Latest vulnerabilities [Thursday, January 25, 2024]

Latest vulnerabilities [Thursday, January 25, 2024]
{{titre}}

Last update performed on 01/25/2024 at 11:57:07 PM

(2) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : hq.dhs.gov

Vulnerability ID : CVE-2023-7227

First published on : 25-01-2024 19:15:08
Last modified on : 25-01-2024 19:28:53

Description :
SystemK NVR 504/508/516 versions 2.3.5SK.30084998 and prior are vulnerable to a command injection vulnerability in the dynamic domain name system (DDNS) settings that could allow an attacker to execute arbitrary commands with root privileges.

CVE ID : CVE-2023-7227
Source : ics-cert@hq.dhs.gov
CVSS Score : 9.8

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-24-025-02 | source : ics-cert@hq.dhs.gov

Vulnerability : CWE-77


Source : redhat.com

Vulnerability ID : CVE-2024-0822

First published on : 25-01-2024 16:15:08
Last modified on : 25-01-2024 19:28:53

Description :
An authentication bypass vulnerability was found in overt-engine. This flaw allows the creation of users in the system without authentication due to a flaw in the CreateUserSession command.

CVE ID : CVE-2024-0822
Source : secalert@redhat.com
CVSS Score : 9.1

References :
https://access.redhat.com/security/cve/CVE-2024-0822 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2258509 | source : secalert@redhat.com

Vulnerability : CWE-1390


(11) HIGH VULNERABILITIES [7.0, 8.9]

Source : redhat.com

Vulnerability ID : CVE-2023-6267

First published on : 25-01-2024 19:15:08
Last modified on : 25-01-2024 19:28:53

Description :
A flaw was found in the json payload. If annotation based security is used to secure a REST resource, the JSON body that the resource may consume is being processed (deserialized) prior to the security constraints being evaluated and applied. This does not happen with configuration based security.

CVE ID : CVE-2023-6267
Source : secalert@redhat.com
CVSS Score : 8.6

References :
https://access.redhat.com/security/cve/CVE-2023-6267 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2251155 | source : secalert@redhat.com

Vulnerability : CWE-280


Vulnerability ID : CVE-2023-40547

First published on : 25-01-2024 16:15:07
Last modified on : 25-01-2024 19:28:53

Description :
A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise.

CVE ID : CVE-2023-40547
Source : secalert@redhat.com
CVSS Score : 8.3

References :
https://access.redhat.com/security/cve/CVE-2023-40547 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2234589 | source : secalert@redhat.com


Vulnerability ID : CVE-2023-52355

First published on : 25-01-2024 20:15:38
Last modified on : 25-01-2024 21:52:01

Description :
An out-of-memory flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFRasterScanlineSize64() API. This flaw allows a remote attacker to cause a denial of service via a crafted input with a size smaller than 379 KB.

CVE ID : CVE-2023-52355
Source : secalert@redhat.com
CVSS Score : 7.5

References :
https://access.redhat.com/security/cve/CVE-2023-52355 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2251326 | source : secalert@redhat.com
https://gitlab.com/libtiff/libtiff/-/issues/621 | source : secalert@redhat.com

Vulnerability : CWE-400


Vulnerability ID : CVE-2023-52356

First published on : 25-01-2024 20:15:39
Last modified on : 25-01-2024 21:52:01

Description :
A segment fault (SEGV) flaw was found in libtiff that could be triggered by passing a crafted tiff file to the TIFFReadRGBATileExt() API. This flaw allows a remote attacker to cause a heap-buffer overflow, leading to a denial of service.

