Latest vulnerabilities [Tuesday, January 16, 2024]

Latest vulnerabilities [Tuesday, January 16, 2024]
{{titre}}

Last update performed on 01/16/2024 at 11:57:07 PM

(2) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : atlassian.com

Vulnerability ID : CVE-2023-22527

First published on : 16-01-2024 05:15:08
Last modified on : 16-01-2024 18:15:09

Description :
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server are not affected by this vulnerability as it was ultimately mitigated during regular version updates. However, Atlassian recommends that customers take care to install the latest version to protect their instances from non-critical vulnerabilities outlined in Atlassianโ€™s January Security Bulletin.

CVE ID : CVE-2023-22527
Source : security@atlassian.com
CVSS Score : 10.0

References :
https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 | source : security@atlassian.com
https://jira.atlassian.com/browse/CONFSERVER-93833 | source : security@atlassian.com


Source : vmware.com

Vulnerability ID : CVE-2023-34063

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.

CVE ID : CVE-2023-34063
Source : security@vmware.com
CVSS Score : 9.9

References :
https://www.vmware.com/security/advisories/VMSA-2024-0001.html | source : security@vmware.com


(32) HIGH VULNERABILITIES [7.0, 8.9]

Source : vuldb.com

Vulnerability ID : CVE-2024-0571

First published on : 16-01-2024 14:15:48
Last modified on : 16-01-2024 14:15:48

Description :
A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. This issue affects the function setSmsCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument text leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250787. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0571
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/1/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250787 | source : cna@vuldb.com
https://vuldb.com/?id.250787 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2024-0572

First published on : 16-01-2024 14:15:49
Last modified on : 16-01-2024 14:15:49

Description :
A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function setOpModeCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument pppoeUser leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250788. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0572
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/2/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250788 | source : cna@vuldb.com
https://vuldb.com/?id.250788 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2024-0573

First published on : 16-01-2024 15:15:08
Last modified on : 16-01-2024 15:15:08

Description :
A vulnerability has been found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this vulnerability is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250789 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0573
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/3/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250789 | source : cna@vuldb.com
https://vuldb.com/?id.250789 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2024-0574

First published on : 16-01-2024 15:15:09
Last modified on : 16-01-2024 15:15:09

Description :
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130 and classified as critical. Affected by this issue is the function setParentalRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250790 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0574
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/4/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250790 | source : cna@vuldb.com
https://vuldb.com/?id.250790 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2024-0575

First published on : 16-01-2024 15:15:09
Last modified on : 16-01-2024 15:15:09

Description :
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been classified as critical. This affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250791. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0575
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/5/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250791 | source : cna@vuldb.com
https://vuldb.com/?id.250791 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2024-0576

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been declared as critical. This vulnerability affects the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sPort leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250792. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0576
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/6/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250792 | source : cna@vuldb.com
https://vuldb.com/?id.250792 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2024-0577

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as critical. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument lang leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250793 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0577
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/7/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250793 | source : cna@vuldb.com
https://vuldb.com/?id.250793 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2024-0578

First published on : 16-01-2024 16:15:15
Last modified on : 16-01-2024 16:15:15

Description :
A vulnerability classified as critical has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected is the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument File leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-250794 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0578
Source : cna@vuldb.com
CVSS Score : 8.8

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/8/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250794 | source : cna@vuldb.com
https://vuldb.com/?id.250794 | source : cna@vuldb.com

Vulnerability : CWE-121


Vulnerability ID : CVE-2024-0570

First published on : 16-01-2024 14:15:48
Last modified on : 16-01-2024 14:15:48

Description :
A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6265. This vulnerability affects unknown code of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component. VDB-250786 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0570
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://drive.google.com/file/d/1xmGHvjMTaOn7v6buju5Ifuti3q47G7yF/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.250786 | source : cna@vuldb.com
https://vuldb.com/?id.250786 | source : cna@vuldb.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2024-0603

First published on : 16-01-2024 22:15:38
Last modified on : 16-01-2024 22:15:38

Description :
A vulnerability classified as critical has been found in ZhiCms up to 4.0. This affects an unknown part of the file app/plug/controller/giftcontroller.php. The manipulation of the argument mylike leads to deserialization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250839.

CVE ID : CVE-2024-0603
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/n3QsNbORUR0e | source : cna@vuldb.com
https://vuldb.com/?ctiid.250839 | source : cna@vuldb.com
https://vuldb.com/?id.250839 | source : cna@vuldb.com

Vulnerability : CWE-502


Source : atlassian.com

Vulnerability ID : CVE-2024-21674

First published on : 16-01-2024 05:15:08
Last modified on : 16-01-2024 13:56:05

Description :
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has high impact to confidentiality, no impact to integrity, no impact to availability, and does not require user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: * Confluence Data Center and Server 7.19: Upgrade to a release 7.19.18, or any higher 7.19.x release * Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release * Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ).

CVE ID : CVE-2024-21674
Source : security@atlassian.com
CVSS Score : 8.6

References :
https://jira.atlassian.com/browse/CONFSERVER-94066 | source : security@atlassian.com


Vulnerability ID : CVE-2024-21672

First published on : 16-01-2024 05:15:08
Last modified on : 16-01-2024 13:56:05

Description :
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 2.1.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.3 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H allows an unauthenticated attacker to remotely expose assets in your environment susceptible to exploitation which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: * Confluence Data Center and Server 7.19: Upgrade to a release 7.19.18, or any higher 7.19.x release * Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release * Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives).

CVE ID : CVE-2024-21672
Source : security@atlassian.com
CVSS Score : 8.3

References :
https://jira.atlassian.com/browse/CONFSERVER-94064 | source : security@atlassian.com


Vulnerability ID : CVE-2024-21673

First published on : 16-01-2024 05:15:08
Last modified on : 16-01-2024 13:56:05

Description :
This High severity Remote Code Execution (RCE) vulnerability was introduced in versions 7.13.0 of Confluence Data Center and Server. Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.0 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H allows an authenticated attacker to expose assets in your environment susceptible to exploitation which has high impact to confidentiality, high impact to integrity, high impact to availability, and does not require user interaction. Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: * Confluence Data Center and Server 7.19: Upgrade to a release 7.19.18, or any higher 7.19.x release * Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release * Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ).

CVE ID : CVE-2024-21673
Source : security@atlassian.com
CVSS Score : 8.0

References :
https://jira.atlassian.com/browse/CONFSERVER-94065 | source : security@atlassian.com


Vulnerability ID : CVE-2023-22526

First published on : 16-01-2024 05:15:07
Last modified on : 16-01-2024 13:56:05

Description :
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 7.19.0 of Confluence Data Center. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.2, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Confluence Data Center customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Confluence Data Center and Server 7.19: Upgrade to a release 7.19.17, or any higher 7.19.x release Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release See the release notes ([https://confluence.atlassian.com/doc/confluence-release-notes-327.html]). You can download the latest version of Confluence Data Center from the download center ([https://www.atlassian.com/software/confluence/download-archives]). This vulnerability was discovered by m1sn0w and reported via our Bug Bounty program

CVE ID : CVE-2023-22526
Source : security@atlassian.com
CVSS Score : 7.2

References :
https://confluence.atlassian.com/pages/viewpage.action?pageId=1333335615 | source : security@atlassian.com
https://jira.atlassian.com/browse/CONFSERVER-93516 | source : security@atlassian.com


Source : edk2.groups.io

Vulnerability ID : CVE-2023-45230

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 18:15:09

Description :
EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.

CVE ID : CVE-2023-45230
Source : infosec@edk2.groups.io
CVSS Score : 8.3

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-45234

First published on : 16-01-2024 16:15:12
Last modified on : 16-01-2024 18:15:09

Description :
EDK2's Network Package is susceptible to a buffer overflow vulnerability when processing DNS Servers option from a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.

CVE ID : CVE-2023-45234
Source : infosec@edk2.groups.io
CVSS Score : 8.3

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-45235

First published on : 16-01-2024 16:15:12
Last modified on : 16-01-2024 18:15:10

Description :
EDK2's Network Package is susceptible to a buffer overflow vulnerability when handling Server ID option from a DHCPv6 proxy Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality, Integrity and/or Availability.

CVE ID : CVE-2023-45235
Source : infosec@edk2.groups.io
CVSS Score : 8.3

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-119


Vulnerability ID : CVE-2023-45232

First published on : 16-01-2024 16:15:12
Last modified on : 16-01-2024 18:15:09

Description :
EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.

CVE ID : CVE-2023-45232
Source : infosec@edk2.groups.io
CVSS Score : 7.5

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-835


Vulnerability ID : CVE-2023-45233

First published on : 16-01-2024 16:15:12
Last modified on : 16-01-2024 18:15:09

Description :
EDK2's Network Package is susceptible to an infinite lop vulnerability when parsing a PadN option in the Destination Options header of IPv6. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Availability.

CVE ID : CVE-2023-45233
Source : infosec@edk2.groups.io
CVSS Score : 7.5

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-835


Source : oracle.com

Vulnerability ID : CVE-2024-20916

First published on : 16-01-2024 22:15:39
Last modified on : 16-01-2024 22:15:39

Description :
Vulnerability in the Oracle Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). The supported version that is affected is 13.5.0.0. Easily exploitable vulnerability allows high privileged attacker with access to the physical communication segment attached to the hardware where the Oracle Enterprise Manager Base Platform executes to compromise Oracle Enterprise Manager Base Platform. While the vulnerability is in Oracle Enterprise Manager Base Platform, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Enterprise Manager Base Platform accessible data as well as unauthorized access to critical data or complete access to all Oracle Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Enterprise Manager Base Platform. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).

CVE ID : CVE-2024-20916
Source : secalert_us@oracle.com
CVSS Score : 8.3

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20924

First published on : 16-01-2024 22:15:40
Last modified on : 16-01-2024 22:15:40

Description :
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Audit Vault and Database Firewall, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Audit Vault and Database Firewall. CVSS 3.1 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:H/I:H/A:H).

CVE ID : CVE-2024-20924
Source : secalert_us@oracle.com
CVSS Score : 7.6

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20932

First published on : 16-01-2024 22:15:40
Last modified on : 16-01-2024 22:15:40

Description :
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 17.0.9; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 21.3.8 and 22.3.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N).

CVE ID : CVE-2024-20932
Source : secalert_us@oracle.com
CVSS Score : 7.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2023-21901

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 8.0.7, 8.0.8, 8.0.9, 8.1.0, 8.1.1 and 8.1.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. While the vulnerability is in Oracle Financial Services Analytical Applications Infrastructure, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Analytical Applications Infrastructure accessible data as well as unauthorized read access to a subset of Oracle Financial Services Analytical Applications Infrastructure accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Financial Services Analytical Applications Infrastructure. CVSS 3.1 Base Score 7.4 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L).

CVE ID : CVE-2023-21901
Source : secalert_us@oracle.com
CVSS Score : 7.4

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20918

First published on : 16-01-2024 22:15:39
Last modified on : 16-01-2024 22:15:39

Description :
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).

