Latest vulnerabilities [Tuesday, January 23, 2024]

Latest vulnerabilities [Tuesday, January 23, 2024]
{{titre}}

Last update performed on 01/23/2024 at 11:57:07 PM

(4) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : github.com

Vulnerability ID : CVE-2024-23636

First published on : 23-01-2024 18:15:19
Last modified on : 23-01-2024 19:40:11

Description :
SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to restrict deserialization of potentially dangerous classes for security protection. But, prior to version 5.12.0, there is a gadget chain that can bypass the SOFA Hessian blacklist protection mechanism, and this gadget chain only relies on JDK and does not rely on any third-party components. Version 5.12.0 fixed this issue by adding a blacklist. SOFARPC also provides a way to add additional blacklists. Users can add a class like `-Drpc_serialize_blacklist_override=org.apache.xpath.` to avoid this issue.

CVE ID : CVE-2024-23636
Source : security-advisories@github.com
CVSS Score : 9.8

References :
https://github.com/sofastack/sofa-rpc/commit/42d19b1b1d14a25aafd9ef7c219c04a19f90fc76 | source : security-advisories@github.com
https://github.com/sofastack/sofa-rpc/security/advisories/GHSA-7q8p-9953-pxvr | source : security-advisories@github.com

Vulnerability : CWE-502


Vulnerability ID : CVE-2024-22203

First published on : 23-01-2024 18:15:18
Last modified on : 23-01-2024 19:40:11

Description :
Whoogle Search is a self-hosted metasearch engine. In versions prior to 0.8.4, the `element` method in `app/routes.py` does not validate the user-controlled `src_type` and `element_url` variables and passes them to the `send` method which sends a GET request on lines 339-343 in `request.py`, which leads to a server-side request forgery. This issue allows for crafting GET requests to internal and external resources on behalf of the server. For example, this issue would allow for accessing resources on the internal network that the server has access to, even though these resources may not be accessible on the internet. This issue is fixed in version 0.8.4.

CVE ID : CVE-2024-22203
Source : security-advisories@github.com
CVSS Score : 9.1

References :
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/request.py#L339-L343 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L465-L490 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L466 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L476 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L479 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/commit/3a2e0b262e4a076a20416b45e6b6f23fd265aeda | source : security-advisories@github.com
https://securitylab.github.com/advisories/GHSL-2023-186_GHSL-2023-189_benbusby_whoogle-search/ | source : security-advisories@github.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2024-22205

First published on : 23-01-2024 18:15:18
Last modified on : 23-01-2024 19:40:11

Description :
Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `window` endpoint does not sanitize user-supplied input from the `location` variable and passes it to the `send` method which sends a `GET` request on lines 339-343 in `request.py,` which leads to a server-side request forgery. This issue allows for crafting GET requests to internal and external resources on behalf of the server. For example, this issue would allow for accessing resources on the internal network that the server has access to, even though these resources may not be accessible on the internet. This issue is fixed in version 0.8.4.

CVE ID : CVE-2024-22205
Source : security-advisories@github.com
CVSS Score : 9.1

References :
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/request.py#L339-L343 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L479 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L496-L557 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L497 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/commit/3a2e0b262e4a076a20416b45e6b6f23fd265aeda | source : security-advisories@github.com
https://securitylab.github.com/advisories/GHSL-2023-186_GHSL-2023-189_benbusby_whoogle-search/ | source : security-advisories@github.com

Vulnerability : CWE-918


Source : apache.org

Vulnerability ID : CVE-2023-49657

First published on : 23-01-2024 15:15:11
Last modified on : 23-01-2024 21:15:09

Description :
A stored cross-site scripting (XSS) vulnerability exists in Apache Superset before 3.0.3. An authenticated attacker with create/update permissions on charts or dashboards could store a script or add a specific HTML snippet that would act as a stored XSS. For 2.X versions, users should change their config to include: TALISMAN_CONFIG = { "content_security_policy": { "base-uri": ["'self'"], "default-src": ["'self'"], "img-src": ["'self'", "blob:", "data:"], "worker-src": ["'self'", "blob:"], "connect-src": [ "'self'", " https://api.mapbox.com" https://api.mapbox.com" ;, " https://events.mapbox.com" https://events.mapbox.com" ;, ], "object-src": "'none'", "style-src": [ "'self'", "'unsafe-inline'", ], "script-src": ["'self'", "'strict-dynamic'"], }, "content_security_policy_nonce_in": ["script-src"], "force_https": False, "session_cookie_secure": False, }

CVE ID : CVE-2023-49657
Source : security@apache.org
CVSS Score : 9.6

References :
http://www.openwall.com/lists/oss-security/2024/01/23/5 | source : security@apache.org
https://lists.apache.org/thread/wjyvz8om9nwd396lh0bt156mtwjxpsvx | source : security@apache.org

Vulnerability : CWE-79


(12) HIGH VULNERABILITIES [7.0, 8.9]

Source : hq.dhs.gov

Vulnerability ID : CVE-2023-6926

First published on : 23-01-2024 20:15:45
Last modified on : 23-01-2024 20:15:45

Description :
There is an OS command injection vulnerability in Crestron AM-300 firmware version 1.4499.00018 which may enable a user of a limited-access SSH session to escalate their privileges to root-level access.