CVE ID : CVE-2023-52356
Source : secalert@redhat.com
CVSS Score : 7.5

References :
https://access.redhat.com/security/cve/CVE-2023-52356 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2251344 | source : secalert@redhat.com
https://gitlab.com/libtiff/libtiff/-/issues/622 | source : secalert@redhat.com
https://gitlab.com/libtiff/libtiff/-/merge_requests/546 | source : secalert@redhat.com

Vulnerability : CWE-122


Source : github.com

Vulnerability ID : CVE-2023-52076

First published on : 25-01-2024 16:15:07
Last modified on : 25-01-2024 19:28:53

Description :
Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A path traversal and arbitrary file write vulnerability exists in versions of Atril prior to 1.26.2. This vulnerability is capable of writing arbitrary files anywhere on the filesystem to which the user opening a crafted document has access. The only limitation is that this vulnerability cannot be exploited to overwrite existing files, but that doesn't stop an attacker from achieving Remote Command Execution on the target system. Version 1.26.2 of Atril contains a patch for this vulnerability.

CVE ID : CVE-2023-52076
Source : security-advisories@github.com
CVSS Score : 8.5

References :
https://github.com/mate-desktop/atril/commit/e70b21c815418a1e6ebedf6d8d31b8477c03ba50 | source : security-advisories@github.com
https://github.com/mate-desktop/atril/releases/tag/v1.26.2 | source : security-advisories@github.com
https://github.com/mate-desktop/atril/security/advisories/GHSA-6mf6-mxpc-jc37 | source : security-advisories@github.com

Vulnerability : CWE-22
Vulnerability : CWE-24
Vulnerability : CWE-25
Vulnerability : CWE-27


Vulnerability ID : CVE-2024-23655

First published on : 25-01-2024 20:15:40
Last modified on : 25-01-2024 21:52:01

Description :
Tuta is an encrypted email service. Starting in version 3.118.12 and prior to version 3.119.10, an attacker is able to send a manipulated email so that the user can no longer use the app to get access to received emails. By sending a manipulated email, an attacker could put the app into an unusable state. In this case, a user can no longer access received e-mails. Since the vulnerability affects not only the app, but also the web application, a user in this case has no way to access received emails. This issue was tested with iOS and the web app, but it is possible all clients are affected. Version 3.119.10 fixes this issue.

CVE ID : CVE-2024-23655
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/tutao/tutanota/releases/tag/tutanota-release-3.119.10 | source : security-advisories@github.com
https://github.com/tutao/tutanota/security/advisories/GHSA-5h47-g927-629g | source : security-advisories@github.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-23656

First published on : 25-01-2024 20:15:41
Last modified on : 25-01-2024 21:52:01

Description :
Dex is an identity service that uses OpenID Connect to drive authentication for other apps. Dex 2.37.0 serves HTTPS with insecure TLS 1.0 and TLS 1.1. `cmd/dex/serve.go` line 425 seemingly sets TLS 1.2 as minimum version, but the whole `tlsConfig` is ignored after `TLS cert reloader` was introduced in v2.37.0. Configured cipher suites are not respected either. This issue is fixed in Dex 2.38.0.

CVE ID : CVE-2024-23656
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/dexidp/dex/blob/70d7a2c7c1bb2646b1a540e49616cbc39622fb83/cmd/dex/serve.go#L425 | source : security-advisories@github.com
https://github.com/dexidp/dex/commit/5bbdb4420254ba73b9c4df4775fe7bdacf233b17 | source : security-advisories@github.com
https://github.com/dexidp/dex/issues/2848 | source : security-advisories@github.com
https://github.com/dexidp/dex/pull/2964 | source : security-advisories@github.com
https://github.com/dexidp/dex/security/advisories/GHSA-gr79-9v6v-gc9r | source : security-advisories@github.com

Vulnerability : CWE-326
Vulnerability : CWE-757


Vulnerability ID : CVE-2024-23817

First published on : 25-01-2024 20:15:41
Last modified on : 25-01-2024 21:52:01

Description :
Dolibarr is an enterprise resource planning (ERP) and customer relationship management (CRM) software package. Version 18.0.4 has a HTML Injection vulnerability in the Home page of the Dolibarr Application. This vulnerability allows an attacker to inject arbitrary HTML tags and manipulate the rendered content in the application's response. Specifically, I was able to successfully inject a new HTML tag into the returned document and, as a result, was able to comment out some part of the Dolibarr App Home page HTML code. This behavior can be exploited to perform various attacks like Cross-Site Scripting (XSS). To remediate the issue, validate and sanitize all user-supplied input, especially within HTML attributes, to prevent HTML injection attacks; and implement proper output encoding when rendering user-provided data to ensure it is treated as plain text rather than executable HTML.