CVE ID : CVE-2024-20918
Source : secalert_us@oracle.com
CVSS Score : 7.4

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20952

First published on : 16-01-2024 22:15:42
Last modified on : 16-01-2024 22:15:42

Description :
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).

CVE ID : CVE-2024-20952
Source : secalert_us@oracle.com
CVSS Score : 7.4

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Source : redhat.com

Vulnerability ID : CVE-2024-0582

First published on : 16-01-2024 15:15:09
Last modified on : 16-01-2024 15:15:09

Description :
A memory leak flaw was found in the Linux kernelโ€™s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system.

CVE ID : CVE-2024-0582
Source : secalert@redhat.com
CVSS Score : 7.8

References :
https://access.redhat.com/security/cve/CVE-2024-0582 | source : secalert@redhat.com
https://bugs.chromium.org/p/project-zero/issues/detail?id=2504 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2254050 | source : secalert@redhat.com
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c392cbecd8eca4c53f2bf508731257d9d0a21c2d | source : secalert@redhat.com

Vulnerability : CWE-416


Source : github.com

Vulnerability ID : CVE-2024-22191

First published on : 16-01-2024 22:15:46
Last modified on : 16-01-2024 22:15:46

Description :
Avo is a framework to create admin panels for Ruby on Rails apps. A stored cross-site scripting (XSS) vulnerability was found in the key_value field of Avo v3.2.3. This vulnerability could allow an attacker to execute arbitrary JavaScript code in the victim's browser. The value of the key_value is inserted directly into the HTML code. In the current version of Avo (possibly also older versions), the value is not properly sanitized before it is inserted into the HTML code. This vulnerability could be used to steal sensitive information from victims that could be used to hijack victims' accounts or redirect them to malicious websites. Avo 3.2.4 includes a fix for this issue. Users are advised to upgrade.

CVE ID : CVE-2024-22191
Source : security-advisories@github.com
CVSS Score : 7.3

References :
https://github.com/avo-hq/avo/commit/51bb80b181cd8e31744bdc4e7f9b501c81172347 | source : security-advisories@github.com
https://github.com/avo-hq/avo/security/advisories/GHSA-ghjv-mh6x-7q6h | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-0200

First published on : 16-01-2024 19:15:08
Last modified on : 16-01-2024 19:15:08

Description :
An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the GHES instance with the organization owner role. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.12 and was fixed in versions 3.8.13, 3.9.8, 3.10.5, and 3.11.3. This vulnerability was reported via the GitHub Bug Bounty program.

CVE ID : CVE-2024-0200
Source : product-cna@github.com
CVSS Score : 7.2

References :
https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8 | source : product-cna@github.com

Vulnerability : CWE-470


Source : hypr.com

Vulnerability ID : CVE-2023-6336

First published on : 16-01-2024 20:15:45
Last modified on : 16-01-2024 20:15:45

Description :
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on MacOS allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.

CVE ID : CVE-2023-6336
Source : security@hypr.com
CVSS Score : 7.2

References :
https://www.hypr.com/security-advisories | source : security@hypr.com

Vulnerability : CWE-59


Vulnerability ID : CVE-2023-5097

First published on : 16-01-2024 20:15:45
Last modified on : 16-01-2024 20:15:45

Description :
Improper Input Validation vulnerability in HYPR Workforce Access on Windows allows Path Traversal.This issue affects Workforce Access: before 8.7.

CVE ID : CVE-2023-5097
Source : security@hypr.com
CVSS Score : 7.0

References :
https://www.hypr.com/security-advisories | source : security@hypr.com

Vulnerability : CWE-20


Source : incibe.es

Vulnerability ID : CVE-2024-0556

First published on : 16-01-2024 11:15:08
Last modified on : 16-01-2024 13:56:05

Description :
A Weak Cryptography for Passwords vulnerability has been detected on WIC200 affecting version 1.1. This vulnerability allows a remote user to intercept the traffic and retrieve the credentials from another user and decode it in base64 allowing the attacker to see the credentials in plain text.

CVE ID : CVE-2024-0556
Source : cve-coordination@incibe.es
CVSS Score : 7.1

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-full-compass-systems-wic1200 | source : cve-coordination@incibe.es

Vulnerability : CWE-261


Source : emc.com

Vulnerability ID : CVE-2024-22428

First published on : 16-01-2024 04:15:08
Last modified on : 16-01-2024 13:56:05

Description :
Dell iDRAC Service Module, versions 5.2.0.0 and prior, contain an Incorrect Default Permissions vulnerability. It may allow a local unprivileged user to escalate privileges and execute arbitrary code on the affected system. Dell recommends customers upgrade at the earliest opportunity.

CVE ID : CVE-2024-22428
Source : security_alert@emc.com
CVSS Score : 7.0

References :
https://www.dell.com/support/kbdoc/en-us/000221129/dsa-2024-018-security-update-for-dell-idrac-service-module-for-weak-folder-permission-vulnerabilities | source : security_alert@emc.com

Vulnerability : CWE-276


(59) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : redhat.com

Vulnerability ID : CVE-2023-6395

First published on : 16-01-2024 15:15:08
Last modified on : 16-01-2024 21:15:08

Description :
The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvertently permit less privileged users to define configuration tags. These tags could then be passed as parameters to mock during execution, potentially leading to the utilization of Jinja2 templates for remote privilege escalation and the execution of arbitrary code as the root user on the build server.

CVE ID : CVE-2023-6395
Source : secalert@redhat.com
CVSS Score : 6.7

References :
http://www.openwall.com/lists/oss-security/2024/01/16/1 | source : secalert@redhat.com
http://www.openwall.com/lists/oss-security/2024/01/16/3 | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-6395 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2252206 | source : secalert@redhat.com
https://github.com/xsuchy/templated-dictionary/commit/0740bd0ca8d487301881541028977d120f8b8933 | source : secalert@redhat.com
https://github.com/xsuchy/templated-dictionary/commit/bcd90f0dafa365575c4b101e6f5d98c4ef4e4b69 | source : secalert@redhat.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-0584

First published on : 16-01-2024 14:15:49
Last modified on : 16-01-2024 14:15:49

Description :
A use-after-free issue was found in igmp_start_timer in net/ipv4/igmp.c in the network sub-component in the Linux Kernel. This flaw allows a local user to observe a refcnt use-after-free issue when receiving an igmp query packet, leading to a kernel information leak.

CVE ID : CVE-2024-0584
Source : secalert@redhat.com
CVSS Score : 6.3

References :
https://access.redhat.com/security/cve/CVE-2024-0584 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2258584 | source : secalert@redhat.com
https://lore.kernel.org/netdev/170083982540.9628.4546899811301303734.git-patchwork-notify@kernel.org/T/ | source : secalert@redhat.com

Vulnerability : CWE-416


Vulnerability ID : CVE-2024-0553

First published on : 16-01-2024 12:15:45
Last modified on : 16-01-2024 13:56:05

Description :
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.

CVE ID : CVE-2024-0553
Source : secalert@redhat.com
CVSS Score : 5.9

References :
https://access.redhat.com/security/cve/CVE-2024-0553 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2258412 | source : secalert@redhat.com
https://gitlab.com/gnutls/gnutls/-/issues/1522 | source : secalert@redhat.com
https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html | source : secalert@redhat.com

Vulnerability : CWE-203


Vulnerability ID : CVE-2024-0567

First published on : 16-01-2024 14:15:48
Last modified on : 16-01-2024 14:15:48

Description :
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

CVE ID : CVE-2024-0567
Source : secalert@redhat.com
CVSS Score : 5.9

References :
https://access.redhat.com/security/cve/CVE-2024-0567 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2258544 | source : secalert@redhat.com
https://gitlab.com/gnutls/gnutls/-/issues/1521 | source : secalert@redhat.com
https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html | source : secalert@redhat.com

Vulnerability : CWE-347


Vulnerability ID : CVE-2024-0232

First published on : 16-01-2024 14:15:48
Last modified on : 16-01-2024 14:15:48

Description :
A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service.

CVE ID : CVE-2024-0232
Source : secalert@redhat.com
CVSS Score : 4.7

References :
https://access.redhat.com/security/cve/CVE-2024-0232 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2243754 | source : secalert@redhat.com

Vulnerability : CWE-416


Source : hitachi.co.jp

Vulnerability ID : CVE-2023-6457

First published on : 16-01-2024 01:15:34
Last modified on : 16-01-2024 13:56:05

Description :
Incorrect Default Permissions vulnerability in Hitachi Tuning Manager on Windows (Hitachi Tuning Manager server component) allows local users to read and write specific files.This issue affects Hitachi Tuning Manager: before 8.8.5-04.

CVE ID : CVE-2023-6457
Source : hirt@hitachi.co.jp
CVSS Score : 6.6

References :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-104/index.html | source : hirt@hitachi.co.jp

Vulnerability : CWE-276


Vulnerability ID : CVE-2023-49107

First published on : 16-01-2024 01:15:34
Last modified on : 16-01-2024 13:56:05

Description :
Generation of Error Message Containing Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent modules).This issue affects Hitachi Device Manager: before 8.8.5-04.

CVE ID : CVE-2023-49107
Source : hirt@hitachi.co.jp
CVSS Score : 5.3

References :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-101/index.html | source : hirt@hitachi.co.jp

Vulnerability : CWE-209


Vulnerability ID : CVE-2023-49106

First published on : 16-01-2024 01:15:34
Last modified on : 16-01-2024 13:56:05

Description :
Missing Password Field Masking vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Agent component).This issue affects Hitachi Device Manager: before 8.8.5-04.

CVE ID : CVE-2023-49106
Source : hirt@hitachi.co.jp
CVSS Score : 4.6

References :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-101/index.html | source : hirt@hitachi.co.jp

Vulnerability : CWE-549


Source : edk2.groups.io

Vulnerability ID : CVE-2023-45229

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 18:15:09

Description :
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

CVE ID : CVE-2023-45229
Source : infosec@edk2.groups.io
CVSS Score : 6.5

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-125


Vulnerability ID : CVE-2023-45231

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 18:15:09

Description :
EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing Neighbor Discovery Redirect message. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

CVE ID : CVE-2023-45231
Source : infosec@edk2.groups.io
CVSS Score : 6.5

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-125


Vulnerability ID : CVE-2023-45236

First published on : 16-01-2024 16:15:12
Last modified on : 16-01-2024 18:15:10

Description :
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

CVE ID : CVE-2023-45236
Source : infosec@edk2.groups.io
CVSS Score : 5.8

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-45237

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 18:15:10

Description :
EDK2's Network Package is susceptible to a predictable TCP Initial Sequence Number. This vulnerability can be exploited by an attacker to gain unauthorized access and potentially lead to a loss of Confidentiality.

