Latest vulnerabilities [Tuesday, January 09, 2024]

Latest vulnerabilities [Tuesday, January 09, 2024]
{{titre}}

Last update performed on 01/09/2024 at 11:57:05 PM

(10) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : siemens.com

Vulnerability ID : CVE-2023-51438

First published on : 09-01-2024 10:15:21
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in SIMATIC IPC1047E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC647E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows), SIMATIC IPC847E (All versions with maxView Storage Manager < V4.14.00.26068 on Windows). In default installations of maxView Storage Manager where Redfishยฎ server is configured for remote system management, a vulnerability has been identified that can provide unauthorized access.

CVE ID : CVE-2023-51438
Source : productcert@siemens.com
CVSS Score : 10.0

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-702935.pdf | source : productcert@siemens.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2023-49621

First published on : 09-01-2024 10:15:20
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device.

CVE ID : CVE-2023-49621
Source : productcert@siemens.com
CVSS Score : 9.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf | source : productcert@siemens.com

Vulnerability : CWE-1392


Source : github.com

Vulnerability ID : CVE-2024-21663

First published on : 09-01-2024 00:15:44
Last modified on : 09-01-2024 14:01:44

Description :
Discord-Recon is a Discord bot created to automate bug bounty recon, automated scans and information gathering via a discord server. Discord-Recon is vulnerable to remote code execution. An attacker is able to execute shell commands in the server without having an admin role. This vulnerability has been fixed in version 0.0.8.

CVE ID : CVE-2024-21663
Source : security-advisories@github.com
CVSS Score : 9.9

References :
https://github.com/DEMON1A/Discord-Recon/commit/f9cb0f67177f5e2f1022295ca8e641e47837ec7a | source : security-advisories@github.com
https://github.com/DEMON1A/Discord-Recon/issues/23 | source : security-advisories@github.com
https://github.com/DEMON1A/Discord-Recon/security/advisories/GHSA-fjcj-g7x8-4rp7 | source : security-advisories@github.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-21646

First published on : 09-01-2024 01:15:38
Last modified on : 09-01-2024 14:01:44

Description :
Azure uAMQP is a general purpose C library for AMQP 1.0. The UAMQP library is used by several clients to implement AMQP protocol communication. When clients using this library receive a crafted binary type data, an integer overflow or wraparound or memory safety issue can occur and may cause remote code execution. This vulnerability has been patched in release 2024-01-01.

CVE ID : CVE-2024-21646
Source : security-advisories@github.com
CVSS Score : 9.8

References :
https://github.com/Azure/azure-uamqp-c/commit/12ddb3a31a5a97f55b06fa5d74c59a1d84ad78fe | source : security-advisories@github.com
https://github.com/Azure/azure-uamqp-c/security/advisories/GHSA-j29m-p99g-7hpv | source : security-advisories@github.com

Vulnerability : CWE-94


Source : vuldb.com

Vulnerability ID : CVE-2023-7220

First published on : 09-01-2024 08:15:36
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability was found in Totolink NR1800X 9.1.0u.6279_B20210910 and classified as critical. Affected by this issue is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-249854 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-7220
Source : cna@vuldb.com
CVSS Score : 9.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/NR1800X/1/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.249854 | source : cna@vuldb.com
https://vuldb.com/?id.249854 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2023-7221

First published on : 09-01-2024 14:15:46
Last modified on : 09-01-2024 14:55:35

Description :
A vulnerability was found in Totolink T6 4.1.9cu.5241_B20210923. It has been classified as critical. This affects the function main of the file /cgi-bin/cstecgi.cgi?action=login of the component HTTP POST Request Handler. The manipulation of the argument v41 leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249855. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-7221
Source : cna@vuldb.com
CVSS Score : 9.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/T6/1/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.249855 | source : cna@vuldb.com
https://vuldb.com/?id.249855 | source : cna@vuldb.com

Vulnerability : CWE-120


Source : cyberdanube.com

Vulnerability ID : CVE-2023-5347

First published on : 09-01-2024 10:15:22
Last modified on : 09-01-2024 14:01:44

Description :
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.

CVE ID : CVE-2023-5347
Source : office@cyberdanube.com
CVSS Score : 9.8

References :
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/ | source : office@cyberdanube.com
https://www.beijerelectronics.com/en/support/Help___online?docId=69947 | source : office@cyberdanube.com

Vulnerability : CWE-347


Source : hackerone.com

Vulnerability ID : CVE-2023-39336

First published on : 09-01-2024 02:15:44
Last modified on : 09-01-2024 14:01:44

Description :
An unspecified SQL Injection vulnerability in Ivanti Endpoint Manager released prior to 2022 SU 5 allows an attacker with access to the internal network to execute arbitrary SQL queries and retrieve output without the need for authentication. Under specific circumstances, this may also lead to RCE on the core server.

CVE ID : CVE-2023-39336
Source : support@hackerone.com
CVSS Score : 9.6

References :
https://forums.ivanti.com/s/article/SA-2023-12-19-CVE-2023-39336?language=en_US | source : support@hackerone.com


Source : microsoft.com

Vulnerability ID : CVE-2024-0057

First published on : 09-01-2024 18:15:46
Last modified on : 09-01-2024 19:56:14

Description :
NET, .NET Framework, and Visual Studio Security Feature Bypass Vulnerability

CVE ID : CVE-2024-0057
Source : secure@microsoft.com
CVSS Score : 9.1

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0057 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20674

First published on : 09-01-2024 18:15:50
Last modified on : 09-01-2024 19:56:14

Description :
Windows Kerberos Security Feature Bypass Vulnerability

CVE ID : CVE-2024-20674
Source : secure@microsoft.com
CVSS Score : 9.0

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20674 | source : secure@microsoft.com


(61) HIGH VULNERABILITIES [7.0, 8.9]

Source : siemens.com

Vulnerability ID : CVE-2023-49251

First published on : 09-01-2024 10:15:19
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application allows an attacker to add their own login credentials to the device. This allows an attacker to remotely login as root and take control of the device even after the affected device is fully set up.

CVE ID : CVE-2023-49251
Source : productcert@siemens.com
CVSS Score : 8.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf | source : productcert@siemens.com

Vulnerability : CWE-639


Vulnerability ID : CVE-2023-44120

First published on : 09-01-2024 10:15:15
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q4). The affected product's sudo configuration permits the local administrative account to execute several entries as root user. This could allow an authenticated local attacker to inject arbitrary code and gain root access.

CVE ID : CVE-2023-44120
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-786191.pdf | source : productcert@siemens.com

Vulnerability : CWE-732


Vulnerability ID : CVE-2023-49121

First published on : 09-01-2024 10:15:16
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-49121
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-122


Vulnerability ID : CVE-2023-49122

First published on : 09-01-2024 10:15:17
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-49122
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-122


Vulnerability ID : CVE-2023-49123

First published on : 09-01-2024 10:15:17
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-49123
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-122


Vulnerability ID : CVE-2023-49124

First published on : 09-01-2024 10:15:17
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-49124
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-125


Vulnerability ID : CVE-2023-49126

First published on : 09-01-2024 10:15:17
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-49126
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-125


Vulnerability ID : CVE-2023-49127

First published on : 09-01-2024 10:15:18
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-49127
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-125


Vulnerability ID : CVE-2023-49128

First published on : 09-01-2024 10:15:18
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-49128
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-787


Vulnerability ID : CVE-2023-49129

First published on : 09-01-2024 10:15:18
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-49129
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2023-49130

First published on : 09-01-2024 10:15:19
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

CVE ID : CVE-2023-49130
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-824


Vulnerability ID : CVE-2023-49131

First published on : 09-01-2024 10:15:19
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

CVE ID : CVE-2023-49131
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-824


Vulnerability ID : CVE-2023-49132

First published on : 09-01-2024 10:15:19
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

CVE ID : CVE-2023-49132
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-589891.pdf | source : productcert@siemens.com

Vulnerability : CWE-824


Vulnerability ID : CVE-2023-51439

First published on : 09-01-2024 10:15:21
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-51439
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf | source : productcert@siemens.com

Vulnerability : CWE-125


Vulnerability ID : CVE-2023-51745

First published on : 09-01-2024 10:15:21
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-51745
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf | source : productcert@siemens.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2023-51746

First published on : 09-01-2024 10:15:22
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a stack overflow vulnerability while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process.