CVE ID : CVE-2024-23817
Source : security-advisories@github.com
CVSS Score : 7.1

References :
https://github.com/Dolibarr/dolibarr/security/advisories/GHSA-7947-48q7-cp5m | source : security-advisories@github.com

Vulnerability : CWE-79
Vulnerability : CWE-80


Source : emc.com

Vulnerability ID : CVE-2024-22432

First published on : 25-01-2024 15:15:07
Last modified on : 25-01-2024 19:28:53

Description :
Networker 19.9 and all prior versions contains a Plain-text Password stored in temporary config file during backup duration in NMDA MySQL Database backups. User has low privilege access to Networker Client system could potentially exploit this vulnerability, leading to the disclosure of configured MySQL Database user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application Database with privileges of the compromised account.

CVE ID : CVE-2024-22432
Source : security_alert@emc.com
CVSS Score : 7.8

References :
https://www.dell.com/support/kbdoc/en-us/000221474/dsa-2024-059-security-update-for-dell-networker-multiple-components-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-256


Source : google.com

Vulnerability ID : CVE-2023-3181

First published on : 25-01-2024 16:15:07
Last modified on : 25-01-2024 19:28:53

Description :
The C:\Program Files (x86)\Splashtop\Splashtop Software Updater\uninst.exe process creates a folder at C:\Windows\Temp~nsu.tmp and copies itself to it as Au_.exe. The C:\Windows\Temp~nsu.tmp\Au_.exe file is automatically launched as SYSTEM when the system reboots or when a standard user runs an MSI repair using Splashtop Streamer’s Windows Installer. Since the C:\Windows\Temp~nsu.tmp folder inherits permissions from C:\Windows\Temp and Au_.exe is susceptible to DLL hijacking, standard users can write a malicious DLL to it and elevate their privileges.

CVE ID : CVE-2023-3181
Source : cve-coordination@google.com
CVSS Score : 7.8

References :
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0015.md | source : cve-coordination@google.com

Vulnerability : CWE-379


Source : incibe.es

Vulnerability ID : CVE-2024-23855

First published on : 25-01-2024 14:15:27
Last modified on : 25-01-2024 19:28:53

Description :
A vulnerability has been reported in Cups Easy (Purchase & Inventory), version 1.0, whereby user-controlled inputs are not sufficiently encoded, resulting in a Cross-Site Scripting (XSS) vulnerability via/cupseasylive/taxcodemodify.php, in multiple parameters. Exploitation of this vulnerability could allow a remote attacker to send a specially crafted URL to an authenticated user and steal their session cookie credentials.

CVE ID : CVE-2024-23855
Source : cve-coordination@incibe.es
CVSS Score : 7.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cups-easy | source : cve-coordination@incibe.es

Vulnerability : CWE-79


(16) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : jfrog.com

Vulnerability ID : CVE-2024-0879

First published on : 25-01-2024 15:15:07
Last modified on : 25-01-2024 19:28:53

Description :
Authentication bypass in vector-admin allows a user to register to a vector-admin server while “domain restriction” is active, even when not owning an authorized email address.

CVE ID : CVE-2024-0879
Source : reefs@jfrog.com
CVSS Score : 6.5

References :
https://github.com/Mintplex-Labs/vector-admin/pull/128/commits/a581b8177dd6be719a5ef6d3ce4b1e939636bb41 | source : reefs@jfrog.com
https://research.jfrog.com/vulnerabilities/vector-admin-filter-bypass/ | source : reefs@jfrog.com

Vulnerability : CWE-287


Source : openanolis.org

Vulnerability ID : CVE-2024-22099

First published on : 25-01-2024 07:15:08
Last modified on : 25-01-2024 13:38:33

Description :
NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kernel: v2.6.12-rc2.

