulnerability an attacker would need to intercept an OAuth code from a user session. It is recommended that the Nextcloud Server is upgraded to 28.0.0. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-22403
Source : security-advisories@github.com
CVSS Score : 3.0

References :
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-wppc-f5g8-vx36 | source : security-advisories@github.com
https://github.com/nextcloud/server/pull/40766 | source : security-advisories@github.com
https://hackerone.com/reports/1784162 | source : security-advisories@github.com

Vulnerability : CWE-613


(42) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : github.com

Vulnerability ID : CVE-2024-22213

First published on : 18-01-2024 20:15:08
Last modified on : 18-01-2024 20:15:08

Description :
Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. In affected versions users could be tricked into executing malicious code that would execute in their browser via HTML sent as a comment. It is recommended that the Nextcloud Deck is upgraded to version 1.9.5 or 1.11.2. There are no known workarounds for this vulnerability.

CVE ID : CVE-2024-22213
Source : security-advisories@github.com
CVSS Score : 0.0

References :
https://github.com/nextcloud/deck/commit/91f1557362047f8840f53151f176b80148650bcd | source : security-advisories@github.com
https://github.com/nextcloud/security-advisories/security/advisories/GHSA-mg7w-x9fm-9wwc | source : security-advisories@github.com
https://hackerone.com/reports/2058556 | source : security-advisories@github.com

Vulnerability : CWE-79


Source : sonicwall.com

Vulnerability ID : CVE-2023-6340

First published on : 18-01-2024 00:15:38
Last modified on : 18-01-2024 13:42:01

Description :
SonicWall Capture Client version 3.7.10, NetExtender client version 10.2.337 and earlier versions are installed with sfpmonitor.sys driver. The driver has been found to be vulnerable to Denial-of-Service (DoS) caused by Stack-based Buffer Overflow vulnerability.

CVE ID : CVE-2023-6340
Source : PSIRT@sonicwall.com
CVSS Score : /

References :
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0019 | source : PSIRT@sonicwall.com

Vulnerability : CWE-121


Source : mitre.org

Vulnerability ID : CVE-2024-23525

First published on : 18-01-2024 00:15:38
Last modified on : 18-01-2024 13:42:01

Description :
The Spreadsheet::ParseXLSX package before 0.30 for Perl allows XXE attacks because it neglects to use the no_xxe option of XML::Twig.

CVE ID : CVE-2024-23525
Source : cve@mitre.org
CVSS Score : /

References :
http://www.openwall.com/lists/oss-security/2024/01/18/4 | source : cve@mitre.org
https://gist.github.com/phvietan/d1c95a88ab6e17047b0248d6bf9eac4a | source : cve@mitre.org
https://github.com/MichaelDaum/spreadsheet-parsexlsx/issues/10 | source : cve@mitre.org
https://metacpan.org/release/NUDDLEGG/Spreadsheet-ParseXLSX-0.30/changes | source : cve@mitre.org


Vulnerability ID : CVE-2024-22548

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the system website settings website name section.

CVE ID : CVE-2024-22548
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/5List/cms/blob/main/1.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22549

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
FlyCms 1.0 is vulnerable to Cross Site Scripting (XSS) in the email settings of the website settings section.

CVE ID : CVE-2024-22549
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cccbbbttt/cms/blob/main/1.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22568

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/del.

CVE ID : CVE-2024-22568
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/kayo-zjq/myc/blob/main/1.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22591

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_save.

CVE ID : CVE-2024-22591
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ysuzhangbin/cms2/blob/main/1.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22592

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/user/group_update

CVE ID : CVE-2024-22592
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ysuzhangbin/cms2/blob/main/2.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22593

First published on : 18-01-2024 15:15:09
Last modified on : 18-01-2024 15:50:54

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/add_group_save

CVE ID : CVE-2024-22593
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ysuzhangbin/cms2/blob/main/3.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22699

First published on : 18-01-2024 16:15:09
Last modified on : 18-01-2024 19:25:46

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/admin/update_group_save.

CVE ID : CVE-2024-22699
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/biantaibao/cms/blob/main/1.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22601

First published on : 18-01-2024 17:15:14
Last modified on : 18-01-2024 19:25:46

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/score/scorerule_save

CVE ID : CVE-2024-22601
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ljw11e/cms/blob/main/5.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22603

First published on : 18-01-2024 17:15:14
Last modified on : 18-01-2024 19:25:46

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link

CVE ID : CVE-2024-22603
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/ljw11e/cms/blob/main/4.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22817

First published on : 18-01-2024 17:15:14
Last modified on : 18-01-2024 19:25:46

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_conf_updagte

CVE ID : CVE-2024-22817
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/mafangqian/cms/blob/main/1.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22818

First published on : 18-01-2024 17:15:14
Last modified on : 18-01-2024 19:25:46

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerbility via /system/site/filterKeyword_save

CVE ID : CVE-2024-22818
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/mafangqian/cms/blob/main/3.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22819

First published on : 18-01-2024 17:15:14
Last modified on : 18-01-2024 19:25:46

Description :
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/email/email_templets_update.