CVE ID : CVE-2023-51746
Source : productcert@siemens.com
CVSS Score : 7.8

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf | source : productcert@siemens.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2023-49252

First published on : 09-01-2024 10:15:20
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The affected application allows IP configuration change without authentication to the device. This could allow an attacker to cause denial of service condition.

CVE ID : CVE-2023-49252
Source : productcert@siemens.com
CVSS Score : 7.5

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-777015.pdf | source : productcert@siemens.com

Vulnerability : CWE-20


Source : microsoft.com

Vulnerability ID : CVE-2024-21318

First published on : 09-01-2024 18:15:55
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE ID : CVE-2024-21318
Source : secure@microsoft.com
CVSS Score : 8.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21318 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-0056

First published on : 09-01-2024 18:15:46
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft.Data.SqlClient and System.Data.SqlClient SQL Data Provider Security Feature Bypass Vulnerability

CVE ID : CVE-2024-0056
Source : secure@microsoft.com
CVSS Score : 8.7

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-0056 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20654

First published on : 09-01-2024 18:15:48
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft ODBC Driver Remote Code Execution Vulnerability

CVE ID : CVE-2024-20654
Source : secure@microsoft.com
CVSS Score : 8.0

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20654 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20676

First published on : 09-01-2024 18:15:50
Last modified on : 09-01-2024 19:56:14

Description :
Azure Storage Mover Remote Code Execution Vulnerability

CVE ID : CVE-2024-20676
Source : secure@microsoft.com
CVSS Score : 8.0

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20676 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20653

First published on : 09-01-2024 18:15:47
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Common Log File System Elevation of Privilege Vulnerability

CVE ID : CVE-2024-20653
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20653 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20656

First published on : 09-01-2024 18:15:48
Last modified on : 09-01-2024 19:56:14

Description :
Visual Studio Elevation of Privilege Vulnerability

CVE ID : CVE-2024-20656
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20656 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20658

First published on : 09-01-2024 18:15:48
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Virtual Hard Disk Elevation of Privilege Vulnerability

CVE ID : CVE-2024-20658
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20658 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20677

First published on : 09-01-2024 18:15:50
Last modified on : 09-01-2024 19:56:14

Description :
<p>A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that had this feature enabled will no longer have access to it. This includes Office 2019, Office 2021, Office LTSC for Mac 2021, and Microsoft 365.</p> <p>3D models in Office documents that were previously inserted from a FBX file will continue to work as expected unless the Link to File option was chosen at insert time.</p> <p>This change is effective as of the January 9, 2024 security update.</p>

CVE ID : CVE-2024-20677
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20677 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20681

First published on : 09-01-2024 18:15:51
Last modified on : 09-01-2024 19:56:14

Description :
Windows Subsystem for Linux Elevation of Privilege Vulnerability

CVE ID : CVE-2024-20681
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20681 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20682

First published on : 09-01-2024 18:15:51
Last modified on : 09-01-2024 19:56:14

Description :
Windows Cryptographic Services Remote Code Execution Vulnerability

CVE ID : CVE-2024-20682
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20682 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20683

First published on : 09-01-2024 18:15:51
Last modified on : 09-01-2024 19:56:14

Description :
Win32k Elevation of Privilege Vulnerability

CVE ID : CVE-2024-20683
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20683 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20686

First published on : 09-01-2024 18:15:51
Last modified on : 09-01-2024 19:56:14

Description :
Win32k Elevation of Privilege Vulnerability

CVE ID : CVE-2024-20686
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20686 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20698

First published on : 09-01-2024 18:15:53
Last modified on : 09-01-2024 19:56:14

Description :
Windows Kernel Elevation of Privilege Vulnerability

CVE ID : CVE-2024-20698
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20698 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21309

First published on : 09-01-2024 18:15:54
Last modified on : 09-01-2024 19:56:14

Description :
Windows Kernel-Mode Driver Elevation of Privilege Vulnerability

CVE ID : CVE-2024-21309
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21309 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21310

First published on : 09-01-2024 18:15:54
Last modified on : 09-01-2024 19:56:14

Description :
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

CVE ID : CVE-2024-21310
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21310 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21325

First published on : 09-01-2024 18:15:56
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Printer Metadata Troubleshooter Tool Remote Code Execution Vulnerability

CVE ID : CVE-2024-21325
Source : secure@microsoft.com
CVSS Score : 7.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21325 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20652

First published on : 09-01-2024 18:15:47
Last modified on : 09-01-2024 19:56:14

Description :
Windows HTML Platforms Security Feature Bypass Vulnerability

CVE ID : CVE-2024-20652
Source : secure@microsoft.com
CVSS Score : 7.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20652 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20661

First published on : 09-01-2024 18:15:49
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Message Queuing Denial of Service Vulnerability

CVE ID : CVE-2024-20661
Source : secure@microsoft.com
CVSS Score : 7.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20661 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20672

First published on : 09-01-2024 18:15:50
Last modified on : 09-01-2024 19:56:14

Description :
.NET Core and Visual Studio Denial of Service Vulnerability

CVE ID : CVE-2024-20672
Source : secure@microsoft.com
CVSS Score : 7.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20672 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20687

First published on : 09-01-2024 18:15:52
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft AllJoyn API Denial of Service Vulnerability

CVE ID : CVE-2024-20687
Source : secure@microsoft.com
CVSS Score : 7.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20687 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20700

First published on : 09-01-2024 18:15:53
Last modified on : 09-01-2024 19:56:14

Description :
Windows Hyper-V Remote Code Execution Vulnerability

CVE ID : CVE-2024-20700
Source : secure@microsoft.com
CVSS Score : 7.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20700 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21307

First published on : 09-01-2024 18:15:54
Last modified on : 09-01-2024 19:56:14

Description :
Remote Desktop Client Remote Code Execution Vulnerability

CVE ID : CVE-2024-21307
Source : secure@microsoft.com
CVSS Score : 7.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21307 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21312

First published on : 09-01-2024 18:15:55
Last modified on : 09-01-2024 19:56:14

Description :
.NET Framework Denial of Service Vulnerability

CVE ID : CVE-2024-21312
Source : secure@microsoft.com
CVSS Score : 7.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21312 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20696

First published on : 09-01-2024 18:15:52
Last modified on : 09-01-2024 19:56:14

Description :
Windows Libarchive Remote Code Execution Vulnerability

CVE ID : CVE-2024-20696
Source : secure@microsoft.com
CVSS Score : 7.3

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20696 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20697

First published on : 09-01-2024 18:15:53
Last modified on : 09-01-2024 19:56:14

Description :
Windows Libarchive Remote Code Execution Vulnerability

CVE ID : CVE-2024-20697
Source : secure@microsoft.com
CVSS Score : 7.3

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20697 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20657

First published on : 09-01-2024 18:15:48
Last modified on : 09-01-2024 19:56:14

Description :
Windows Group Policy Elevation of Privilege Vulnerability

CVE ID : CVE-2024-20657
Source : secure@microsoft.com
CVSS Score : 7.0

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20657 | source : secure@microsoft.com


Source : cyberdanube.com

Vulnerability ID : CVE-2023-5376

First published on : 09-01-2024 10:15:22
Last modified on : 09-01-2024 14:01:44

Description :
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

CVE ID : CVE-2023-5376
Source : office@cyberdanube.com
CVSS Score : 8.6

References :
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/ | source : office@cyberdanube.com
https://www.beijerelectronics.com/en/support/Help___online?docId=69947 | source : office@cyberdanube.com

Vulnerability : CWE-287


Source : sap.com

Vulnerability ID : CVE-2024-21737

First published on : 09-01-2024 02:15:45
Last modified on : 09-01-2024 14:01:44

Description :
In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on confidentiality, integrity and availability.