CVE ID : CVE-2024-22099
Source : security@openanolis.org
CVSS Score : 6.3

References :
https://bugzilla.openanolis.cn/show_bug.cgi?id=7956 | source : security@openanolis.org

Vulnerability : CWE-476


Vulnerability ID : CVE-2024-23307

First published on : 25-01-2024 07:15:09
Last modified on : 25-01-2024 13:38:33

Description :
Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (md, raid, raid5 modules) allows Forced Integer Overflow.

CVE ID : CVE-2024-23307
Source : security@openanolis.org
CVSS Score : 4.4

References :
https://bugzilla.openanolis.cn/show_bug.cgi?id=7975 | source : security@openanolis.org

Vulnerability : CWE-190


Source : vuldb.com

Vulnerability ID : CVE-2024-0883

First published on : 25-01-2024 19:15:08
Last modified on : 25-01-2024 19:28:53

Description :
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been declared as critical. This vulnerability affects the function prepare of the file admin/pay.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252034 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0883
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://blog.csdn.net/weixin_56393356/article/details/135756616 | source : cna@vuldb.com
https://vuldb.com/?ctiid.252034 | source : cna@vuldb.com
https://vuldb.com/?id.252034 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0885

First published on : 25-01-2024 21:15:09
Last modified on : 25-01-2024 21:52:01

Description :
A vulnerability classified as problematic has been found in SpyCamLizard 1.230. Affected is an unknown function of the component HTTP GET Request Handler. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252036.

CVE ID : CVE-2024-0885
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://packetstormsecurity.com/files/176633/SpyCamLizard-1.230-Denial-Of-Service.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.252036 | source : cna@vuldb.com
https://vuldb.com/?id.252036 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0887

First published on : 25-01-2024 22:15:08
Last modified on : 25-01-2024 22:18:09

Description :
A vulnerability, which was classified as problematic, has been found in Mafiatic Blue Server 1.1. Affected by this issue is some unknown functionality of the component Connection Handler. The manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252038 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0887
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://fitoxs.com/vuldb/18-exploit-perl.txt | source : cna@vuldb.com
https://vuldb.com/?ctiid.252038 | source : cna@vuldb.com
https://vuldb.com/?id.252038 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0888

First published on : 25-01-2024 22:15:08
Last modified on : 25-01-2024 22:18:09

Description :
A vulnerability, which was classified as problematic, was found in BORGChat 1.0.0 Build 438. This affects an unknown part of the component Service Port 7551. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252039.

CVE ID : CVE-2024-0888
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://fitoxs.com/vuldb/27-exploit-perl.txt | source : cna@vuldb.com
https://vuldb.com/?ctiid.252039 | source : cna@vuldb.com
https://vuldb.com/?id.252039 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0884

First published on : 25-01-2024 21:15:08
Last modified on : 25-01-2024 21:52:01

Description :
A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0. It has been rated as critical. This issue affects the function exec of the file payment.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252035.

CVE ID : CVE-2024-0884
Source : cna@vuldb.com
CVSS Score : 4.7

References :
https://blog.csdn.net/Q_M_0_9/article/details/135846415 | source : cna@vuldb.com
https://vuldb.com/?ctiid.252035 | source : cna@vuldb.com
https://vuldb.com/?id.252035 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0880

First published on : 25-01-2024 18:15:09
Last modified on : 25-01-2024 19:28:53

Description :
A vulnerability was found in Qidianbang qdbcrm 1.1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /user/edit?id=2 of the component Password Reset. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252032. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0880
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/gtqbhksl/weekdays_something/blob/main/qdb_csrf.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.252032 | source : cna@vuldb.com
https://vuldb.com/?id.252032 | source : cna@vuldb.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-0882