CVE ID : CVE-2023-45237
Source : infosec@edk2.groups.io
CVSS Score : 5.3

References :
http://www.openwall.com/lists/oss-security/2024/01/16/2 | source : infosec@edk2.groups.io
https://github.com/tianocore/edk2/security/advisories/GHSA-hc6x-cw6p-gj7h | source : infosec@edk2.groups.io

Vulnerability : CWE-338


Source : github.com

Vulnerability ID : CVE-2024-0507

First published on : 16-01-2024 19:15:08
Last modified on : 16-01-2024 19:15:08

Description :
An attacker with access to a Management Console user account with the editor role could escalate privileges through a command injection vulnerability in the Management Console. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program.

CVE ID : CVE-2024-0507
Source : product-cna@github.com
CVSS Score : 6.5

References :
https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8 | source : product-cna@github.com

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-21670

First published on : 16-01-2024 22:15:45
Last modified on : 16-01-2024 22:15:45

Description :
Ursa is a cryptographic library for use with blockchains. The revocation schema that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model, allowing a malicious holder of a revoked credential to generate a valid Non-Revocation Proof for that credential as part of an AnonCreds presentation. A verifier may verify a credential from a holder as being "not revoked" when in fact, the holder's credential has been revoked. Ursa has moved to end-of-life status and no fix is expected.

CVE ID : CVE-2024-21670
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/hyperledger-archives/ursa/security/advisories/GHSA-r78f-4q2q-hvv4 | source : security-advisories@github.com

Vulnerability : CWE-327


Vulnerability ID : CVE-2024-22192

First published on : 16-01-2024 22:15:46
Last modified on : 16-01-2024 22:15:46

Description :
Ursa is a cryptographic library for use with blockchains. The revocation scheme that is part of the Ursa CL-Signatures implementations has a flaw that could impact the privacy guarantees defined by the AnonCreds verifiable credential model. Notably, a malicious verifier may be able to generate a unique identifier for a holder providing a verifiable presentation that includes a Non-Revocation proof. The impact of the flaw is that a malicious verifier may be able to determine a unique identifier for a holder presenting a Non-Revocation proof. Ursa has moved to end-of-life status and no fix is expected.

CVE ID : CVE-2024-22192
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/hyperledger-archives/ursa/security/advisories/GHSA-6698-mhxx-r84g | source : security-advisories@github.com

Vulnerability : CWE-327


Vulnerability ID : CVE-2024-22411

First published on : 16-01-2024 22:15:46
Last modified on : 16-01-2024 22:15:46

Description :
Avo is a framework to create admin panels for Ruby on Rails apps. In Avo 3 pre12 any HTML inside text that is passed to `error` or `succeed` in an `Avo::BaseAction` subclass will be rendered directly without sanitization in the toast/notification that appears in the UI on Action completion. A malicious user could exploit this vulnerability to trigger a cross site scripting attack on an unsuspecting user. This issue has been addressed in the 3.0.0 release of Avo. Users are advised to upgrade.

CVE ID : CVE-2024-22411
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/avo-hq/avo/security/advisories/GHSA-g8vp-2v5p-9qfh | source : security-advisories@github.com

Vulnerability : CWE-79


Source : oracle.com

Vulnerability ID : CVE-2024-20961

First published on : 16-01-2024 22:15:43
Last modified on : 16-01-2024 22:15:43

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20961
Source : secalert_us@oracle.com
CVSS Score : 6.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20963

First published on : 16-01-2024 22:15:43
Last modified on : 16-01-2024 22:15:43

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20963
Source : secalert_us@oracle.com
CVSS Score : 6.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20973

First published on : 16-01-2024 22:15:44
Last modified on : 16-01-2024 22:15:44

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20973
Source : secalert_us@oracle.com
CVSS Score : 6.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20975

First published on : 16-01-2024 22:15:44
Last modified on : 16-01-2024 22:15:44

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20975
Source : secalert_us@oracle.com
CVSS Score : 6.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20977

First published on : 16-01-2024 22:15:44
Last modified on : 16-01-2024 22:15:44

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20977
Source : secalert_us@oracle.com
CVSS Score : 6.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20985

First published on : 16-01-2024 22:15:45
Last modified on : 16-01-2024 22:15:45

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20985
Source : secalert_us@oracle.com
CVSS Score : 6.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20930

First published on : 16-01-2024 22:15:40
Last modified on : 16-01-2024 22:15:40

Description :
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Content Access SDK, Image Export SDK, PDF Export SDK, HTML Export SDK). The supported version that is affected is 8.5.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. CVSS 3.1 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).

CVE ID : CVE-2024-20930
Source : secalert_us@oracle.com
CVSS Score : 6.3

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20908

First published on : 16-01-2024 22:15:38
Last modified on : 16-01-2024 22:15:38

Description :
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data as well as unauthorized read access to a subset of Oracle WebCenter Sites accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20908
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20928

First published on : 16-01-2024 22:15:40
Last modified on : 16-01-2024 22:15:40

Description :
Vulnerability in the Oracle WebCenter Content product of Oracle Fusion Middleware (component: Content Server). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Content. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Content, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Content accessible data as well as unauthorized read access to a subset of Oracle WebCenter Content accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20928
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20934

First published on : 16-01-2024 22:15:40
Last modified on : 16-01-2024 22:15:40

Description :
Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: Engineering Change Order). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Installed Base. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Installed Base, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Installed Base accessible data as well as unauthorized read access to a subset of Oracle Installed Base accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20934
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20936

First published on : 16-01-2024 22:15:41
Last modified on : 16-01-2024 22:15:41

Description :
Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Documents). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data as well as unauthorized read access to a subset of Oracle One-to-One Fulfillment accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20936
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20938

First published on : 16-01-2024 22:15:41
Last modified on : 16-01-2024 22:15:41

Description :
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: ECC). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iStore. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iStore, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle iStore accessible data as well as unauthorized read access to a subset of Oracle iStore accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20938
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20940

First published on : 16-01-2024 22:15:41
Last modified on : 16-01-2024 22:15:41

Description :
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Create, Update, Authoring Flow). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Knowledge Management accessible data as well as unauthorized read access to a subset of Oracle Knowledge Management accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20940
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20942

First published on : 16-01-2024 22:15:41
Last modified on : 16-01-2024 22:15:41

Description :
Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: LOV). Supported versions that are affected are 11.5, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Complex Maintenance, Repair, and Overhaul. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Complex Maintenance, Repair, and Overhaul, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Complex Maintenance, Repair, and Overhaul accessible data as well as unauthorized read access to a subset of Oracle Complex Maintenance, Repair, and Overhaul accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20942
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20948

First published on : 16-01-2024 22:15:42
Last modified on : 16-01-2024 22:15:42

Description :
Vulnerability in the Oracle Knowledge Management product of Oracle E-Business Suite (component: Setup, Admin). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Knowledge Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Knowledge Management, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Knowledge Management accessible data as well as unauthorized read access to a subset of Oracle Knowledge Management accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20948
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20950

First published on : 16-01-2024 22:15:42
Last modified on : 16-01-2024 22:15:42

Description :
Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Customer Interaction History. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Customer Interaction History, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Customer Interaction History accessible data as well as unauthorized read access to a subset of Oracle Customer Interaction History accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20950
Source : secalert_us@oracle.com
CVSS Score : 6.1

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20926

First published on : 16-01-2024 22:15:40
Last modified on : 16-01-2024 22:15:40

Description :
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

CVE ID : CVE-2024-20926
Source : secalert_us@oracle.com
CVSS Score : 5.9

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20946

First published on : 16-01-2024 22:15:41
Last modified on : 16-01-2024 22:15:41

Description :
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20946
Source : secalert_us@oracle.com
CVSS Score : 5.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20967

First published on : 16-01-2024 22:15:43
Last modified on : 16-01-2024 22:15:43

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

CVE ID : CVE-2024-20967
Source : secalert_us@oracle.com
CVSS Score : 5.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20969

First published on : 16-01-2024 22:15:44
Last modified on : 16-01-2024 22:15:44

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).

CVE ID : CVE-2024-20969
Source : secalert_us@oracle.com
CVSS Score : 5.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20944

First published on : 16-01-2024 22:15:41
Last modified on : 16-01-2024 22:15:41

Description :
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Internal Operations). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle iSupport accessible data as well as unauthorized read access to a subset of Oracle iSupport accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20944
Source : secalert_us@oracle.com
CVSS Score : 5.4

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20979

First published on : 16-01-2024 22:15:44
Last modified on : 16-01-2024 22:15:44

Description :
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle BI Publisher, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle BI Publisher accessible data as well as unauthorized read access to a subset of Oracle BI Publisher accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20979
Source : secalert_us@oracle.com
CVSS Score : 5.4

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20987

First published on : 16-01-2024 22:15:45
Last modified on : 16-01-2024 22:15:45

Description :
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle BI Publisher, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle BI Publisher accessible data as well as unauthorized read access to a subset of Oracle BI Publisher accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20987
Source : secalert_us@oracle.com
CVSS Score : 5.4

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20904

First published on : 16-01-2024 22:15:38
Last modified on : 16-01-2024 22:15:38

Description :
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics (component: Pod Admin). Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. While the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.1 Base Score 5.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).

CVE ID : CVE-2024-20904
Source : secalert_us@oracle.com
CVSS Score : 5.0

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20965

First published on : 16-01-2024 22:15:43
Last modified on : 16-01-2024 22:15:43

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20965
Source : secalert_us@oracle.com
CVSS Score : 4.9

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20971

First published on : 16-01-2024 22:15:44
Last modified on : 16-01-2024 22:15:44

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20971
Source : secalert_us@oracle.com
CVSS Score : 4.9

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20981

First published on : 16-01-2024 22:15:45
Last modified on : 16-01-2024 22:15:45

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.35 and prior and 8.2.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20981
Source : secalert_us@oracle.com
CVSS Score : 4.9

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20983

First published on : 16-01-2024 22:15:45
Last modified on : 16-01-2024 22:15:45

Description :
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.34 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20983
Source : secalert_us@oracle.com
CVSS Score : 4.9

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20906

First published on : 16-01-2024 22:15:38
Last modified on : 16-01-2024 22:15:38

Description :
Vulnerability in the Integrated Lights Out Manager (ILOM) product of Oracle Systems (component: System Management). Supported versions that are affected are 3, 4 and 5. Easily exploitable vulnerability allows high privileged attacker with network access via ICMP to compromise Integrated Lights Out Manager (ILOM). Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Integrated Lights Out Manager (ILOM), attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Integrated Lights Out Manager (ILOM) accessible data as well as unauthorized read access to a subset of Integrated Lights Out Manager (ILOM) accessible data. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N).