CVE ID : CVE-2024-21737
Source : cna@sap.com
CVSS Score : 8.4

References :
https://me.sap.com/notes/3411869 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2024-22125

First published on : 09-01-2024 02:15:46
Last modified on : 09-01-2024 14:01:44

Description :
Under certain conditions the Microsoft Edge browser extension (SAP GUI connector for Microsoft Edge) - version 1.0, allows an attacker to access highly sensitive information which would otherwise be restricted causing high impact on confidentiality.

CVE ID : CVE-2024-22125
Source : cna@sap.com
CVSS Score : 7.4

References :
https://me.sap.com/notes/3386378 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnerability : CWE-497


Vulnerability ID : CVE-2024-21735

First published on : 09-01-2024 01:15:39
Last modified on : 09-01-2024 14:01:44

Description :
SAP LT Replication Server - version S4CORE 103, S4CORE 104, S4CORE 105, S4CORE 106, S4CORE 107, S4CORE 108, does not perform necessary authorization checks. This could allow an attacker with high privileges to perform unintended actions, resulting in escalation of privileges, which has High impact on confidentiality, integrity and availability of the system.

CVE ID : CVE-2024-21735
Source : cna@sap.com
CVSS Score : 7.3

References :
https://me.sap.com/notes/3407617 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnerability : CWE-285


Source : mitre.org

Vulnerability ID : CVE-2023-50930

First published on : 09-01-2024 07:15:07
Last modified on : 09-01-2024 14:01:44

Description :
An issue was discovered in savignano S/Notify before 4.0.2 for Jira. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Jira, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.

CVE ID : CVE-2023-50930
Source : cve@mitre.org
CVSS Score : 8.3

References :
https://help.savignano.net/snotify-email-encryption/sa-2023-11-28 | source : cve@mitre.org


Vulnerability ID : CVE-2023-50931

First published on : 09-01-2024 07:15:09
Last modified on : 09-01-2024 14:01:44

Description :
An issue was discovered in savignano S/Notify before 2.0.1 for Bitbucket. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Bitbucket, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.

CVE ID : CVE-2023-50931
Source : cve@mitre.org
CVSS Score : 8.3

References :
https://help.savignano.net/snotify-email-encryption/sa-2023-11-28 | source : cve@mitre.org


Vulnerability ID : CVE-2023-50932

First published on : 09-01-2024 07:15:10
Last modified on : 09-01-2024 14:01:44

Description :
An issue was discovered in savignano S/Notify before 4.0.2 for Confluence. While an administrative user is logged on, the configuration settings of S/Notify can be modified via a CSRF attack. The injection could be initiated by the administrator clicking a malicious link in an email or by visiting a malicious website. If executed while an administrator is logged on to Confluence, an attacker could exploit this to modify the configuration of the S/Notify app on that host. This can, in particular, lead to email notifications being no longer encrypted when they should be.

CVE ID : CVE-2023-50932
Source : cve@mitre.org
CVSS Score : 8.3

References :
https://help.savignano.net/snotify-email-encryption/sa-2023-11-28 | source : cve@mitre.org


Source : bosch.com

Vulnerability ID : CVE-2023-49722

First published on : 09-01-2024 10:15:20
Last modified on : 09-01-2024 14:01:44

Description :
Network port 8899 open in WiFi firmware of BCC101/BCC102/BCC50 products, that allows an attacker to connect to the device via same WiFi network.

CVE ID : CVE-2023-49722
Source : psirt@bosch.com
CVSS Score : 8.3

References :
https://psirt.bosch.com/security-advisories/BOSCH-SA-473852.html | source : psirt@bosch.com

Vulnerability : CWE-1125


Source : trellix.com

Vulnerability ID : CVE-2024-0213

First published on : 09-01-2024 14:15:46
Last modified on : 09-01-2024 14:55:35

Description :
A buffer overflow vulnerability in TA for Linux and TA for MacOS prior to 5.8.1 allows a local user to gain elevated permissions, or cause a Denial of Service (DoS), through exploiting a memory corruption issue in the TA service, which runs as root. This may also result in the disabling of event reporting to ePO, caused by failure to validate input from the file correctly.

CVE ID : CVE-2024-0213
Source : trellixpsirt@trellix.com
CVSS Score : 8.2

References :
https://kcm.trellix.com/corporate/index?page=content&id=SB10416 | source : trellixpsirt@trellix.com

Vulnerability : CWE-120


Vulnerability ID : CVE-2024-0206

First published on : 09-01-2024 14:15:46
Last modified on : 09-01-2024 14:55:35

Description :
A symbolic link manipulation vulnerability in Trellix Anti-Malware Engine prior to the January 2024 release allows an authenticated local user to potentially gain an escalation of privileges. This was achieved by adding an entry to the registry under the Trellix ENS registry folder with a symbolic link to files that the user wouldn't normally have permission to. After a scan, the Engine would follow the links and remove the files

CVE ID : CVE-2024-0206
Source : trellixpsirt@trellix.com
CVSS Score : 7.1

References :
https://kcm.trellix.com/corporate/index?page=content&id=SB10415 | source : trellixpsirt@trellix.com

Vulnerability : CWE-59


Source : github.com

Vulnerability ID : CVE-2024-21648

First published on : 09-01-2024 00:15:44
Last modified on : 09-01-2024 14:01:44

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The rollback action is missing a right protection, a user can rollback to a previous version of the page to gain rights they don't have anymore. The problem has been patched in XWiki 14.10.17, 15.5.3 and 15.8-rc-1 by ensuring that the rights are checked before performing the rollback.

CVE ID : CVE-2024-21648
Source : security-advisories@github.com
CVSS Score : 8.0

References :
https://github.com/xwiki/xwiki-platform/commit/4de72875ca49602796165412741033bfdbf1e680 | source : security-advisories@github.com
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-xh35-w7wg-95v3 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XWIKI-21257 | source : security-advisories@github.com

Vulnerability : CWE-274


Vulnerability ID : CVE-2024-21651

First published on : 09-01-2024 00:15:44
Last modified on : 09-01-2024 14:01:44

Description :
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A user able to attach a file to a page can post a malformed TAR file by manipulating file modification times headers, which when parsed by Tika, could cause a denial of service issue via CPU consumption. This vulnerability has been patched in XWiki 14.10.18, 15.5.3 and 15.8 RC1.

CVE ID : CVE-2024-21651
Source : security-advisories@github.com
CVSS Score : 7.5

References :
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8959-rfxh-r4j4 | source : security-advisories@github.com
https://jira.xwiki.org/browse/XCOMMONS-2796 | source : security-advisories@github.com

Vulnerability : CWE-400


Source : se.com

Vulnerability ID : CVE-2023-7032

First published on : 09-01-2024 20:15:42
Last modified on : 09-01-2024 20:15:42

Description :
A CWE-502: Deserialization of untrusted data vulnerability exists that could allow an attacker logged in with a user level account to gain higher privileges by providing a harmful serialized object.

CVE ID : CVE-2023-7032
Source : cybersecurity@se.com
CVSS Score : 7.8

References :
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-009-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2024-009-02.pdf | source : cybersecurity@se.com

Vulnerability : CWE-502


Source : vuldb.com

Vulnerability ID : CVE-2023-7219

First published on : 09-01-2024 06:15:45
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been found in Totolink N350RT 9.3.5u.6139_B202012 and classified as critical. Affected by this vulnerability is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument http_host leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249853 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-7219
Source : cna@vuldb.com
CVSS Score : 7.2

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N350RT/5/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.249853 | source : cna@vuldb.com
https://vuldb.com/?id.249853 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2023-7222

First published on : 09-01-2024 16:15:43
Last modified on : 09-01-2024 19:56:14

Description :
A vulnerability was found in Totolink X2000R 1.0.0-B20221212.1452. It has been declared as critical. This vulnerability affects the function formTmultiAP of the file /bin/boa of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249856. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-7222
Source : cna@vuldb.com
CVSS Score : 7.2

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/X2000R/formTmultiAP/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.249856 | source : cna@vuldb.com
https://vuldb.com/?id.249856 | source : cna@vuldb.com

Vulnerability : CWE-120


Source : edk2.groups.io

Vulnerability ID : CVE-2022-36763

First published on : 09-01-2024 16:15:43
Last modified on : 09-01-2024 19:56:14

Description :
EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.