First published on : 25-01-2024 19:15:08
Last modified on : 25-01-2024 19:28:53

Description :
A vulnerability was found in qwdigital LinkWechat 5.1.0. It has been classified as problematic. This affects an unknown part of the file /linkwechat-api/common/download/resource of the component Universal Download Interface. The manipulation of the argument name with the input /profile/../../../../../etc/passwd leads to path traversal: '../filedir'. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252033 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0882
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://github.com/biantaibao/LinkWechat-Scrm_arbitrary-file-download-vulnerability/blob/main/report.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.252033 | source : cna@vuldb.com
https://vuldb.com/?id.252033 | source : cna@vuldb.com

Vulnerability : CWE-24


Source : incibe.es

Vulnerability ID : CVE-2023-6282

First published on : 25-01-2024 12:15:45
Last modified on : 25-01-2024 13:38:33

Description :
IceHrm 23.0.0.OS does not sufficiently encode user-controlled input, which creates a Cross-Site Scripting (XSS) vulnerability via /icehrm/app/fileupload_page.php, in multiple parameters. An attacker could exploit this vulnerability by sending a specially crafted JavaScript payload and partially hijacking the victim's browser.

CVE ID : CVE-2023-6282
Source : cve-coordination@incibe.es
CVSS Score : 5.4

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/cross-site-scripting-vulnerability-icehrm | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Source : wordfence.com

Vulnerability ID : CVE-2024-0617

First published on : 25-01-2024 02:15:53
Last modified on : 25-01-2024 13:38:33

Description :
The Category Discount Woocommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wpcd_save_discount() function in all versions up to, and including, 4.12. This makes it possible for unauthenticated attackers to modify product category discounts that could lead to loss of revenue.

CVE ID : CVE-2024-0617
Source : security@wordfence.com
CVSS Score : 5.3

References :
https://plugins.trac.wordpress.org/browser/woo-product-category-discount/trunk/cd-admin.php#L171 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3026242%40woo-product-category-discount&new=3026242%40woo-product-category-discount&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/996b44bb-d1e0-4f82-b8ee-a98b0ae994f9?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-0624

First published on : 25-01-2024 02:15:53
Last modified on : 25-01-2024 13:38:33

Description :
The Paid Memberships Pro – Content Restriction, User Registration, & Paid Subscriptions plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.12.7. This is due to missing or incorrect nonce validation on the pmpro_update_level_order() function. This makes it possible for unauthenticated attackers to update the order of levels via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE ID : CVE-2024-0624
Source : security@wordfence.com
CVSS Score : 5.3

References :
https://plugins.trac.wordpress.org/browser/paid-memberships-pro/trunk/includes/services.php#L139 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3025164/paid-memberships-pro/tags/2.12.8/includes/services.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/ae68d083-b6e2-409b-8c91-d4eb7e62dba9?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-0688

First published on : 25-01-2024 02:15:53
Last modified on : 25-01-2024 13:38:33

Description :
The "WebSub (FKA. PubSubHubbub)" plugin for WordPress is vulnerable to Stored Cross-Site Scripting via plugin settings in all versions up to, and including, 3.1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2024-0688
Source : security@wordfence.com
CVSS Score : 4.4

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3024228%40pubsubhubbub&new=3024228%40pubsubhubbub&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/f07b166b-3436-4797-a2df-096ff7c27a09?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-0625

First published on : 25-01-2024 03:15:07
Last modified on : 25-01-2024 13:38:33

Description :
The WPFront Notification Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘wpfront-notification-bar-options[custom_class]’ parameter in all versions up to, and including, 3.3.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVE ID : CVE-2024-0625
Source : security@wordfence.com
CVSS Score : 4.4

References :
https://plugins.trac.wordpress.org/browser/wpfront-notification-bar/trunk/templates/template-wpfront-notification-bar.php#L94 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3025472%40wpfront-notification-bar&new=3025472%40wpfront-notification-bar&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/19a5a9f3-637c-42af-9775-5651a14cf516?source=cve | source : security@wordfence.com