CVE ID : CVE-2024-20906
Source : secalert_us@oracle.com
CVSS Score : 4.8

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20959

First published on : 16-01-2024 22:15:43
Last modified on : 16-01-2024 22:15:43

Description :
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle ZFS Storage Appliance Kit. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

CVE ID : CVE-2024-20959
Source : secalert_us@oracle.com
CVSS Score : 4.4

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Source : hypr.com

Vulnerability ID : CVE-2023-6335

First published on : 16-01-2024 20:15:45
Last modified on : 16-01-2024 20:15:45

Description :
Improper Link Resolution Before File Access ('Link Following') vulnerability in HYPR Workforce Access on Windows allows User-Controlled Filename.This issue affects Workforce Access: before 8.7.

CVE ID : CVE-2023-6335
Source : security@hypr.com
CVSS Score : 6.4

References :
https://www.hypr.com/security-advisories | source : security@hypr.com

Vulnerability : CWE-59


Vulnerability ID : CVE-2023-6334

First published on : 16-01-2024 20:15:45
Last modified on : 16-01-2024 20:15:45

Description :
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in HYPR Workforce Access on Windows allows Overflow Buffers.This issue affects Workforce Access: before 8.7.

CVE ID : CVE-2023-6334
Source : security@hypr.com
CVSS Score : 5.3

References :
https://www.hypr.com/security-advisories | source : security@hypr.com

Vulnerability : CWE-119


Source : vuldb.com

Vulnerability ID : CVE-2011-10005

First published on : 16-01-2024 08:15:07
Last modified on : 16-01-2024 13:56:05

Description :
A vulnerability, which was classified as critical, was found in EasyFTP 1.7.0.2. Affected is an unknown function of the component MKD Command Handler. The manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250716.

CVE ID : CVE-2011-10005
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://vuldb.com/?ctiid.250716 | source : cna@vuldb.com
https://vuldb.com/?id.250716 | source : cna@vuldb.com
https://www.exploit-db.com/exploits/17354 | source : cna@vuldb.com

Vulnerability : CWE-120


Vulnerability ID : CVE-2024-0579

First published on : 16-01-2024 17:15:08
Last modified on : 16-01-2024 17:15:08

Description :
A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452. Affected by this vulnerability is the function formMapDelDevice of the file /boafrm/formMapDelDevice. The manipulation of the argument macstr leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250795. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID : CVE-2024-0579
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/jylsec/vuldb/blob/main/TOTOLINK/X2000R/1/README.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250795 | source : cna@vuldb.com
https://vuldb.com/?id.250795 | source : cna@vuldb.com

Vulnerability : CWE-77


Vulnerability ID : CVE-2024-0601

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
A vulnerability was found in ZhongFuCheng3y Austin 1.0. It has been rated as critical. Affected by this issue is the function getRemoteUrl2File of the file src\main\java\com\java3y\austin\support\utils\AustinFileUtils.java of the component Email Message Template Handler. The manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-250838 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-0601
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/biantaibao/Austin_SSRF/blob/main/SSRF.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.250838 | source : cna@vuldb.com
https://vuldb.com/?id.250838 | source : cna@vuldb.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2021-4432

First published on : 16-01-2024 15:15:08
Last modified on : 16-01-2024 15:15:08

Description :
A vulnerability was found in PCMan FTP Server 2.0.7. It has been classified as problematic. This affects an unknown part of the component USER Command Handler. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250719.

CVE ID : CVE-2021-4432
Source : cna@vuldb.com
CVSS Score : 5.3

References :
https://0day.today/exploit/description/36412 | source : cna@vuldb.com
https://packetstormsecurity.com/files/163104/PCMan-FTP-Server-2.0.7-Denial-Of-Service.html | source : cna@vuldb.com
https://vuldb.com/?ctiid.250719 | source : cna@vuldb.com
https://vuldb.com/?id.250719 | source : cna@vuldb.com

Vulnerability : CWE-404


Vulnerability ID : CVE-2024-0569

First published on : 16-01-2024 13:15:08
Last modified on : 16-01-2024 13:56:05

Description :
A vulnerability classified as problematic has been found in Totolink T8 4.1.5cu.833_20220905. This affects the function getSysStatusCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation of the argument ssid/key leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.1.5cu.862_B20230228 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-250785 was assigned to this vulnerability.

CVE ID : CVE-2024-0569
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://drive.google.com/file/d/1WSWrGEKUkvPk8hq1VRng-wbR7T6CknGY/view?usp=sharing | source : cna@vuldb.com
https://vuldb.com/?ctiid.250785 | source : cna@vuldb.com
https://vuldb.com/?id.250785 | source : cna@vuldb.com

Vulnerability : CWE-200


Source : hcl.com

Vulnerability ID : CVE-2023-37522

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 16:15:11

Description :
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower has missing or insecure tags that could allow an attacker to execute a malicious script on the user's browser.

CVE ID : CVE-2023-37522
Source : psirt@hcl.com
CVSS Score : 5.6

References :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754 | source : psirt@hcl.com


Vulnerability ID : CVE-2023-37523

First published on : 16-01-2024 18:15:09
Last modified on : 16-01-2024 18:15:09

Description :
Missing or insecure tags in the HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower could allow an attacker to execute a malicious script on the user's browser.

CVE ID : CVE-2023-37523
Source : psirt@hcl.com
CVSS Score : 5.6

References :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754 | source : psirt@hcl.com


Source : incibe.es

Vulnerability ID : CVE-2024-0554

First published on : 16-01-2024 11:15:07
Last modified on : 16-01-2024 13:56:05

Description :
A Cross-site scripting (XSS) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could store a malicious javascript payload in the device model parameter via '/setup/diags_ir_learn.asp', allowing the attacker to retrieve the session details of another user.

CVE ID : CVE-2024-0554
Source : cve-coordination@incibe.es
CVSS Score : 5.5

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-full-compass-systems-wic1200 | source : cve-coordination@incibe.es

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-0555

First published on : 16-01-2024 11:15:08
Last modified on : 16-01-2024 13:56:05

Description :
A Cross-Site Request Forgery (CSRF) vulnerability has been found on WIC1200, affecting version 1.1. An authenticated user could lead another user into executing unwanted actions inside the application they are logged in. This vulnerability is possible due to the lack of propper CSRF token implementation.

CVE ID : CVE-2024-0555
Source : cve-coordination@incibe.es
CVSS Score : 4.6

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-full-compass-systems-wic1200 | source : cve-coordination@incibe.es

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-0581

First published on : 16-01-2024 14:15:49
Last modified on : 16-01-2024 14:15:49

Description :
An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this shellcode sequence to shut down the application and evade the scan.

CVE ID : CVE-2024-0581
Source : cve-coordination@incibe.es
CVSS Score : 4.0

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/uncontrolled-resource-consumption-vulnerability-sandsprite-scdbg | source : cve-coordination@incibe.es

Vulnerability : CWE-400


Source : hq.dhs.gov

Vulnerability ID : CVE-2023-7234

First published on : 16-01-2024 19:15:08
Last modified on : 16-01-2024 19:15:08

Description :
OPCUAServerToolkit will write a log message once an OPC UA client has successfully connected containing the client's self-defined description field.

CVE ID : CVE-2023-7234
Source : ics-cert@hq.dhs.gov
CVSS Score : 5.3

References :
https://integrationobjects.com//ask-a-question/ | source : ics-cert@hq.dhs.gov
https://www.cisa.gov/news-events/ics-advisories/icsa-24-016-02 | source : ics-cert@hq.dhs.gov

Vulnerability : CWE-117


(11) LOW VULNERABILITIES [0.1, 3.9]

Source : oracle.com

Vulnerability ID : CVE-2024-20920

First published on : 16-01-2024 22:15:39
Last modified on : 16-01-2024 22:15:39

Description :
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).

CVE ID : CVE-2024-20920
Source : secalert_us@oracle.com
CVSS Score : 3.8

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20955

First published on : 16-01-2024 22:15:42
Last modified on : 16-01-2024 22:15:42

Description :
Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

CVE ID : CVE-2024-20955
Source : secalert_us@oracle.com
CVSS Score : 3.7

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20910

First published on : 16-01-2024 22:15:38
Last modified on : 16-01-2024 22:15:38

Description :
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Difficult to exploit vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. While the vulnerability is in Oracle Audit Vault and Database Firewall, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Audit Vault and Database Firewall accessible data. CVSS 3.1 Base Score 3.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N).

CVE ID : CVE-2024-20910
Source : secalert_us@oracle.com
CVSS Score : 3.0

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20912

First published on : 16-01-2024 22:15:39
Last modified on : 16-01-2024 22:15:39

Description :
Vulnerability in Oracle Audit Vault and Database Firewall (component: Firewall). Supported versions that are affected are 20.1-20.9. Easily exploitable vulnerability allows high privileged attacker with network access via Oracle Net to compromise Oracle Audit Vault and Database Firewall. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Audit Vault and Database Firewall accessible data. CVSS 3.1 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N).

CVE ID : CVE-2024-20912
Source : secalert_us@oracle.com
CVSS Score : 2.7

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20957

First published on : 16-01-2024 22:15:42
Last modified on : 16-01-2024 22:15:42

Description :
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Package Build SEC). Supported versions that are affected are Prior to 9.2.8.1. Easily exploitable vulnerability allows high privileged attacker with network access via JDENET to compromise JD Edwards EnterpriseOne Tools. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of JD Edwards EnterpriseOne Tools. CVSS 3.1 Base Score 2.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).

CVE ID : CVE-2024-20957
Source : secalert_us@oracle.com
CVSS Score : 2.7

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20922

First published on : 16-01-2024 22:15:39
Last modified on : 16-01-2024 22:15:39

Description :
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 2.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).

CVE ID : CVE-2024-20922
Source : secalert_us@oracle.com
CVSS Score : 2.5

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Vulnerability ID : CVE-2024-20914

First published on : 16-01-2024 22:15:39
Last modified on : 16-01-2024 22:15:39

Description :
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: Core). The supported version that is affected is 8.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit executes to compromise Oracle ZFS Storage Appliance Kit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle ZFS Storage Appliance Kit accessible data. CVSS 3.1 Base Score 2.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

CVE ID : CVE-2024-20914
Source : secalert_us@oracle.com
CVSS Score : 2.3

References :
https://www.oracle.com/security-alerts/cpujan2024.html | source : secalert_us@oracle.com


Source : github.com

Vulnerability ID : CVE-2023-51381

First published on : 16-01-2024 19:15:08
Last modified on : 16-01-2024 19:15:08

Description :
Cross-site Scripting in the tag name pattern field in the tag protections UI in GitHub Enterprise Server 3.8.12, 3.9.7, 3.10.4, 3.11.2 allows a malicious website that requires user interaction and social engineering to make changes to a user account via CSP bypass with created CSRF tokens. This vulnerability affected all versions of GitHub Enterprise Server and was fixed in all versions of 3.11.3, 3.10.5, 3.9.8, and 3.8.13. This vulnerability was reported via the GitHub Bug Bounty program.