CVE ID : CVE-2022-36763
Source : infosec@edk2.groups.io
CVSS Score : 7.0

References :
https://github.com/tianocore/edk2/security/advisories/GHSA-xvv8-66cq-prwr | source : infosec@edk2.groups.io

Vulnerability : CWE-122


Vulnerability ID : CVE-2022-36764

First published on : 09-01-2024 16:15:43
Last modified on : 09-01-2024 19:56:14

Description :
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.

CVE ID : CVE-2022-36764
Source : infosec@edk2.groups.io
CVSS Score : 7.0

References :
https://github.com/tianocore/edk2/security/advisories/GHSA-4hcq-p8q8-hj8j | source : infosec@edk2.groups.io

Vulnerability : CWE-122


Vulnerability ID : CVE-2022-36765

First published on : 09-01-2024 16:15:43
Last modified on : 09-01-2024 19:56:14

Description :
EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.

CVE ID : CVE-2022-36765
Source : infosec@edk2.groups.io
CVSS Score : 7.0

References :
https://github.com/tianocore/edk2/security/advisories/GHSA-ch4w-v7m3-g8wx | source : infosec@edk2.groups.io

Vulnerability : CWE-680


(46) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : microsoft.com

Vulnerability ID : CVE-2024-21319

First published on : 09-01-2024 19:15:12
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Identity Denial of service vulnerability

CVE ID : CVE-2024-21319
Source : secure@microsoft.com
CVSS Score : 6.8

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21319 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20655

First published on : 09-01-2024 18:15:48
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Online Certificate Status Protocol (OCSP) Remote Code Execution Vulnerability

CVE ID : CVE-2024-20655
Source : secure@microsoft.com
CVSS Score : 6.6

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20655 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20666

First published on : 09-01-2024 18:15:50
Last modified on : 09-01-2024 19:56:14

Description :
BitLocker Security Feature Bypass Vulnerability

CVE ID : CVE-2024-20666
Source : secure@microsoft.com
CVSS Score : 6.6

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20666 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20660

First published on : 09-01-2024 18:15:49
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Message Queuing Information Disclosure Vulnerability

CVE ID : CVE-2024-20660
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20660 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20663

First published on : 09-01-2024 18:15:49
Last modified on : 09-01-2024 19:56:14

Description :
Windows Message Queuing Client (MSMQC) Information Disclosure

CVE ID : CVE-2024-20663
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20663 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20664

First published on : 09-01-2024 18:15:49
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Message Queuing Information Disclosure Vulnerability

CVE ID : CVE-2024-20664
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20664 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20680

First published on : 09-01-2024 18:15:51
Last modified on : 09-01-2024 19:56:14

Description :
Windows Message Queuing Client (MSMQC) Information Disclosure

CVE ID : CVE-2024-20680
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20680 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20690

First published on : 09-01-2024 18:15:52
Last modified on : 09-01-2024 19:56:14

Description :
Windows Nearby Sharing Spoofing Vulnerability

CVE ID : CVE-2024-20690
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20690 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21314

First published on : 09-01-2024 18:15:55
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Message Queuing Information Disclosure Vulnerability

CVE ID : CVE-2024-21314
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21314 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21320

First published on : 09-01-2024 18:15:56
Last modified on : 09-01-2024 19:56:14

Description :
Windows Themes Spoofing Vulnerability

CVE ID : CVE-2024-21320
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21320 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21316

First published on : 09-01-2024 18:15:55
Last modified on : 09-01-2024 19:56:14

Description :
Windows Server Key Distribution Service Security Feature Bypass

CVE ID : CVE-2024-21316
Source : secure@microsoft.com
CVSS Score : 6.1

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21316 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20692

First published on : 09-01-2024 18:15:52
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability

CVE ID : CVE-2024-20692
Source : secure@microsoft.com
CVSS Score : 5.7

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20692 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21306

First published on : 09-01-2024 18:15:54
Last modified on : 09-01-2024 19:56:14

Description :
Microsoft Bluetooth Driver Spoofing Vulnerability

CVE ID : CVE-2024-21306
Source : secure@microsoft.com
CVSS Score : 5.7

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21306 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20694

First published on : 09-01-2024 18:15:52
Last modified on : 09-01-2024 19:56:14

Description :
Windows CoreMessaging Information Disclosure Vulnerability

CVE ID : CVE-2024-20694
Source : secure@microsoft.com
CVSS Score : 5.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20694 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20699

First published on : 09-01-2024 18:15:53
Last modified on : 09-01-2024 19:56:14

Description :
Windows Hyper-V Denial of Service Vulnerability

CVE ID : CVE-2024-20699
Source : secure@microsoft.com
CVSS Score : 5.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20699 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21311

First published on : 09-01-2024 18:15:54
Last modified on : 09-01-2024 19:56:14

Description :
Windows Cryptographic Services Information Disclosure Vulnerability

CVE ID : CVE-2024-21311
Source : secure@microsoft.com
CVSS Score : 5.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21311 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21313

First published on : 09-01-2024 18:15:55
Last modified on : 09-01-2024 19:56:14

Description :
Windows TCP/IP Information Disclosure Vulnerability

CVE ID : CVE-2024-21313
Source : secure@microsoft.com
CVSS Score : 5.3

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21313 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20662

First published on : 09-01-2024 18:15:49
Last modified on : 09-01-2024 19:56:14

Description :
Windows Online Certificate Status Protocol (OCSP) Information Disclosure Vulnerability

CVE ID : CVE-2024-20662
Source : secure@microsoft.com
CVSS Score : 4.9

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20662 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-20691

First published on : 09-01-2024 18:15:52
Last modified on : 09-01-2024 19:56:14

Description :
Windows Themes Information Disclosure Vulnerability

CVE ID : CVE-2024-20691
Source : secure@microsoft.com
CVSS Score : 4.7

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20691 | source : secure@microsoft.com


Vulnerability ID : CVE-2024-21305

First published on : 09-01-2024 18:15:53
Last modified on : 09-01-2024 19:56:14

Description :
Hypervisor-Protected Code Integrity (HVCI) Security Feature Bypass Vulnerability

CVE ID : CVE-2024-21305
Source : secure@microsoft.com
CVSS Score : 4.4

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21305 | source : secure@microsoft.com


Source : siemens.com

Vulnerability ID : CVE-2023-42797

First published on : 09-01-2024 10:15:15
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP-8050 MASTER MODULE (All versions < CPCI85 V05.20). The network configuration service of affected devices contains a flaw in the conversion of ipv4 addresses that could lead to an uninitialized variable being used in succeeding validation steps. By uploading specially crafted network configuration, an authenticated remote attacker could be able to inject commands that are executed on the device with root privileges during device startup.

CVE ID : CVE-2023-42797
Source : productcert@siemens.com
CVSS Score : 6.6

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-583634.pdf | source : productcert@siemens.com

Vulnerability : CWE-908


Source : wordfence.com

Vulnerability ID : CVE-2023-6830

First published on : 09-01-2024 07:15:13
Last modified on : 09-01-2024 14:01:44

Description :
The Formidable Forms plugin for WordPress is vulnerable to HTML injection in versions up to, and including, 6.7. This vulnerability allows unauthenticated users to inject arbitrary HTML code into form fields. When the form data is viewed by an administrator in the Entries View Page, the injected HTML code is rendered, potentially leading to admin area defacement or redirection to malicious websites.

CVE ID : CVE-2023-6830
Source : security@wordfence.com
CVSS Score : 6.5

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3017166%40formidable%2Ftrunk&old=3009066%40formidable%2Ftrunk&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/ff294b0f-97fe-4d27-bf93-f5bbb57ac1f6?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-6788

First published on : 09-01-2024 04:15:07
Last modified on : 09-01-2024 14:01:44

Description :
The Metform Elementor Contact Form Builder plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.1. This is due to missing or incorrect nonce validation on the contents function. This makes it possible for unauthenticated attackers to update the options "mf_hubsopt_token", "mf_hubsopt_refresh_token", "mf_hubsopt_token_type", and "mf_hubsopt_expires_in" via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This would allow an attacker to connect their own Hubspot account to a victim site's metform to obtain leads and contacts.