Source : github.com

Vulnerability ID : CVE-2024-21630

First published on : 25-01-2024 20:15:40
Last modified on : 25-01-2024 21:52:01

Description :
Zulip is an open-source team collaboration tool. A vulnerability in version 8.0 is similar to CVE-2023-32677, but applies to multi-use invitations, not single-use invitation links as in the prior CVE. Specifically, it applies when the installation has configured non-admins to be able to invite users and create multi-use invitations, and has also configured only admins to be able to invite users to streams. As in CVE-2023-32677, this does not let users invite new users to arbitrary streams, only to streams that the inviter can already see. Version 8.1 fixes this issue. As a workaround, administrators can limit sending of invitations down to users who also have the permission to add users to streams.

CVE ID : CVE-2024-21630
Source : security-advisories@github.com
CVSS Score : 4.3

References :
https://github.com/zulip/zulip/commit/0df7bd71f32f3b772e2646c6ab0d60c9b610addf | source : security-advisories@github.com
https://github.com/zulip/zulip/security/advisories/GHSA-87p9-wprh-7rm6 | source : security-advisories@github.com
https://github.com/zulip/zulip/security/advisories/GHSA-mrvp-96q6-jpvc | source : security-advisories@github.com
https://zulip.com/help/configure-who-can-invite-to-streams | source : security-advisories@github.com
https://zulip.com/help/restrict-account-creation#change-who-can-send-invitations | source : security-advisories@github.com

Vulnerability : CWE-862


(1) LOW VULNERABILITIES [0.1, 3.9]

Source : vuldb.com

Vulnerability ID : CVE-2024-0886

First published on : 25-01-2024 22:15:07
Last modified on : 25-01-2024 22:18:09

Description :
A vulnerability classified as problematic was found in Poikosoft EZ CD Audio Converter 8.0.7. Affected by this vulnerability is an unknown functionality of the component Activation Handler. The manipulation of the argument Key leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-252037 was assigned to this vulnerability.

CVE ID : CVE-2024-0886
Source : cna@vuldb.com
CVSS Score : 3.3

References :
https://fitoxs.com/vuldb/09-exploit-perl.txt | source : cna@vuldb.com
https://vuldb.com/?ctiid.252037 | source : cna@vuldb.com
https://vuldb.com/?id.252037 | source : cna@vuldb.com

Vulnerability : CWE-404


(21) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2024-23985

First published on : 25-01-2024 05:15:08
Last modified on : 25-01-2024 13:38:33

Description :
EzServer 6.4.017 allows a denial of service (daemon crash) via a long string, such as one for the RNTO command.

CVE ID : CVE-2024-23985
Source : cve@mitre.org
CVSS Score : /

References :
https://packetstormsecurity.com/files/176663/EzServer-6.4.017-Denial-Of-Service.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-50785

First published on : 25-01-2024 06:15:50
Last modified on : 25-01-2024 13:38:33

Description :
Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal.

CVE ID : CVE-2023-50785
Source : cve@mitre.org
CVSS Score : /

References :
https://www.manageengine.com/products/active-directory-audit/cve-2023-50785.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-33757

First published on : 25-01-2024 08:15:08
Last modified on : 25-01-2024 13:38:33

Description :
A lack of SSL certificate validation in Splicecom iPCS (iOS App) v1.3.4, iPCS2 (iOS App) v2.8 and before, and iPCS (Android App) v1.8.5 and before allows attackers to eavesdrop on communications via a man-in-the-middle attack.

CVE ID : CVE-2023-33757
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/twignet/splicecom | source : cve@mitre.org


Vulnerability ID : CVE-2023-33758

First published on : 25-01-2024 08:15:08
Last modified on : 25-01-2024 13:38:33

Description :
Splicecom Maximiser Soft PBX v1.5 and before was discovered to contain a cross-site scripting (XSS) vulnerability via the CLIENT_NAME and DEVICE_GUID fields in the login component.