CVE ID : CVE-2023-51381
Source : product-cna@github.com
CVSS Score : 3.7

References :
https://docs.github.com/en/enterprise-server@3.10/admin/release-notes#3.10.5 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.11/admin/release-notes#3.11.3 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.8/admin/release-notes#3.8.13 | source : product-cna@github.com
https://docs.github.com/en/enterprise-server@3.9/admin/release-notes#3.9.8 | source : product-cna@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2022-31021

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
Ursa is a cryptographic library for use with blockchains. A weakness in the Hyperledger AnonCreds specification that is not mitigated in the Ursa and AnonCreds implementations is that the Issuer does not publish a key correctness proof demonstrating that a generated private key is sufficient to meet the unlinkability guarantees of AnonCreds. The Ursa and AnonCreds CL-Signatures implementations always generate a sufficient private key. A malicious issuer could in theory create a custom CL Signature implementation (derived from the Ursa or AnonCreds CL-Signatures implementations) that uses weakened private keys such that presentations from holders could be shared by verifiers to the issuer who could determine the holder to which the credential was issued. This vulnerability could impact holders of AnonCreds credentials implemented using the CL-signature scheme in the Ursa and AnonCreds implementations of CL Signatures. The ursa project has has moved to end-of-life status and no fix is expected.

CVE ID : CVE-2022-31021
Source : security-advisories@github.com
CVSS Score : 3.3

References :
https://github.com/hyperledger/ursa/security/advisories/GHSA-2q6j-gqc4-4gw3 | source : security-advisories@github.com
https://www.brics.dk/RS/98/29/BRICS-RS-98-29.pdf | source : security-advisories@github.com

Vulnerability : CWE-829


Source : vuldb.com

Vulnerability ID : CVE-2024-0599

First published on : 16-01-2024 20:15:45
Last modified on : 16-01-2024 20:15:45

Description :
A vulnerability was found in Jspxcms 10.2.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file src\main\java\com\jspxcms\core\web\back\InfoController.java of the component Document Management Page. The manipulation of the argument title leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250837 was assigned to this vulnerability.

CVE ID : CVE-2024-0599
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://github.com/sweatxi/BugHub/blob/main/Jspxcms.pdf | source : cna@vuldb.com
https://vuldb.com/?ctiid.250837 | source : cna@vuldb.com
https://vuldb.com/?id.250837 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : hcl.com

Vulnerability ID : CVE-2023-37521

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
HCL BigFix Bare OSD Metal Server WebUI version 311.19 or lower can sometimes include sensitive information in a query string which could allow an attacker to execute a malicious attack.

CVE ID : CVE-2023-37521
Source : psirt@hcl.com
CVSS Score : 2.3

References :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109754 | source : psirt@hcl.com


(127) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-41619

First published on : 16-01-2024 01:15:34
Last modified on : 16-01-2024 13:56:05

Description :
Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/article.php?action=write.

CVE ID : CVE-2023-41619
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/GhostBalladw/wuhaozhe-s-CVE/blob/main/CVE-2023-41619 | source : cve@mitre.org
https://github.com/emlog/emlog | source : cve@mitre.org


Vulnerability ID : CVE-2023-47459

First published on : 16-01-2024 01:15:34
Last modified on : 16-01-2024 13:56:05

Description :
An issue in Knovos Discovery v.22.67.0 allows a remote attacker to obtain sensitive information via the /DiscoveryReview/Service/CaseManagement.svc/GetProductSiteName component.

CVE ID : CVE-2023-47459
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/aleksey-vi/CVE-2023-47459 | source : cve@mitre.org
https://www.knovos.com | source : cve@mitre.org


Vulnerability ID : CVE-2023-47460

First published on : 16-01-2024 01:15:34
Last modified on : 16-01-2024 13:56:05

Description :
SQL injection vulnerability in Knovos Discovery v.22.67.0 allows a remote attacker to execute arbitrary code via the /DiscoveryProcess/Service/Admin.svc/getGridColumnStructure component.

CVE ID : CVE-2023-47460
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/aleksey-vi/CVE-2023-47460 | source : cve@mitre.org
https://www.knovos.com | source : cve@mitre.org


Vulnerability ID : CVE-2023-48104

First published on : 16-01-2024 01:15:34
Last modified on : 16-01-2024 13:56:05

Description :
Alinto SOGo 5.8.0 is vulnerable to HTML Injection.

CVE ID : CVE-2023-48104
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Alinto/sogo/commit/7481ccf37087c3f456d7e5a844da01d0f8883098 | source : cve@mitre.org
https://github.com/E1tex/CVE-2023-48104 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51810

First published on : 16-01-2024 01:15:34
Last modified on : 16-01-2024 13:56:05

Description :
SQL injection vulnerability in StackIdeas EasyDiscuss v.5.0.5 and fixed in v.5.0.10 allows a remote attacker to obtain sensitive information via a crafted request to the search parameter in the Users module.

CVE ID : CVE-2023-51810
Source : cve@mitre.org
CVSS Score : /

References :
http://easydiscuss.com | source : cve@mitre.org
http://stackideas.com | source : cve@mitre.org
https://github.com/Pastea/CVE-2023-51810 | source : cve@mitre.org


Vulnerability ID : CVE-2023-43449

First published on : 16-01-2024 02:15:28
Last modified on : 16-01-2024 13:56:05

Description :
An issue in HummerRisk HummerRisk v.1.10 thru 1.4.1 allows an authenticated attacker to execute arbitrary code via a crafted request to the service/LicenseService component.

CVE ID : CVE-2023-43449
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/HummerRisk/HummerRisk/issues/446 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51059

First published on : 16-01-2024 02:15:28
Last modified on : 16-01-2024 13:56:05

Description :
An issue in MOKO TECHNOLOGY LTD MOKOSmart MKGW1 BLE Gateway v.1.1.1 and before allows a remote attacker to escalate privileges via the session management component of the administrative web interface.

CVE ID : CVE-2023-51059
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/sbaresearch/advisories/tree/public/2022/SBA-ADV-20220120-01_MOKOSmart_MKGW1_Gateway_Improper_Session_Management | source : cve@mitre.org
https://www.mokosmart.com/wp-content/uploads/2019/10/GS-gateway.pdf | source : cve@mitre.org


Vulnerability ID : CVE-2023-51257

First published on : 16-01-2024 02:15:28
Last modified on : 16-01-2024 13:56:05

Description :
An invalid memory write issue in Jasper-Software Jasper v.4.1.1 and before allows a local attacker to execute arbitrary code.

CVE ID : CVE-2023-51257
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/jasper-software/jasper/issues/367 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51282

First published on : 16-01-2024 02:15:28
Last modified on : 16-01-2024 13:56:05

Description :
An issue in mingSoft MCMS v.5.2.4 allows a a remote attacker to obtain sensitive information via a crafted script to the password parameter.

CVE ID : CVE-2023-51282
Source : cve@mitre.org
CVSS Score : /

References :
https://gitee.com/mingSoft/MCMS/issues/I4Q4NV | source : cve@mitre.org
https://github.com/tanalala/CVE/blob/main/Code.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22625

First published on : 16-01-2024 18:15:11
Last modified on : 16-01-2024 18:15:11

Description :
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_category.php?id=.

CVE ID : CVE-2024-22625
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/GaoZzr/CVE_report/blob/main/Supply_Management_System/SQLi-1.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22626

First published on : 16-01-2024 18:15:11
Last modified on : 16-01-2024 18:15:11

Description :
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_retailer.php?id=.

CVE ID : CVE-2024-22626
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/GaoZzr/CVE_report/blob/main/Supply_Management_System/SQLi-2.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22627

First published on : 16-01-2024 18:15:11
Last modified on : 16-01-2024 18:15:11

Description :
Complete Supplier Management System v1.0 is vulnerable to SQL Injection via /Supply_Management_System/admin/edit_distributor.php?id=.

CVE ID : CVE-2024-22627
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/GaoZzr/CVE_report/blob/main/Supply_Management_System/SQLi-3.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22628

First published on : 16-01-2024 18:15:11
Last modified on : 16-01-2024 18:15:11

Description :
Budget and Expense Tracker System v1.0 is vulnerable to SQL Injection via /expense_budget/admin/?page=reports/budget&date_start=2023-12-28&date_end=

CVE ID : CVE-2024-22628
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/GaoZzr/CVE_report/blob/main/budget-and-expense-tracker-system/SQLi-1.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-49351

First published on : 16-01-2024 19:15:08
Last modified on : 16-01-2024 19:15:08

Description :
A stack-based buffer overflow vulnerability in /bin/webs binary in Edimax BR6478AC V2 firmware veraion v1.23 allows attackers to overwrite other values located on the stack due to an incorrect use of the strcpy() function.

CVE ID : CVE-2023-49351
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/countfatcode/temp/blob/main/formUSBAccount/formUSBAccount.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-52041

First published on : 16-01-2024 19:15:08
Last modified on : 16-01-2024 19:15:08

Description :
An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary code via the sub_410118 function of the shttpd program.

CVE ID : CVE-2023-52041
Source : cve@mitre.org
CVSS Score : /

References :
https://kee02p.github.io/2024/01/13/CVE-2023-52041/ | source : cve@mitre.org


Vulnerability ID : CVE-2024-22491

First published on : 16-01-2024 19:15:09
Last modified on : 16-01-2024 19:15:09

Description :
A Stored Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the post/save content parameter.

CVE ID : CVE-2024-22491
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cui2shark/security/blob/main/A%20stored%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20beetl-bbs%20post%20save.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-48926

First published on : 16-01-2024 21:15:08
Last modified on : 16-01-2024 21:15:08

Description :
An issue in 202 ecommerce Advanced Loyalty Program: Loyalty Points before v2.3.4 for PrestaShop allows unauthenticated attackers to arbitrarily change an order status.

CVE ID : CVE-2023-48926
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/202ecommerce/security-advisories/security/advisories/GHSA-jp2c-mj65-qpmw | source : cve@mitre.org


Vulnerability ID : CVE-2023-36236

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
Cross Site Scripting vulnerability in webkil Bagisto v.1.5.0 and before allows an attacker to execute arbitrary code via a crafted SVG file uplad.

CVE ID : CVE-2023-36236
Source : cve@mitre.org
CVSS Score : /

References :
https://bagisto.com/en/ | source : cve@mitre.org
https://github.com/Ek-Saini/security/blob/main/XSS_via_fileupload-bagisto | source : cve@mitre.org
https://github.com/bagisto/bagisto/pull/4764/commits/7bbf0c4bb565fc2601f031f9bbcdfa06e24dbd45 | source : cve@mitre.org


Vulnerability ID : CVE-2023-39691

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
An issue discovered in kodbox through 1.43 allows attackers to arbitrarily add Administrator accounts via crafted GET request.

CVE ID : CVE-2023-39691
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.mo60.cn/index.php/archives/kodbox_Logical.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-52042

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary commands via the 'lang' parameter.