CVE ID : CVE-2023-6788
Source : security@wordfence.com
CVSS Score : 5.4

References :
https://plugins.trac.wordpress.org/browser/metform/trunk/core/integrations/crm/hubspot/loader.php#L87 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3011284/metform/trunk/core/integrations/crm/hubspot/loader.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/30fd2425-ee48-4777-91c1-03906d63793a?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-6594

First published on : 09-01-2024 03:15:08
Last modified on : 09-01-2024 14:01:44

Description :
The WordPress Button Plugin MaxButtons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 9.7.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. Administrators can give button creation privileges to users with lower levels (contributor+) which would allow those lower-privileged users to carry out attacks.

CVE ID : CVE-2023-6594
Source : security@wordfence.com
CVSS Score : 4.4

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3012872%40maxbuttons%2Ftrunk&old=2978023%40maxbuttons%2Ftrunk&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/cfe2cabd-98f6-4ebc-8a02-e6951202aa88?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2023-6842

First published on : 09-01-2024 07:15:14
Last modified on : 09-01-2024 14:01:44

Description :
The Formidable Forms โ€“ Contact Form, Survey, Quiz, Payment, Calculator Form & Custom Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the name field label and description field label parameter in all versions up to 6.7 (inclusive) due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. By default, this only affects multi-site installations and installations where unfiltered_html has been disabled. However, in the formidable settings admins can extend form creation, deletion and other management permissions to other user types, which makes it possible for this vulnerability to be exploited by lower level user types as long as they have been granted the proper permissions.

CVE ID : CVE-2023-6842
Source : security@wordfence.com
CVSS Score : 4.4

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3017166%40formidable%2Ftrunk&old=3009066%40formidable%2Ftrunk&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/47e402c3-e06c-4ac9-8c60-5666cb1101ce?source=cve | source : security@wordfence.com


Source : splunk.com

Vulnerability ID : CVE-2024-22165

First published on : 09-01-2024 17:15:12
Last modified on : 09-01-2024 19:56:14

Description :
In Splunk Enterprise Security (ES) versions lower than 7.1.2, an attacker can create a malformed Investigation to perform a denial of service (DoS). The malformed investigation prevents the generation and rendering of the Investigations manager until it is deleted.<br>The vulnerability requires an authenticated session and access to create an Investigation. It only affects the availability of the Investigations manager, but without the manager, the Investigations functionality becomes unusable for most users.

CVE ID : CVE-2024-22165
Source : prodsec@splunk.com
CVSS Score : 6.5

References :
https://advisory.splunk.com/advisories/SVD-2024-0102 | source : prodsec@splunk.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-22164

First published on : 09-01-2024 17:15:12
Last modified on : 09-01-2024 19:56:14

Description :
In Splunk Enterprise Security (ES) versions below 7.1.2, an attacker can use investigation attachments to perform a denial of service (DoS) to the Investigation. The attachment endpoint does not properly limit the size of the request which lets an attacker cause the Investigation to become inaccessible.

CVE ID : CVE-2024-22164
Source : prodsec@splunk.com
CVSS Score : 4.3

References :
https://advisory.splunk.com/advisories/SVD-2024-0101 | source : prodsec@splunk.com

Vulnerability : CWE-400


Source : redhat.com

Vulnerability ID : CVE-2023-6476

First published on : 09-01-2024 22:15:43
Last modified on : 09-01-2024 22:15:43

Description :
A flaw was found in CRI-O that involves an experimental annotation leading to a container being unconfined. This may allow a pod to specify and get any amount of memory/cpu, circumventing the kubernetes scheduler and potentially resulting in a denial of service in the node.

CVE ID : CVE-2023-6476
Source : secalert@redhat.com
CVSS Score : 6.5

References :
https://access.redhat.com/security/cve/CVE-2023-6476 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2253994 | source : secalert@redhat.com

Vulnerability : CWE-400


Vulnerability ID : CVE-2024-0340

First published on : 09-01-2024 18:15:47
Last modified on : 09-01-2024 19:56:14

Description :
A vulnerability was found in vhost_new_msg in drivers/vhost/vhost.c in the Linux kernel, which does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This issue can allow local privileged users to read some kernel memory contents when reading from the /dev/vhost-net device file.

CVE ID : CVE-2024-0340
Source : secalert@redhat.com
CVSS Score : 4.4

References :
https://access.redhat.com/security/cve/CVE-2024-0340 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2257406 | source : secalert@redhat.com
https://lore.kernel.org/lkml/5kn47peabxjrptkqa6dwtyus35ahf4pcj4qm4pumse33kxqpjw@mec4se5relrc/T/ | source : secalert@redhat.com

Vulnerability : CWE-200


Source : sap.com

Vulnerability ID : CVE-2024-21736

First published on : 09-01-2024 02:15:45
Last modified on : 09-01-2024 14:01:44

Description :
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker to create in-house bank accounts leading to low impact on the confidentiality of the application.

CVE ID : CVE-2024-21736
Source : cna@sap.com
CVSS Score : 6.4

References :
https://me.sap.com/notes/3260667 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnerability : CWE-285


Vulnerability ID : CVE-2024-21738

First published on : 09-01-2024 02:15:46
Last modified on : 09-01-2024 14:01:44

Description :
SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the application data after successful exploitation.

CVE ID : CVE-2024-21738
Source : cna@sap.com
CVSS Score : 4.1

References :
https://me.sap.com/notes/3387737 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22124

First published on : 09-01-2024 02:15:46
Last modified on : 09-01-2024 14:01:44

Description :
Under certain conditions, Internet Communication Manager (ICM) or SAP Web Dispatcher - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22_EXT, WEBDISP 7.22_EXT, WEBDISP 7.53, WEBDISP 7.54, could allow an attacker to access information which would otherwise be restricted causing high impact on confidentiality.

CVE ID : CVE-2024-22124
Source : cna@sap.com
CVSS Score : 4.1

References :
https://me.sap.com/notes/3392626 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnerability : CWE-497


Source : vuldb.com

Vulnerability ID : CVE-2024-0342

First published on : 09-01-2024 20:15:43
Last modified on : 09-01-2024 20:15:43

Description :
A vulnerability classified as critical has been found in Inis up to 2.0.1. Affected is an unknown function of the file /app/api/controller/default/Sqlite.php. The manipulation of the argument sql leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-250110 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0342
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://note.zhaoj.in/share/nWYJHrmUqv7i | source : cna@vuldb.com
https://vuldb.com/?ctiid.250110 | source : cna@vuldb.com
https://vuldb.com/?id.250110 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-0344

First published on : 09-01-2024 21:15:08
Last modified on : 09-01-2024 21:15:08

Description :
A vulnerability, which was classified as critical, has been found in soxft TimeMail up to 1.1. Affected by this issue is some unknown functionality of the file check.php. The manipulation of the argument c leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250112.

CVE ID : CVE-2024-0344
Source : cna@vuldb.com
CVSS Score : 5.5

References :
https://note.zhaoj.in/share/VSutvlpgCJkD | source : cna@vuldb.com
https://vuldb.com/?ctiid.250112 | source : cna@vuldb.com
https://vuldb.com/?id.250112 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2023-7223

First published on : 09-01-2024 16:15:43
Last modified on : 09-01-2024 19:56:14

Description :
A vulnerability classified as problematic has been found in Totolink T6 4.1.9cu.5241_B20210923. This affects an unknown part of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument topicurl with the input showSyslog leads to improper access controls. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249867. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2023-7223
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://drive.google.com/file/d/1puSOo5XrzMrctw7EtrE7DnfssOOuhRTS/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.249867 | source : cna@vuldb.com
https://vuldb.com/?id.249867 | source : cna@vuldb.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2024-0343

First published on : 09-01-2024 20:15:43
Last modified on : 09-01-2024 20:15:43

Description :
A vulnerability classified as problematic was found in CodeAstro Simple House Rental System 5.6. Affected by this vulnerability is an unknown functionality of the component Login Panel. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250111.