CVE ID : CVE-2023-33758
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/twignet/splicecom | source : cve@mitre.org


Vulnerability ID : CVE-2023-33759

First published on : 25-01-2024 08:15:08
Last modified on : 25-01-2024 13:38:33

Description :
SpliceCom Maximiser Soft PBX v1.5 and before does not restrict excessive authentication attempts, allowing attackers to bypass authentication via a brute force attack.

CVE ID : CVE-2023-33759
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/twignet/splicecom | source : cve@mitre.org


Vulnerability ID : CVE-2023-33760

First published on : 25-01-2024 08:15:08
Last modified on : 25-01-2024 13:38:33

Description :
SpliceCom Maximiser Soft PBX v1.5 and before was discovered to utilize a default SSL certificate. This issue can allow attackers to eavesdrop on communications via a man-in-the-middle attack.

CVE ID : CVE-2023-33760
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/twignet/splicecom | source : cve@mitre.org


Vulnerability ID : CVE-2024-22729

First published on : 25-01-2024 15:15:08
Last modified on : 25-01-2024 19:28:53

Description :
NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via the password parameter on the login page.

CVE ID : CVE-2024-22729
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/adhikara13/CVE/blob/main/netis_MW5360/blind%20command%20injection%20in%20password%20parameter%20in%20initial%20settings.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22529

First published on : 25-01-2024 16:15:08
Last modified on : 25-01-2024 19:28:53

Description :
TOTOLINK X2000R_V2 V2.0.0-B20230727.10434 has a command injection vulnerability in the sub_449040 (handle function of formUploadFile) of /bin/boa.

CVE ID : CVE-2024-22529
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/unpWn4bL3/iot-security/blob/main/29.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22749

First published on : 25-01-2024 16:15:09
Last modified on : 25-01-2024 19:28:53

Description :
GPAC v2.3 was detected to contain a buffer overflow via the function gf_isom_new_generic_sample_description function in the isomedia/isom_write.c:4577

CVE ID : CVE-2024-22749
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/gpac/gpac/issues/2713 | source : cve@mitre.org
https://github.com/hanxuer/crashes/blob/main/gapc/01/readme.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-41474

First published on : 25-01-2024 20:15:36
Last modified on : 25-01-2024 21:52:01

Description :
Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component.

CVE ID : CVE-2023-41474
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/JBalanza/CVE-2023-41474 | source : cve@mitre.org


Vulnerability ID : CVE-2023-52046

First published on : 25-01-2024 21:15:08
Last modified on : 25-01-2024 21:52:01

Description :
Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to execute arbitrary code via a crafted payload to the "Execute cron job as" tab Input field.

CVE ID : CVE-2023-52046
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Acklee/webadmin_xss/blob/main/xss.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-52251

First published on : 25-01-2024 21:15:08
Last modified on : 25-01-2024 21:52:01

Description :
An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arbitrary code via the q parameter of /api/clusters/local/topics/{topic}/messages.

CVE ID : CVE-2023-52251
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/BobTheShoplifter/CVE-2023-52251-POC | source : cve@mitre.org


Vulnerability ID : CVE-2024-22635

First published on : 25-01-2024 21:15:09
Last modified on : 25-01-2024 21:52:01

Description :
WebCalendar v1.3.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /WebCalendarvqsmnseug2/edit_entry.php.

CVE ID : CVE-2024-22635
Source : cve@mitre.org
CVSS Score : /

References :
https://packetstormsecurity.com/files/176365/WebCalendar-1.3.0-Cross-Site-Scripting.html | source : cve@mitre.org


Vulnerability ID : CVE-2024-22636

First published on : 25-01-2024 21:15:09
Last modified on : 25-01-2024 21:52:01

Description :
PluXml Blog v5.8.9 was discovered to contain a remote code execution (RCE) vulnerability in the Static Pages feature. This vulnerability is exploited via injecting a crafted payload into the Content field.