CVE ID : CVE-2023-52042
Source : cve@mitre.org
CVSS Score : /

References :
https://kee02p.github.io/2024/01/13/CVE-2023-52042/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-52068

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
kodbox v1.43 was discovered to contain a cross-site scripting (XSS) vulnerability via the operation and login logs.

CVE ID : CVE-2023-52068
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.mo60.cn/index.php/archives/Kodbox_Stored_Xss.html_Password_Kodbox_Stored_Xss1 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22916

First published on : 16-01-2024 22:15:46
Last modified on : 16-01-2024 22:15:46

Description :
In D-LINK Go-RT-AC750 v101b03, the sprintf function in the sub_40E700 function within the cgibin is susceptible to stack overflow.

CVE ID : CVE-2024-22916
Source : cve@mitre.org
CVSS Score : /

References :
https://kee02p.github.io/2024/01/13/CVE-2024-22916/ | source : cve@mitre.org
https://www.dlink.com/en/security-bulletin/ | source : cve@mitre.org


Source : jpcert.or.jp

Vulnerability ID : CVE-2024-22362

First published on : 16-01-2024 04:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Drupal contains a vulnerability with improper handling of structural elements. If this vulnerability is exploited, an attacker may be able to cause a denial-of-service (DoS) condition.

CVE ID : CVE-2024-22362
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://github.com/drupal/drupal | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN63383723/ | source : vultures@jpcert.or.jp
https://www.drupal.org/ | source : vultures@jpcert.or.jp
https://www.drupal.org/about/core/policies/core-release-cycles/schedule | source : vultures@jpcert.or.jp


Source : huawei.com

Vulnerability ID : CVE-2023-44112

First published on : 16-01-2024 08:15:08
Last modified on : 16-01-2024 13:56:05

Description :
Out-of-bounds access vulnerability in the device authentication module. Successful exploitation of this vulnerability may affect confidentiality.

CVE ID : CVE-2023-44112
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-44117

First published on : 16-01-2024 08:15:08
Last modified on : 16-01-2024 13:56:05

Description :
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE ID : CVE-2023-44117
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-290


Vulnerability ID : CVE-2023-4566

First published on : 16-01-2024 08:15:08
Last modified on : 16-01-2024 13:56:05

Description :
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE ID : CVE-2023-4566
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-290


Vulnerability ID : CVE-2023-52109

First published on : 16-01-2024 08:15:08
Last modified on : 16-01-2024 13:56:05

Description :
Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitation of this vulnerability may affect service confidentiality.

CVE ID : CVE-2023-52109
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-345


Vulnerability ID : CVE-2023-52110

First published on : 16-01-2024 08:15:08
Last modified on : 16-01-2024 13:56:05

Description :
The sensor module has an out-of-bounds access vulnerability.Successful exploitation of this vulnerability may affect availability.

CVE ID : CVE-2023-52110
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52111

First published on : 16-01-2024 08:15:08
Last modified on : 16-01-2024 13:56:05

Description :
Authorization vulnerability in the BootLoader module. Successful exploitation of this vulnerability may affect service integrity.

CVE ID : CVE-2023-52111
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-287


Vulnerability ID : CVE-2023-52112

First published on : 16-01-2024 08:15:09
Last modified on : 16-01-2024 13:56:05

Description :
Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of this vulnerability may cause features to perform abnormally.

CVE ID : CVE-2023-52112
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52113

First published on : 16-01-2024 08:15:09
Last modified on : 16-01-2024 13:56:05

Description :
launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

CVE ID : CVE-2023-52113
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52098

First published on : 16-01-2024 09:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerability will affect availability.

CVE ID : CVE-2023-52098
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-400


Vulnerability ID : CVE-2023-52107

First published on : 16-01-2024 09:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Vulnerability of permissions being not strictly verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE ID : CVE-2023-52107
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-269


Vulnerability ID : CVE-2023-52108

First published on : 16-01-2024 09:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Vulnerability of process priorities being raised in the ActivityManagerService module. Successful exploitation of this vulnerability will affect availability.

CVE ID : CVE-2023-52108
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52114

First published on : 16-01-2024 09:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of this vulnerability may affect service integrity.

CVE ID : CVE-2023-52114
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52115

First published on : 16-01-2024 09:15:07
Last modified on : 16-01-2024 13:56:05

Description :
The iaware module has a Use-After-Free (UAF) vulnerability. Successful exploitation of this vulnerability may affect the system functions.

CVE ID : CVE-2023-52115
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-416


Vulnerability ID : CVE-2023-52116

First published on : 16-01-2024 09:15:08
Last modified on : 16-01-2024 13:56:05

Description :
Permission management vulnerability in the multi-screen interaction module. Successful exploitation of this vulnerability may cause service exceptions of the device.

CVE ID : CVE-2023-52116
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-269


Vulnerability ID : CVE-2023-52099

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Vulnerability of foreground service restrictions being bypassed in the NMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE ID : CVE-2023-52099
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52100

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
The Celia Keyboard module has a vulnerability in access control. Successful exploitation of this vulnerability may affect availability.

CVE ID : CVE-2023-52100
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52101

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect service availability and integrity.

CVE ID : CVE-2023-52101
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52102

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE ID : CVE-2023-52102
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52103

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may cause out-of-bounds read.

CVE ID : CVE-2023-52103
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com

Vulnerability : CWE-120


Vulnerability ID : CVE-2023-52104

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vulnerability may affect service confidentiality.

CVE ID : CVE-2023-52104
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52105

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
The nearby module has a privilege escalation vulnerability. Successful exploitation of this vulnerability may affect availability.

CVE ID : CVE-2023-52105
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Vulnerability ID : CVE-2023-52106

First published on : 16-01-2024 10:15:07
Last modified on : 16-01-2024 13:56:05

Description :
The DownloadProviderMain module has a vulnerability in API permission verification. Successful exploitation of this vulnerability may affect integrity and availability.

CVE ID : CVE-2023-52106
Source : psirt@huawei.com
CVSS Score : /

References :
https://consumer.huawei.com/en/support/bulletin/2024/1/ | source : psirt@huawei.com
https://device.harmonyos.com/en/docs/security/update/security-bulletins-202401-0000001799925977 | source : psirt@huawei.com


Source : wpscan.com

Vulnerability ID : CVE-2021-24151

First published on : 16-01-2024 16:15:08
Last modified on : 16-01-2024 16:15:08

Description :
The WP Editor WordPress plugin before 1.2.7 did not sanitise or validate its setting fields leading to an authenticated (admin+) blind SQL injection issue via an arbitrary parameter when making a request to save the settings.

CVE ID : CVE-2021-24151
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/5ee77dd7-5a73-4d4e-8038-23e6e763e20c/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-24432

First published on : 16-01-2024 16:15:08
Last modified on : 16-01-2024 16:15:08

Description :
The Advanced AJAX Product Filters WordPress plugin does not sanitise the 'term_id' POST parameter before outputting it in the page, leading to reflected Cross-Site Scripting issue.

CVE ID : CVE-2021-24432
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/b92ec5f7-d6a8-476f-a01e-21001a558914/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-24433

First published on : 16-01-2024 16:15:08
Last modified on : 16-01-2024 16:15:08

Description :
The simple sort&search WordPress plugin through 0.0.3 does not make sure that the indexurl parameter of the shortcodes "category_sims", "order_sims", "orderby_sims", "period_sims", and "tag_sims" use allowed URL protocols, which can lead to stored cross-site scripting by users with a role as low as Contributor

CVE ID : CVE-2021-24433
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/2ce8c786-ba82-427c-b5e7-e3b300a24c5f/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-24559

First published on : 16-01-2024 16:15:08
Last modified on : 16-01-2024 16:15:08

Description :
The Qyrr WordPress plugin before 0.7 does not escape the data-uri of the QR Code when outputting it in a src attribute, allowing for Cross-Site Scripting attacks. Furthermore, the data_uri_to_meta AJAX action, available to all authenticated users, only had a CSRF check in place, with the nonce available to users with a role as low as Contributor allowing any user with such role (and above) to set a malicious data-uri in arbitrary QR Code posts, leading to a Stored Cross-Site Scripting issue.

CVE ID : CVE-2021-24559
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/65a29976-163a-4bbf-a4e8-590ddc4b83f2/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-24566

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the "woocs" shortcode.

CVE ID : CVE-2021-24566
Source : contact@wpscan.com
CVSS Score : /

References :
https://jetpack.com/2021/07/22/severe-vulnerability-patched-in-woocommerce-currency-switcher/ | source : contact@wpscan.com
https://wpscan.com/vulnerability/a0bc4b13-53fe-462d-8306-8915196d3a5a/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-24567

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Simple Post WordPress plugin through 1.1 does not sanitize user input when an authenticated user Text value, then it does not escape these values when outputting to the browser leading to an Authenticated Stored XSS Cross-Site Scripting issue.

CVE ID : CVE-2021-24567
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/a3cd3115-2181-4e14-8b39-4de096433847/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-24869

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The WP Fastest Cache WordPress plugin before 0.9.5 does not escape user input in the set_urls_with_terms method before using it in a SQL statement, leading to an SQL injection exploitable by low privilege users such as subscriber

CVE ID : CVE-2021-24869
Source : contact@wpscan.com
CVSS Score : /

References :
https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/ | source : contact@wpscan.com
https://wpscan.com/vulnerability/b2233795-1a32-45fc-9d51-b6bd0a073f5b/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-24870

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The WP Fastest Cache WordPress plugin before 0.9.5 is lacking a CSRF check in its wpfc_save_cdn_integration AJAX action, and does not sanitise and escape some the options available via the action, which could allow attackers to make logged in high privilege users call it and set a Cross-Site Scripting payload

CVE ID : CVE-2021-24870
Source : contact@wpscan.com
CVSS Score : /

References :
https://jetpack.com/2021/10/14/multiple-vulnerabilities-in-wp-fastest-cache-plugin/ | source : contact@wpscan.com
https://wpscan.com/vulnerability/48de63ab-2ef1-4469-8fc4-9346068bdf06/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-25117

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Even though the page is only accessible to administrators, and protected against CSRF attacks, the issue is still exploitable when the unfiltered_html capability is disabled.

CVE ID : CVE-2021-25117
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/d2d9a789-edae-4ae1-92af-e6132db7efcd/ | source : contact@wpscan.com


Vulnerability ID : CVE-2021-4227

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The ark-commenteditor WordPress plugin through 2.15.6 does not properly sanitise or encode the comments when in Source editor, allowing attackers to inject an iFrame in the page and thus load arbitrary content from any page to the comment section

CVE ID : CVE-2021-4227
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/8d015eba-31dc-44cb-a051-4e95df782b75/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-0402

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Super Forms - Drag & Drop Form Builder WordPress plugin before 6.0.4 does not escape the bob_czy_panstwa_sprawa_zostala_rozwiazana parameter before outputting it back in an attribute via the super_language_switcher AJAX action, leading to a Reflected Cross-Site Scripting. The action is also lacking CSRF, making the attack easier to perform against any user.