CVE ID : CVE-2024-0343
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://drive.google.com/file/d/1NHdebIGiV8FybYFGXIqWHjdVGzZCQqAm/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.250111 | source : cna@vuldb.com
https://vuldb.com/?id.250111 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-0345

First published on : 09-01-2024 21:15:08
Last modified on : 09-01-2024 21:15:08

Description :
A vulnerability, which was classified as problematic, was found in CodeAstro Vehicle Booking System 1.0. This affects an unknown part of the file usr/usr-register.php of the component User Registration. The manipulation of the argument Full_Name/Last_Name/Address with the input <script>alert(document.cookie)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250113 was assigned to this vulnerability.

CVE ID : CVE-2024-0345
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://drive.google.com/file/d/1ihxLw4kzbAbDhHtca3UnTaB-iMWHi5DJ/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.250113 | source : cna@vuldb.com
https://vuldb.com/?id.250113 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-0348

First published on : 09-01-2024 22:15:44
Last modified on : 09-01-2024 22:15:44

Description :
A vulnerability was found in SourceCodester Engineers Online Portal 1.0. It has been classified as problematic. Affected is an unknown function of the component File Upload Handler. The manipulation leads to resource consumption. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250116.

CVE ID : CVE-2024-0348
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://mega.nz/file/HNkn2QbI#EjefwKgFoAjtWcxrQFMgBfhVQ1LAf2hq7Jg-nDsE-P4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.250116 | source : cna@vuldb.com
https://vuldb.com/?id.250116 | source : cna@vuldb.com

Vulnerability : CWE-400


Source : qualys.com

Vulnerability ID : CVE-2023-6147

First published on : 09-01-2024 08:15:36
Last modified on : 09-01-2024 14:01:44

Description :
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize the plugin and configure potential a rouge endpoint via which it was possible to control response for certain request which could be injected with XXE payloads leading to XXE while processing the response data

CVE ID : CVE-2023-6147
Source : bugreport@qualys.com
CVSS Score : 5.7

References :
https://www.qualys.com/security-advisories/ | source : bugreport@qualys.com

Vulnerability : CWE-611


Vulnerability ID : CVE-2023-6148

First published on : 09-01-2024 09:15:42
Last modified on : 09-01-2024 14:01:44

Description :
Qualys Jenkins Plugin for Policy Compliance prior to version and including 1.0.5 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access and access to configure or edit jobs to utilize the plugin to configure a potential rouge endpoint via which it was possible to control response for certain request which could be injected with XSS payloads leading to XSS while processing the response data

CVE ID : CVE-2023-6148
Source : bugreport@qualys.com
CVSS Score : 5.7

References :
https://www.qualys.com/security-advisories/ | source : bugreport@qualys.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-6149

First published on : 09-01-2024 09:15:42
Last modified on : 09-01-2024 14:01:44

Description :
Qualys Jenkins Plugin for WAS prior to version and including 2.0.11 was identified to be affected by a security flaw, which was missing a permission check while performing a connectivity check to Qualys Cloud Services. This allowed any user with login access to configure or edit jobs to utilize the plugin and configure potential a rouge endpoint via which it was possible to control response for certain request which could be injected with XXE payloads leading to XXE while processing the response data

CVE ID : CVE-2023-6149
Source : bugreport@qualys.com
CVSS Score : 5.7

References :
https://www.qualys.com/security-advisories/ | source : bugreport@qualys.com

Vulnerability : CWE-611


Source : proofpoint.com

Vulnerability ID : CVE-2023-5770

First published on : 09-01-2024 22:15:43
Last modified on : 09-01-2024 22:15:43

Description :
Proofpoint Enterprise Protection contains a vulnerability in the email delivery agent that allows an unauthenticated attacker to inject improperly encoded HTML into the email body of a message through the email subject. The vulnerability is caused by inappropriate encoding when rewriting the email before delivery.This issue affects Proofpoint Enterprise Protection: from 8.20.2 before patch 4809, from 8.20.0 before patch 4805, from 8.18.6 before patch 4804 and all other prior versions.

CVE ID : CVE-2023-5770
Source : security@proofpoint.com
CVSS Score : 5.3

References :
https://www.proofpoint.com/us/security/security-advisories/pfpt-sa-2023-0009 | source : security@proofpoint.com

Vulnerability : CWE-838


Source : synopsys.com

Vulnerability ID : CVE-2024-0226

First published on : 09-01-2024 18:15:47
Last modified on : 09-01-2024 19:56:14

Description :
Synopsys Seeker versions prior to 2023.12.0 are vulnerable to a stored cross-site scripting vulnerability through a specially crafted payload.

CVE ID : CVE-2024-0226
Source : disclosure@synopsys.com
CVSS Score : 4.8

References :
https://community.synopsys.com/s/article/SIG-Product-Security-Advisory-CVE-2024-0226-Affecting-Seeker | source : disclosure@synopsys.com

Vulnerability : CWE-20


Source : jetbrains.com

Vulnerability ID : CVE-2024-22370

First published on : 09-01-2024 10:15:23
Last modified on : 09-01-2024 14:01:44

Description :
In JetBrains YouTrack before 2023.3.22666 stored XSS via markdown was possible

CVE ID : CVE-2024-22370
Source : cve@jetbrains.com
CVSS Score : 4.6

References :
https://www.jetbrains.com/privacy-security/issues-fixed/ | source : cve@jetbrains.com

Vulnerability : CWE-79


Source : github.com

Vulnerability ID : CVE-2024-21668

First published on : 09-01-2024 19:15:12
Last modified on : 09-01-2024 19:56:14

Description :
react-native-mmkv is a library that allows easy use of MMKV inside React Native applications. Before version 2.11.0, the react-native-mmkv logged the optional encryption key for the MMKV database into the Android system log. The key can be obtained by anyone with access to the Android Debugging Bridge (ADB) if it is enabled in the phone settings. This bug is not present on iOS devices. By logging the encryption secret to the system logs, attackers can trivially recover the secret by enabling ADB and undermining an app's thread model. This issue has been patched in version 2.11.0.

CVE ID : CVE-2024-21668
Source : security-advisories@github.com
CVSS Score : 4.4

References :
https://github.com/mrousavy/react-native-mmkv/commit/a8995ccb7184281f7d168bad3e9987c9bd05f00d | source : security-advisories@github.com
https://github.com/mrousavy/react-native-mmkv/releases/tag/v2.11.0 | source : security-advisories@github.com
https://github.com/mrousavy/react-native-mmkv/security/advisories/GHSA-4jh3-6jhv-2mgp | source : security-advisories@github.com

Vulnerability : CWE-532


Vulnerability ID : CVE-2024-21664

First published on : 09-01-2024 20:15:43
Last modified on : 09-01-2024 20:15:43

Description :
jwx is a Go module implementing various JWx (JWA/JWE/JWK/JWS/JWT, otherwise known as JOSE) technologies. Calling `jws.Parse` with a JSON serialized payload where the `signature` field is present while `protected` is absent can lead to a nil pointer dereference. The vulnerability can be used to crash/DOS a system doing JWS verification. This vulnerability has been patched in version 2.0.19.

CVE ID : CVE-2024-21664
Source : security-advisories@github.com
CVSS Score : 4.3

References :
https://github.com/lestrrat-go/jwx/commit/0e8802ce6842625845d651456493e7c87625601f | source : security-advisories@github.com
https://github.com/lestrrat-go/jwx/commit/d69a721931a5c48b9850a42404f18e143704adcd | source : security-advisories@github.com
https://github.com/lestrrat-go/jwx/security/advisories/GHSA-pvcr-v8j8-j5q3 | source : security-advisories@github.com

Vulnerability : CWE-476


(5) LOW VULNERABILITIES [0.1, 3.9]

Source : sap.com

Vulnerability ID : CVE-2024-21734

First published on : 09-01-2024 01:15:39
Last modified on : 09-01-2024 14:01:44

Description :
SAP Marketing (Contacts App) - version 160, allows an attacker with low privileges to trick a user to open malicious page which could lead to a very convincing phishing attack with low impact on confidentiality and integrity of the application.