CVE ID : CVE-2024-22636
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/capture0x/PluXml-RCE/blob/main/PluXml.txt | source : cve@mitre.org


Vulnerability ID : CVE-2024-22637

First published on : 25-01-2024 21:15:09
Last modified on : 25-01-2024 21:52:01

Description :
Form Tools v3.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the component /form_builder/preview.php?form_id=2.

CVE ID : CVE-2024-22637
Source : cve@mitre.org
CVSS Score : /

References :
https://packetstormsecurity.com/files/176403/Form-Tools-3.1.1-Cross-Site-Scripting.html | source : cve@mitre.org


Vulnerability ID : CVE-2024-22638

First published on : 25-01-2024 21:15:09
Last modified on : 25-01-2024 21:52:01

Description :
liveSite v2019.1 was discovered to contain a remote code execution (RCE) vulenrabiity via the component /livesite/edit_designer_region.php.

CVE ID : CVE-2024-22638
Source : cve@mitre.org
CVSS Score : /

References :
https://packetstormsecurity.com/files/176420/liveSite-2019.1-Remote-Code-Execution.html | source : cve@mitre.org


Vulnerability ID : CVE-2024-22639

First published on : 25-01-2024 21:15:09
Last modified on : 25-01-2024 21:52:01

Description :
iGalerie v3.0.22 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Titre (Title) field in the editing interface.

CVE ID : CVE-2024-22639
Source : cve@mitre.org
CVSS Score : /

References :
https://packetstormsecurity.com/files/176411/iGalerie-3.0.22-Cross-Site-Scripting.html | source : cve@mitre.org


Vulnerability ID : CVE-2024-24399

First published on : 25-01-2024 21:15:09
Last modified on : 25-01-2024 21:52:01

Description :
An arbitrary file upload vulnerability in LeptonCMS v7.0.0 allows authenticated attackers to execute arbitrary code via uploading a crafted PHP file.

CVE ID : CVE-2024-24399
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/capture0x/leptoncms/blob/main/README.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-51833

First published on : 25-01-2024 22:15:07
Last modified on : 25-01-2024 22:18:09

Description :
A command injection issue in TRENDnet TEW-411BRPplus v.2.07_eu that allows a local attacker to execute arbitrary code via the data1 parameter in the debug.cgi page.

CVE ID : CVE-2023-51833
Source : cve@mitre.org
CVSS Score : /

References :
https://warp-desk-89d.notion.site/TEW-411BRPplus-9bafe26e48964be3be12eab47f77203d | source : cve@mitre.org
https://www.trendnet.com/support/support-detail.asp?prod=160_TEW-411BRPplus | source : cve@mitre.org


Vulnerability ID : CVE-2024-22922

First published on : 25-01-2024 22:15:08
Last modified on : 25-01-2024 22:18:09

Description :
An issue in Projectworlds Vistor Management Systemin PHP v.1.0 allows a remtoe attacker to escalate privileges via a crafted script to the login page in the POST/index.php

CVE ID : CVE-2024-22922
Source : cve@mitre.org
CVSS Score : /

References :
http://projectworlds.com | source : cve@mitre.org
http://visitor.com | source : cve@mitre.org
https://github.com/keru6k/CVE-2024-22922/blob/main/CVE-2024-22922.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-23055

First published on : 25-01-2024 22:15:08
Last modified on : 25-01-2024 22:18:09

Description :
An issue in Plone Docker Official Image 5.2.13 (5221) open-source software allows for remote code execution via improper validation of input by the HOST headers.

CVE ID : CVE-2024-23055
Source : cve@mitre.org
CVSS Score : /

References :
http://plone.com | source : cve@mitre.org
http://ploneorg.com | source : cve@mitre.org
https://github.com/c0d3x27/CVEs/tree/main/CVE-2024-23055 | source : cve@mitre.org


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! You’ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.