CVE ID : CVE-2022-0402
Source : contact@wpscan.com
CVSS Score : /

References :
https://github.com/RensTillmann/super-forms/commit/c19d65abbe43d9b6359c1bf3498dc697d0c19d02 | source : contact@wpscan.com
https://wpscan.com/vulnerability/2e2e2478-2488-4c91-8af8-69b07783854f/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-0775

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The WooCommerce WordPress plugin before 6.2.1 does not have proper authorisation check when deleting reviews, which could allow any authenticated users, such as subscriber to delete arbitrary comment

CVE ID : CVE-2022-0775
Source : contact@wpscan.com
CVSS Score : /

References :
https://developer.woocommerce.com/2022/02/22/woocommerce-6-2-1-security-fix/ | source : contact@wpscan.com
https://plugins.trac.wordpress.org/changeset/2683324 | source : contact@wpscan.com
https://wpscan.com/vulnerability/b76dbf37-a0a2-48cf-bd85-3ebbc2f394dd/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-1538

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed.

CVE ID : CVE-2022-1538
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/b19adf7c-3983-487b-9b46-0f2922b08c1c/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-1563

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The WPGraphQL WooCommerce WordPress plugin before 0.12.4 does not prevent unauthenticated attackers from enumerating a shop's coupon codes and values via GraphQL.

CVE ID : CVE-2022-1563
Source : contact@wpscan.com
CVSS Score : /

References :
https://github.com/wp-graphql/wp-graphql-woocommerce/ | source : contact@wpscan.com
https://wpscan.com/vulnerability/19138092-50d3-4d63-97c5-aa8e1ce39456/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-1609

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The School Management WordPress plugin before 9.9.7 contains an obfuscated backdoor injected in it's license checking code that registers a REST API handler, allowing an unauthenticated attacker to execute arbitrary PHP code on the site.

CVE ID : CVE-2022-1609
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/e2d546c9-85b6-47a4-b951-781b9ae5d0f2/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-1617

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The WP-Invoice WordPress plugin through 4.3.1 does not have CSRF check in place when updating its settings, and is lacking sanitisation as well as escaping in some of them, allowing attacker to make a logged in admin change them and add XSS payload in them

CVE ID : CVE-2022-1617
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/7e40e506-ad02-44ca-9d21-3634f3907aad/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-1618

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Coru LFMember WordPress plugin through 1.0.2 does not have CSRF check in place when adding a new game, and is lacking sanitisation as well as escaping in their settings, allowing attacker to make a logged in admin add an arbitrary game with XSS payloads

CVE ID : CVE-2022-1618
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/ddafcab2-b5db-4839-8ae1-188383f4250d/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-1760

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Core Control WordPress plugin through 1.2.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

CVE ID : CVE-2022-1760
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/c7906b1d-25c9-4f34-bd02-66824878b88e/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-23179

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.7.0 does not escape some of its form fields before outputting them in attributes, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed

CVE ID : CVE-2022-23179
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/90b8af99-e4a1-4076-99fa-efe805dd4be4/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-23180

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Contact Form & Lead Form Elementor Builder WordPress plugin before 1.7.4 doesn't have authorisation and nonce checks, which could allow any authenticated users, such as subscriber to update and change various settings

CVE ID : CVE-2022-23180
Source : contact@wpscan.com
CVSS Score : /

References :
https://plugins.trac.wordpress.org/changeset/2670484 | source : contact@wpscan.com
https://wpscan.com/vulnerability/da87358a-3a72-4cf7-a2af-a266dd9b4290/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-2413

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Slide Anything WordPress plugin before 2.3.47 does not properly sanitize or escape the slide title before outputting it in the admin pages, allowing a logged in user with roles as low as Author to inject a javascript payload into the slide title even when the unfiltered_html capability is disabled.

CVE ID : CVE-2022-2413
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/2e38b1bb-4410-45e3-87ca-d47a2cce9e22/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-3194

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Dokan WordPress plugin before 3.6.4 allows vendors to inject arbitrary javascript in product reviews, which may allow them to run stored XSS attacks against other users like site administrators.

CVE ID : CVE-2022-3194
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/85e32913-dc2a-44c9-addd-7abde618e995/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-3604

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The Contact Form Entries WordPress plugin before 1.3.0 does not validate data when its output in a CSV file, which could lead to CSV injection.

CVE ID : CVE-2022-3604
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/300ebfcd-c500-464e-b919-acfeb72593de/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-3739

First published on : 16-01-2024 16:15:09
Last modified on : 16-01-2024 16:15:09

Description :
The WP Best Quiz WordPress plugin through 1.0 does not sanitize and escape some parameters, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks.

CVE ID : CVE-2022-3739
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/b9f39ced-1e0f-4559-b861-39ddcbcd1249/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-3764

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The plugin does not filter the "delete_entries" parameter from user requests, leading to an SQL Injection vulnerability.

CVE ID : CVE-2022-3764
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/9d49df6b-e2f1-4662-90d2-84c29c3b1cb0/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-3829

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Font Awesome 4 Menus WordPress plugin through 4.7.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2022-3829
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/684941ad-541f-43f9-a7ef-d26c0f4e6e21/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-3836

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Seed Social WordPress plugin before 2.0.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2022-3836
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/64e144fb-aa9f-4cfe-9c44-a4e1fa2e8dd5/ | source : contact@wpscan.com


Vulnerability ID : CVE-2022-3899

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The 3dprint WordPress plugin before 3.5.6.9 does not protect against CSRF attacks in the modified version of Tiny File Manager included with the plugin, allowing an attacker to craft a malicious request that will delete any number of files or directories on the target server by tricking a logged in admin into submitting a form.

CVE ID : CVE-2022-3899
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/e3131e16-a0eb-4d26-b6d3-048fc1f1e9fa/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-0079

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Customer Reviews for WooCommerce WordPress plugin before 5.17.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

CVE ID : CVE-2023-0079
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/fdaba4d1-950d-4512-95de-cd43fe9e73e5/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-0094

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The UpQode Google Maps WordPress plugin through 1.0.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

CVE ID : CVE-2023-0094
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/1453471f-164d-4487-a736-8cea086212fe/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-0224

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The GiveWP WordPress plugin before 2.24.1 does not properly escape user input before it reaches SQL queries, which could let unauthenticated attackers perform SQL Injection attacks

CVE ID : CVE-2023-0224
Source : contact@wpscan.com
CVSS Score : /

References :
https://givewp.com/core-2-24-0-vulnerability-patched/ | source : contact@wpscan.com
https://wpscan.com/vulnerability/d8da539d-0a1b-46ef-b48d-710c59cf68e1/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-0376

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Qubely WordPress plugin before 1.8.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

CVE ID : CVE-2023-0376
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/b1aa6f32-c1d5-4fc6-9a4e-d4c5fae78389/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-0389

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Calculated Fields Form WordPress plugin before 1.1.151 does not sanitise and escape some of its form settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-0389
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/090a3922-febc-4294-82d2-d8339d461893/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-0479

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Print Invoice & Delivery Notes for WooCommerce WordPress plugin before 4.7.2 is vulnerable to reflected XSS by echoing a GET value in an admin note within the WooCommerce orders page. This means that this vulnerability can be exploited for users with the edit_others_shop_orders capability. WooCommerce must be installed and active. This vulnerability is caused by a urldecode() after cleanup with esc_url_raw(), allowing double encoding.

CVE ID : CVE-2023-0479
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/50963747-ae8e-42b4-bb42-cc848be7b92e/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-0769

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The hiWeb Migration Simple WordPress plugin through 2.0.0.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high-privilege users such as admins.

CVE ID : CVE-2023-0769
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/1d4a2f0e-a371-4e27-98de-528e070f41b0/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-0824

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The User registration & user profile WordPress plugin through 2.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged-in admin add Stored XSS payloads via a CSRF attack.

CVE ID : CVE-2023-0824
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/48a3a542-9130-4524-9d19-ff9eccecb148/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-1405

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Formidable Forms WordPress plugin before 6.2 unserializes user input, which could allow anonymous users to perform PHP Object Injection when a suitable gadget is present.

CVE ID : CVE-2023-1405
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/8c727a31-ff65-4472-8191-b1becc08192a/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-2252

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does not validate the file parameter when importing CSV files.

CVE ID : CVE-2023-2252
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/9da6eede-10d0-4609-8b97-4a5d38fa8e69/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-2655

First published on : 16-01-2024 16:15:10
Last modified on : 16-01-2024 16:15:10

Description :
The Contact Form by WD WordPress plugin through 1.13.23 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin

CVE ID : CVE-2023-2655
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/b3f2d38f-8eeb-45e9-bb58-2957e416e1cd/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-3178

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 16:15:11

Description :
The POST SMTP Mailer WordPress plugin before 2.5.7 does not have proper CSRF checks in some AJAX actions, which could allow attackers to make logged in users with the manage_postman_smtp capability delete arbitrary logs via a CSRF attack.

CVE ID : CVE-2023-3178
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/5341cb5d-d204-49e1-b013-f8959461995f/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-3211

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 16:15:11

Description :
The WordPress Database Administrator WordPress plugin through 1.0.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.

CVE ID : CVE-2023-3211
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/873824f0-e8b1-45bd-8579-bc3c649a54e5/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-3372

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 16:15:11

Description :
The Lana Shortcodes WordPress plugin before 1.2.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which allows users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

CVE ID : CVE-2023-3372
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/3396b734-9a10-4070-802d-f9d01cc6eb74/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-3647

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 16:15:11

Description :
The IURNY by INDIGITALL WordPress plugin before 3.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-3647
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/6df05333-b1f1-4324-a1ba-dd36fbf1778c/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-3771

First published on : 16-01-2024 16:15:11
Last modified on : 16-01-2024 16:15:11

Description :
The T1 WordPress theme through 19.0 is vulnerable to unauthenticated open redirect with which any attacker and redirect users to arbitrary websites.

CVE ID : CVE-2023-3771
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/7c6fc499-de09-4874-ab96-bdc24d550cfb/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-4536

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The My Account Page Editor WordPress plugin before 1.3.2 does not validate the profile picture to be uploaded, allowing any authenticated users, such as subscriber to upload arbitrary files to the server, leading to RCE

CVE ID : CVE-2023-4536
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/80e0e21c-9e6e-406d-b598-18eb222b3e3e/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-4703

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The All in One B2B for WooCommerce WordPress plugin through 1.0.3 does not properly validate parameters when updating user details, allowing an unauthenticated attacker to update the details of any user. Updating the password of an Admin user leads to privilege escalation.

CVE ID : CVE-2023-4703
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/83278bbb-90e6-4465-a46d-60b4c703c11a/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-4757

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The Staff / Employee Business Directory for Active Directory WordPress plugin before 1.2.3 does not sanitize and escape data returned from the LDAP server before rendering it in the page, allowing users who can control their entries in the LDAP directory to inject malicious javascript which could be used against high-privilege users such as a site admin.