CVE ID : CVE-2024-21734
Source : cna@sap.com
CVSS Score : 3.7

References :
https://me.sap.com/notes/3190894 | source : cna@sap.com
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html | source : cna@sap.com

Vulnerability : CWE-601


Source : vuldb.com

Vulnerability ID : CVE-2024-0347

First published on : 09-01-2024 22:15:44
Last modified on : 09-01-2024 22:15:44

Description :
A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file signup_teacher.php. The manipulation of the argument Password leads to weak password requirements. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250115.

CVE ID : CVE-2024-0347
Source : cna@vuldb.com
CVSS Score : 3.7

References :
https://mega.nz/file/2d8GiY4Z#QSKItMUgIsW1-A-QPs9dgUSd2SCZfDg4aHORttFpUF0 | source : cna@vuldb.com
https://vuldb.com/?ctiid.250115 | source : cna@vuldb.com
https://vuldb.com/?id.250115 | source : cna@vuldb.com

Vulnerability : CWE-521


Vulnerability ID : CVE-2024-0341

First published on : 09-01-2024 19:15:11
Last modified on : 09-01-2024 19:56:14

Description :
A vulnerability was found in Inis up to 2.0.1. It has been rated as problematic. This issue affects some unknown processing of the file /app/api/controller/default/File.php of the component GET Request Handler. The manipulation of the argument path leads to path traversal: '../filedir'. The exploit has been disclosed to the public and may be used. The identifier VDB-250109 was assigned to this vulnerability.

CVE ID : CVE-2024-0341
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://note.zhaoj.in/share/VYx8H9u8gyHw | source : cna@vuldb.com
https://vuldb.com/?ctiid.250109 | source : cna@vuldb.com
https://vuldb.com/?id.250109 | source : cna@vuldb.com

Vulnerability : CWE-24


Vulnerability ID : CVE-2024-0346

First published on : 09-01-2024 22:15:43
Last modified on : 09-01-2024 22:15:43

Description :
A vulnerability has been found in CodeAstro Vehicle Booking System 1.0 and classified as problematic. This vulnerability affects unknown code of the file usr/user-give-feedback.php of the component Feedback Page. The manipulation of the argument My Testemonial leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250114 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0346
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://drive.google.com/file/d/1bao4YK4GwvAvCdCrsW5UpJZdvREdc_Yj/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.250114 | source : cna@vuldb.com
https://vuldb.com/?id.250114 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : siemens.com

Vulnerability ID : CVE-2023-51744

First published on : 09-01-2024 10:15:21
Last modified on : 09-01-2024 14:01:44

Description :
A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain a null pointer dereference vulnerability while parsing specially crafted CGM files. An attacker could leverage this vulnerability to crash the application causing denial of service condition.

CVE ID : CVE-2023-51744
Source : productcert@siemens.com
CVSS Score : 3.3

References :
https://cert-portal.siemens.com/productcert/pdf/ssa-794653.pdf | source : productcert@siemens.com

Vulnerability : CWE-476


(22) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-50162

First published on : 09-01-2024 00:15:44
Last modified on : 09-01-2024 14:01:44

Description :
SQL injection vulnerability in EmpireCMS v7.5, allows remote attackers to execute arbitrary code and obtain sensitive information via the DoExecSql function.

CVE ID : CVE-2023-50162
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Teresazdy/CVE | source : cve@mitre.org


Vulnerability ID : CVE-2023-46906

First published on : 09-01-2024 01:15:38
Last modified on : 09-01-2024 14:01:44

Description :
juzaweb <= 3.4 is vulnerable to Incorrect Access Control, resulting in an application outage after a 500 HTTP status code. The payload in the timezone field was not correctly validated.

CVE ID : CVE-2023-46906
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/juzaweb/cms | source : cve@mitre.org
https://www.sumor.top/index.php/archives/880/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-50643

First published on : 09-01-2024 01:15:38
Last modified on : 09-01-2024 14:01:44

Description :
An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components.

CVE ID : CVE-2023-50643
Source : cve@mitre.org
CVSS Score : /

References :
http://evernote.com | source : cve@mitre.org
https://github.com/V3x0r/CVE-2023-50643 | source : cve@mitre.org


Vulnerability ID : CVE-2023-26998

First published on : 09-01-2024 02:15:43
Last modified on : 09-01-2024 14:01:44

Description :
Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the creator parameter of the Alert Configuration page.

CVE ID : CVE-2023-26998
Source : cve@mitre.org
CVSS Score : /

References :
http://netscout.com | source : cve@mitre.org
http://ngeniusone.com | source : cve@mitre.org
https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-26999

First published on : 09-01-2024 02:15:44
Last modified on : 09-01-2024 14:01:44

Description :
An issue found in NetScout nGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code and cause a denial of service via a crafted file.

CVE ID : CVE-2023-26999
Source : cve@mitre.org
CVSS Score : /

References :
http://netscout.com | source : cve@mitre.org
http://ngeniusone.com | source : cve@mitre.org
https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-27000

First published on : 09-01-2024 02:15:44
Last modified on : 09-01-2024 14:01:44

Description :
Cross Site Scripting vulnerability found in NetScoutnGeniusOne v.6.3.4 allows a remote attacker to execute arbitrary code via the name parameter of the Profile and Exclusion List page(s).

CVE ID : CVE-2023-27000
Source : cve@mitre.org
CVSS Score : /

References :
http://netscout.com | source : cve@mitre.org
http://ngeniusone.com | source : cve@mitre.org
https://piotrryciak.com/posts/netscout-multiple-vulnerabilities/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-27098

First published on : 09-01-2024 02:15:44
Last modified on : 09-01-2024 14:01:44

Description :
TP-Link Tapo APK up to v2.12.703 uses hardcoded credentials for access to the login panel.

CVE ID : CVE-2023-27098
Source : cve@mitre.org
CVSS Score : /

References :
http://tp-lin.com | source : cve@mitre.org
http://tp-link.com | source : cve@mitre.org
https://github.com/c0d3x27/CVEs/tree/main/CVE-2023-27098 | source : cve@mitre.org
https://www.tp-link.com/support/contact-technical-support/#LiveChat-Support | source : cve@mitre.org


Vulnerability ID : CVE-2023-36629

First published on : 09-01-2024 02:15:44
Last modified on : 09-01-2024 14:01:44

Description :
The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read.

CVE ID : CVE-2023-36629
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/STMicroelectronics/ST54-android-packages-apps-Nfc/releases/tag/130-20230215-23W07p0 | source : cve@mitre.org
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hunting-for-android-privilege-escalation-with-a-32-line-fuzzer/ | source : cve@mitre.org
https://www.trustwave.com/hubfs/Web/Library/Advisories_txt/TWSL2023-007_Xiaomi_Redmi_10sNote-1.txt | source : cve@mitre.org


Vulnerability ID : CVE-2023-49238

First published on : 09-01-2024 02:15:44
Last modified on : 09-01-2024 14:01:44

Description :
In Gradle Enterprise before 2023.1, a remote attacker may be able to gain access to a new installation (in certain installation scenarios) because of a non-unique initial system user password. Although this password must be changed upon the first login, it is possible that an attacker logs in before the legitimate administrator logs in.

CVE ID : CVE-2023-49238
Source : cve@mitre.org
CVSS Score : /

References :
https://security.gradle.com | source : cve@mitre.org
https://security.gradle.com/advisory/2023-01 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51717

First published on : 09-01-2024 02:15:45
Last modified on : 09-01-2024 14:01:44

Description :
Dataiku DSS before 11.4.5 and 12.4.1 has Incorrect Access Control that could lead to a full authentication bypass.