CVE ID : CVE-2024-22819
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/mafangqian/cms/blob/main/2.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-49943

First published on : 18-01-2024 19:15:09
Last modified on : 18-01-2024 19:25:46

Description :
Zoho ManageEngine ServiceDesk Plus MSP before 14504 allows stored XSS (by a low-privileged technician) via a task's name in a time sheet.

CVE ID : CVE-2023-49943
Source : cve@mitre.org
CVSS Score : /

References :
https://manageengine.com | source : cve@mitre.org
https://www.manageengine.com/products/service-desk-msp/CVE-2023-49943.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-47092

First published on : 18-01-2024 21:15:08
Last modified on : 18-01-2024 21:15:08

Description :
Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-47092
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2023-51217

First published on : 18-01-2024 21:15:08
Last modified on : 18-01-2024 21:15:08

Description :
An issue discovered in TenghuTOS TWS-200 firmware version:V4.0-201809201424 allows a remote attacker to execute arbitrary code via crafted command on the ping page component.

CVE ID : CVE-2023-51217
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/websafe2021/CVE/blob/main/TenghuTOS-TWS-200.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-51258

First published on : 18-01-2024 21:15:08
Last modified on : 18-01-2024 21:15:08

Description :
A memory leak issue discovered in YASM v.1.3.0 allows a local attacker to cause a denial of service via the new_Token function in the modules/preprocs/nasm/nasm-pp:1512.

CVE ID : CVE-2023-51258
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/hanxuer/crashes/blob/main/yasm/04/readme.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-50614

First published on : 18-01-2024 22:15:10
Last modified on : 18-01-2024 22:15:10

Description :
An issue discovereed in EBYTE E880-IR01-V1.1 allows an attacker to obtain sensitive information via crafted POST request to /cgi-bin/luci.

CVE ID : CVE-2023-50614
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cvdyfbwa/Password-plaintext-output/blob/main/README.md | source : cve@mitre.org


Source : unisoc.com

Vulnerability ID : CVE-2023-48339

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In jpg driver, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed

CVE ID : CVE-2023-48339
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48340

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48340
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48341

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48341
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48342

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-48342
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48343

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48343
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48344

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48344
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48345

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48345
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48346

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48346
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48347

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48347
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48348

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48348
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48349

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:42:01

Description :
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48349
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48350

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:41:52

Description :
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48350
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48351

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:41:52

Description :
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48351
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48352

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:41:52

Description :
In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed

CVE ID : CVE-2023-48352
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48353

First published on : 18-01-2024 03:15:57
Last modified on : 18-01-2024 13:41:52

Description :
In vsp driver, there is a possible use after free due to a logic error. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-48353
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48354

First published on : 18-01-2024 03:15:58
Last modified on : 18-01-2024 13:41:52

Description :
In telephone service, there is a possible improper input validation. This could lead to local information disclosure with no additional execution privileges needed

CVE ID : CVE-2023-48354
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48355

First published on : 18-01-2024 03:15:58
Last modified on : 18-01-2024 13:41:52

Description :
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-48355
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48356

First published on : 18-01-2024 03:15:58
Last modified on : 18-01-2024 13:41:52

Description :
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-48356
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48357

First published on : 18-01-2024 03:15:58
Last modified on : 18-01-2024 13:41:52

Description :
In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-48357
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48358

First published on : 18-01-2024 03:15:58
Last modified on : 18-01-2024 13:41:52

Description :
In drm driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-48358
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Vulnerability ID : CVE-2023-48359

First published on : 18-01-2024 03:15:58
Last modified on : 18-01-2024 13:41:52

Description :
In autotest driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed

CVE ID : CVE-2023-48359
Source : security@unisoc.com
CVSS Score : /

References :
https://www.unisoc.com/en_us/secy/announcementDetail/1745735200442220545 | source : security@unisoc.com


Source : redhat.com

Vulnerability ID : CVE-2024-0409

First published on : 18-01-2024 16:15:08
Last modified on : 18-01-2024 19:25:46

Description :
A flaw was found in the X.Org server. The cursor code in both Xephyr and Xwayland uses the wrong type of private at creation. It uses the cursor bits type with the cursor as private, and when initiating the cursor, that overwrites the XSELINUX context.

CVE ID : CVE-2024-0409
Source : secalert@redhat.com
CVSS Score : /

References :
https://access.redhat.com/security/cve/CVE-2024-0409 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2257690 | source : secalert@redhat.com

Vulnerability : CWE-787


Source : wordfence.com

Vulnerability ID : CVE-2024-0694

First published on : 18-01-2024 18:15:08
Last modified on : 18-01-2024 18:15:08

Description :
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-6620. Reason: This candidate is a reservation duplicate of CVE-2023-6620. Notes: All CVE users should reference CVE-2023-6620 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

CVE ID : CVE-2024-0694
Source : security@wordfence.com
CVSS Score : /

References :


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.