CVE ID : CVE-2023-4757
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/0b953413-cf41-4de7-ac1f-c6cb995fb158/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-4797

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The Newsletters WordPress plugin before 4.9.3 does not properly escape user-controlled parameters when they are appended to SQL queries and shell commands, which could enable an administrator to run arbitrary commands on the server.

CVE ID : CVE-2023-4797
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/de169fc7-f388-4abb-ab94-12522fd1ac92/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5558

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The LearnPress WordPress plugin before 4.2.5.5 does not sanitise and escape user input before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

CVE ID : CVE-2023-5558
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/4efd2a4d-89bd-472f-ba5a-f9944fd4dd16/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-5922

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The Royal Elementor Addons and Templates WordPress plugin before 1.3.81 does not ensure that users accessing posts via an AJAX action (and REST endpoint, currently disabled in the plugin) have the right to do so, allowing unauthenticated users to access arbitrary draft, private and password protected posts/pages content

CVE ID : CVE-2023-5922
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/debd8498-5770-4270-9ee1-1503e675ef34/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6005

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 does not sanitize and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

CVE ID : CVE-2023-6005
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/fa4eea26-0611-4fa8-a947-f78ddf46a56a/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6046

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The EventON WordPress plugin before 2.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored HTML Injection attacks even when the unfiltered_html capability is disallowed.

CVE ID : CVE-2023-6046
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/97f1d403-ae96-4c90-8d47-9822f4d68033/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6292

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The Ecwid Ecommerce Shopping Cart WordPress plugin before 6.12.5 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack.

CVE ID : CVE-2023-6292
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/d4cf799e-2571-4b96-a303-78dcafbfcf40/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6373

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The ArtPlacer Widget WordPress plugin before 2.20.7 does not sanitize and escape the "id" parameter before submitting the query, leading to a SQLI exploitable by editors and above. Note: Due to the lack of CSRF check, the issue could also be exploited via a CSRF against a logged editor (or above)

CVE ID : CVE-2023-6373
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/afc11c92-a7c5-4e55-8f34-f2235438bd1b/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6592

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The FastDup WordPress plugin before 2.2 does not prevent directory listing in sensitive directories containing export files.

CVE ID : CVE-2023-6592
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/a39bb807-b143-4863-88ff-1783e407d7d4/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6732

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The Ultimate Maps by Supsystic WordPress plugin before 1.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

CVE ID : CVE-2023-6732
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/aaf91707-f03b-4f25-bca9-9fac4945002a/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6741

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The WP Customer Area WordPress plugin before 8.2.1 does not properly validate users capabilities in some of its AJAX actions, allowing malicious users to edit other users' account address.

CVE ID : CVE-2023-6741
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/9debe1ea-18ad-44c4-8078-68eb66d36c4a/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-6824

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The WP Customer Area WordPress plugin before 8.2.1 does not properly validates user capabilities in some of its AJAX actions, allowing any users to retrieve other user's account address.

CVE ID : CVE-2023-6824
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/a224b984-770a-4534-b689-0701b582b388/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-7083

First published on : 16-01-2024 16:15:13
Last modified on : 16-01-2024 16:15:13

Description :
The Voting Record WordPress plugin through 2.0 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack

CVE ID : CVE-2023-7083
Source : contact@wpscan.com
CVSS Score : /

References :
https://magos-securitas.com/txt/CVE-2023-7083.txt | source : contact@wpscan.com
https://wpscan.com/vulnerability/ba77704a-32a1-494b-b2c0-e1c2a3f98adc/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-7084

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The Voting Record WordPress plugin through 2.0 is missing sanitisation as well as escaping, which could allow any authenticated users, such as subscriber to perform Stored XSS attacks

CVE ID : CVE-2023-7084
Source : contact@wpscan.com
CVSS Score : /

References :
https://magos-securitas.com/txt/CVE-2023-7084.txt | source : contact@wpscan.com
https://wpscan.com/vulnerability/5e51e239-919b-4e74-a7ee-195f3817f907/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-7125

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The Community by PeepSo WordPress plugin before 6.3.1.2 does not have CSRF check when creating a user post (visible on their wall in their profile page), which could allow attackers to make logged in users perform such action via a CSRF attack

CVE ID : CVE-2023-7125
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/cac12b64-ed25-4ee2-933f-8ff722605271/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-7151

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The Product Enquiry for WooCommerce WordPress plugin before 3.2 does not sanitise and escape the page parameter before outputting it back in an attribute, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2023-7151
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/4992a4a9-f21a-46e2-babf-954acfc7c5b4/ | source : contact@wpscan.com


Vulnerability ID : CVE-2023-7154

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The Hubbub Lite (formerly Grow Social) WordPress plugin before 1.32.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)

CVE ID : CVE-2023-7154
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/0ed423dd-4a38-45e0-8645-3f4215a3f15c/ | source : contact@wpscan.com


Vulnerability ID : CVE-2024-0187

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The Community by PeepSo WordPress plugin before 6.3.1.2 does not sanitise and escape various parameters and generated URLs before outputting them back attributes, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2024-0187
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/b4600411-bee1-4cc8-aee9-0a613ac9b55b/ | source : contact@wpscan.com


Vulnerability ID : CVE-2024-0233

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not properly sanitise and escape a parameter before outputting it back in pages, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

CVE ID : CVE-2024-0233
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/04a708a0-b6f3-47d1-aac9-0bb17f57c61e/ | source : contact@wpscan.com


Vulnerability ID : CVE-2024-0235

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve email addresses of any users on the blog

CVE ID : CVE-2024-0235
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/ | source : contact@wpscan.com


Vulnerability ID : CVE-2024-0236

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, allowing unauthenticated users to retrieve the settings of arbitrary virtual events, including any meeting password set (for example for Zoom)

CVE ID : CVE-2024-0236
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/09aeb6f2-6473-4de7-8598-e417049896d7/ | source : contact@wpscan.com


Vulnerability ID : CVE-2024-0237

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in some AJAX actions, allowing unauthenticated users to update virtual events settings, such as meeting URL, moderator, access details etc

CVE ID : CVE-2024-0237
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/73d1b00e-1f17-4d9a-bfc8-6bc43a46b90b/ | source : contact@wpscan.com


Vulnerability ID : CVE-2024-0238

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The EventON WordPress plugin before 4.5.5, EventON WordPress plugin before 2.2.7 do not have authorisation in an AJAX action, and does not ensure that the post to be updated belong to the plugin, allowing unauthenticated users to update arbitrary post metadata.

CVE ID : CVE-2024-0238
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/774655ac-b201-4d9f-8790-9eff8564bc91/ | source : contact@wpscan.com


Vulnerability ID : CVE-2024-0239

First published on : 16-01-2024 16:15:14
Last modified on : 16-01-2024 16:15:14

Description :
The Contact Form 7 Connector WordPress plugin before 1.2.3 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against administrators.

CVE ID : CVE-2024-0239
Source : contact@wpscan.com
CVSS Score : /

References :
https://wpscan.com/vulnerability/b9a4a3e3-7cdd-4354-8541-4219bd41c854/ | source : contact@wpscan.com


Source : cert.org

Vulnerability ID : CVE-2023-4969

First published on : 16-01-2024 17:15:08
Last modified on : 16-01-2024 18:15:10

Description :
A GPU kernel can read sensitive data from another GPU kernel (even from another user or app) through an optimized GPU memory region called _local memory_ on various architectures.

CVE ID : CVE-2023-4969
Source : cret@cert.org
CVSS Score : /

References :
https://blog.trailofbits.com | source : cret@cert.org
https://kb.cert.org/vuls/id/446598 | source : cret@cert.org
https://registry.khronos.org/OpenCL/specs/3.0-unified/html/OpenCL_API.html#_fundamental_memory_regions | source : cret@cert.org
https://registry.khronos.org/vulkan/specs/1.3-extensions/html/index.html | source : cret@cert.org
https://www.kb.cert.org/vuls/id/446598 | source : cret@cert.org


Source : atlassian.com

Vulnerability ID : CVE-2023-22502

First published on : 16-01-2024 18:15:08
Last modified on : 16-01-2024 18:15:08

Description :
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

CVE ID : CVE-2023-22502
Source : security@atlassian.com
CVSS Score : /

References :


Vulnerability ID : CVE-2023-22507

First published on : 16-01-2024 18:15:09
Last modified on : 16-01-2024 18:15:09

Description :
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

CVE ID : CVE-2023-22507
Source : security@atlassian.com
CVSS Score : /

References :


Vulnerability ID : CVE-2023-22510

First published on : 16-01-2024 18:15:09
Last modified on : 16-01-2024 18:15:09

Description :
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

CVE ID : CVE-2023-22510
Source : security@atlassian.com
CVSS Score : /

References :


Vulnerability ID : CVE-2023-22512

First published on : 16-01-2024 18:15:09
Last modified on : 16-01-2024 18:15:09

Description :
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

CVE ID : CVE-2023-22512
Source : security@atlassian.com
CVSS Score : /

References :


Vulnerability ID : CVE-2023-22514

First published on : 16-01-2024 18:15:09
Last modified on : 16-01-2024 18:15:09

Description :
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

CVE ID : CVE-2023-22514
Source : security@atlassian.com
CVSS Score : /

References :


Vulnerability ID : CVE-2023-22520

First published on : 16-01-2024 18:15:09
Last modified on : 16-01-2024 18:15:09

Description :
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

CVE ID : CVE-2023-22520
Source : security@atlassian.com
CVSS Score : /

References :


Vulnerability ID : CVE-2023-22525

First published on : 16-01-2024 18:15:09
Last modified on : 16-01-2024 18:15:09

Description :
Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used.

CVE ID : CVE-2023-22525
Source : security@atlassian.com
CVSS Score : /

References :


Source : fb.com

Vulnerability ID : CVE-2024-23347

First published on : 16-01-2024 18:15:11
Last modified on : 16-01-2024 18:15:11

Description :
Prior to v176, when opening a new project Meta Spark Studio would execute scripts defined inside of a package.json file included as part of that project. Those scripts would have the ability to execute arbitrary code on the system as the application.

CVE ID : CVE-2024-23347
Source : cve-assign@fb.com
CVSS Score : /

References :
https://www.facebook.com/security/advisories/cve-2024-23347 | source : cve-assign@fb.com


Source : google.com

Vulnerability ID : CVE-2024-0517

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2024-0517
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html | source : chrome-cve-admin@google.com
https://crbug.com/1515930 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2024-0518

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
Type confusion in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2024-0518
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html | source : chrome-cve-admin@google.com
https://crbug.com/1507412 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2024-0519

First published on : 16-01-2024 22:15:37
Last modified on : 16-01-2024 22:15:37

Description :
Out of bounds memory access in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2024-0519
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_16.html | source : chrome-cve-admin@google.com
https://crbug.com/1517354 | source : chrome-cve-admin@google.com


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.