CVE ID : CVE-2023-51717
Source : cve@mitre.org
CVSS Score : /

References :
https://dataiku.com | source : cve@mitre.org
https://doc.dataiku.com/dss/latest/security/advisories/dsa-2023-010.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-49235

First published on : 09-01-2024 09:15:42
Last modified on : 09-01-2024 14:01:44

Description :
An issue was discovered in libremote_dbg.so on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Filtering of debug information is mishandled during use of popen. Consequently, an attacker can bypass validation and execute a shell command.

CVE ID : CVE-2023-49235
Source : cve@mitre.org
CVSS Score : /

References :
https://drive.google.com/file/d/1lTloBkH_7zAz1ZbFVSZnfpoPd81aPaHx/view?usp=sharing | source : cve@mitre.org
https://github.com/pcsle37/TRENDnet/blob/main/TRENDnet_vul.pdf | source : cve@mitre.org


Vulnerability ID : CVE-2023-49236

First published on : 09-01-2024 09:15:42
Last modified on : 09-01-2024 14:01:44

Description :
A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci.

CVE ID : CVE-2023-49236
Source : cve@mitre.org
CVSS Score : /

References :
https://drive.google.com/file/d/1lTloBkH_7zAz1ZbFVSZnfpoPd81aPaHx/view?usp=sharing | source : cve@mitre.org
https://github.com/pcsle37/TRENDnet/blob/main/TRENDnet_vul.pdf | source : cve@mitre.org


Vulnerability ID : CVE-2023-49237

First published on : 09-01-2024 09:15:42
Last modified on : 09-01-2024 14:01:44

Description :
An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur because the system function is used by davinci to unpack language packs without strict filtering of URL strings.

CVE ID : CVE-2023-49237
Source : cve@mitre.org
CVSS Score : /

References :
https://drive.google.com/file/d/1lTloBkH_7zAz1ZbFVSZnfpoPd81aPaHx/view?usp=sharing | source : cve@mitre.org
https://github.com/pcsle37/TRENDnet/blob/main/TRENDnet_vul.pdf | source : cve@mitre.org


Vulnerability ID : CVE-2023-50585

First published on : 09-01-2024 09:15:42
Last modified on : 09-01-2024 14:01:44

Description :
Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function.

CVE ID : CVE-2023-50585
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/LaPhilosophie/IoT-vulnerable/blob/main/Tenda/A18/formSetDeviceName.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-50974

First published on : 09-01-2024 09:15:42
Last modified on : 09-01-2024 14:01:44

Description :
In Appwrite CLI before 3.0.0, when using the login command, the credentials of the Appwrite user are stored in a ~/.appwrite/prefs.json file with 0644 as UNIX permissions. Any user of the local system can access those credentials.

CVE ID : CVE-2023-50974
Source : cve@mitre.org
CVSS Score : /

References :
https://appwrite.io/docs/tooling/command-line/installation | source : cve@mitre.org
https://gist.github.com/SkypLabs/72ee00ecfa7d1a3494e2d69a24279c1d | source : cve@mitre.org


Vulnerability ID : CVE-2024-22368

First published on : 09-01-2024 09:15:42
Last modified on : 09-01-2024 14:01:44

Description :
The Spreadsheet::ParseXLSX package before 0.28 for Perl can encounter an out-of-memory condition during parsing of a crafted XLSX document. This occurs because the memoize implementation does not have appropriate constraints on merged cells.

CVE ID : CVE-2024-22368
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/haile01/perl_spreadsheet_excel_rce_poc/blob/main/parse_xlsx_bomb.md | source : cve@mitre.org
https://metacpan.org/dist/Spreadsheet-ParseXLSX/changes | source : cve@mitre.org


Vulnerability ID : CVE-2022-28975

First published on : 09-01-2024 14:15:45
Last modified on : 09-01-2024 14:55:35

Description :
A stored cross-site scripting (XSS) vulnerability in Infoblox NIOS v8.5.2-409296 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the VLAN View Name field.

CVE ID : CVE-2022-28975
Source : cve@mitre.org
CVSS Score : /

References :
http://infoblox.com | source : cve@mitre.org
https://piotrryciak.com/posts/xss-infoblox/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-38827

First published on : 09-01-2024 22:15:43
Last modified on : 09-01-2024 22:15:43

Description :
Cross Site Scripting vulnerability in Follet School Solutions Destiny v.20_0_1_AU4 and later allows a remote attacker to run arbitrary code via presentonesearchresultsform.do.

CVE ID : CVE-2023-38827
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Oracle-Security/CVEs/tree/main/Follett%20Learning%20Solutions/Destiny/CVE-2023-38827 | source : cve@mitre.org


Vulnerability ID : CVE-2023-50136

First published on : 09-01-2024 22:15:43
Last modified on : 09-01-2024 22:15:43

Description :
Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the name field when creating a new custom table.

CVE ID : CVE-2023-50136
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/yukino-hiki/CVE/blob/main/2/There%20is%20a%20stored%20xss%20at%20the%20custom%20table.md | source : cve@mitre.org


Source : openssl.org

Vulnerability ID : CVE-2023-6129

First published on : 09-01-2024 17:15:12
Last modified on : 09-01-2024 19:56:14

Description :
Issue summary: The POLY1305 MAC (message authentication code) implementation contains a bug that might corrupt the internal state of applications running on PowerPC CPU based platforms if the CPU provides vector instructions. Impact summary: If an attacker can influence whether the POLY1305 MAC algorithm is used, the application state might be corrupted with various application dependent consequences. The POLY1305 MAC (message authentication code) implementation in OpenSSL for PowerPC CPUs restores the contents of vector registers in a different order than they are saved. Thus the contents of some of these vector registers are corrupted when returning to the caller. The vulnerable code is used only on newer PowerPC processors supporting the PowerISA 2.07 instructions. The consequences of this kind of internal application state corruption can be various - from no consequences, if the calling application does not depend on the contents of non-volatile XMM registers at all, to the worst consequences, where the attacker could get complete control of the application process. However unless the compiler uses the vector registers for storing pointers, the most likely consequence, if any, would be an incorrect result of some application dependent calculations or a crash leading to a denial of service. The POLY1305 MAC algorithm is most frequently used as part of the CHACHA20-POLY1305 AEAD (authenticated encryption with associated data) algorithm. The most common usage of this AEAD cipher is with TLS protocol versions 1.2 and 1.3. If this cipher is enabled on the server a malicious client can influence whether this AEAD cipher is used. This implies that TLS server applications using OpenSSL can be potentially impacted. However we are currently not aware of any concrete application that would be affected by this issue therefore we consider this a Low severity security issue.

CVE ID : CVE-2023-6129
Source : openssl-security@openssl.org
CVSS Score : /

References :
http://www.openwall.com/lists/oss-security/2024/01/09/1 | source : openssl-security@openssl.org
https://github.com/openssl/openssl/commit/050d26383d4e264966fb83428e72d5d48f402d35 | source : openssl-security@openssl.org
https://github.com/openssl/openssl/commit/5b139f95c9a47a55a0c54100f3837b1eee942b04 | source : openssl-security@openssl.org
https://github.com/openssl/openssl/commit/f3fc5808fe9ff74042d639839610d03b8fdcc015 | source : openssl-security@openssl.org
https://www.openssl.org/news/secadv/20240109.txt | source : openssl-security@openssl.org


Source : google.com

Vulnerability ID : CVE-2024-0228

First published on : 09-01-2024 17:15:12
Last modified on : 09-01-2024 17:15:12

Description :
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2024-0193.

CVE ID : CVE-2024-0228
Source : cve-coordination@google.com
CVSS Score : /

References :


Source : apple.com

Vulnerability ID : CVE-2022-48618

First published on : 09-01-2024 18:15:45
Last modified on : 09-01-2024 19:56:14

Description :
The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.

CVE ID : CVE-2022-48618
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT213530 | source : product-security@apple.com
https://support.apple.com/en-us/HT213532 | source : product-security@apple.com
https://support.apple.com/en-us/HT213535 | source : product-security@apple.com
https://support.apple.com/en-us/HT213536 | source : product-security@apple.com


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.