CVE ID : CVE-2023-6926
Source : ics-cert@hq.dhs.gov
CVSS Score : 8.4

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-02 | source : ics-cert@hq.dhs.gov

Vulnerability : CWE-78


Vulnerability ID : CVE-2023-7238

First published on : 23-01-2024 20:15:45
Last modified on : 23-01-2024 20:15:45

Description :
A XSS payload can be uploaded as a DICOM study and when a user tries to view the infected study inside the Osimis WebViewer the XSS vulnerability gets triggered. If exploited, the attacker will be able to execute arbitrary JavaScript code inside the victim's browser.

CVE ID : CVE-2023-7238
Source : ics-cert@hq.dhs.gov
CVSS Score : 7.1

References :
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-023-01 | source : ics-cert@hq.dhs.gov

Vulnerability : CWE-79


Source : hpe.com

Vulnerability ID : CVE-2023-50274

First published on : 23-01-2024 17:15:09
Last modified on : 23-01-2024 19:40:11

Description :
HPE OneView may allow command injection with local privilege escalation.

CVE ID : CVE-2023-50274
Source : security-alert@hpe.com
CVSS Score : 7.8

References :
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04586en_us | source : security-alert@hpe.com


Vulnerability ID : CVE-2023-50275

First published on : 23-01-2024 17:15:10
Last modified on : 23-01-2024 19:40:11

Description :
HPE OneView may allow clusterService Authentication Bypass resulting in denial of service.

CVE ID : CVE-2023-50275
Source : security-alert@hpe.com
CVSS Score : 7.5

References :
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04586en_us | source : security-alert@hpe.com


Source : github.com

Vulnerability ID : CVE-2024-23342

First published on : 23-01-2024 00:15:26
Last modified on : 23-01-2024 13:44:14

Description :
The `ecdsa` PyPI package is a pure Python implementation of ECC (Elliptic Curve Cryptography) with support for ECDSA (Elliptic Curve Digital Signature Algorithm), EdDSA (Edwards-curve Digital Signature Algorithm) and ECDH (Elliptic Curve Diffie-Hellman). Versions 0.18.0 and prior are vulnerable to the Minerva attack. As of time of publication, no known patched version exists.

CVE ID : CVE-2024-23342
Source : security-advisories@github.com
CVSS Score : 7.4

References :
https://github.com/tlsfuzzer/python-ecdsa/blob/master/SECURITY.md | source : security-advisories@github.com
https://github.com/tlsfuzzer/python-ecdsa/security/advisories/GHSA-wj6h-64fc-37mp | source : security-advisories@github.com
https://minerva.crocs.fi.muni.cz/ | source : security-advisories@github.com
https://securitypitfalls.wordpress.com/2018/08/03/constant-time-compare-in-python/ | source : security-advisories@github.com

Vulnerability : CWE-203
Vulnerability : CWE-208
Vulnerability : CWE-385


Vulnerability ID : CVE-2024-23345

First published on : 23-01-2024 00:15:26
Last modified on : 23-01-2024 13:44:14

Description :
Nautobot is a Network Source of Truth and Network Automation Platform built as a web application. All users of Nautobot versions earlier than 1.6.10 or 2.1.2 are potentially impacted by a cross-site scripting vulnerability. Due to inadequate input sanitization, any user-editable fields that support Markdown rendering, including are potentially susceptible to cross-site scripting (XSS) attacks via maliciously crafted data. This issue is fixed in Nautobot versions 1.6.10 and 2.1.2.

CVE ID : CVE-2024-23345
Source : security-advisories@github.com
CVSS Score : 7.1

References :
https://github.com/nautobot/nautobot/commit/17effcbe84a72150c82b138565c311bbee357e80 | source : security-advisories@github.com
https://github.com/nautobot/nautobot/commit/64312a4297b5ca49b6cdedf477e41e8e4fd61cce | source : security-advisories@github.com
https://github.com/nautobot/nautobot/pull/5133 | source : security-advisories@github.com
https://github.com/nautobot/nautobot/pull/5134 | source : security-advisories@github.com
https://github.com/nautobot/nautobot/security/advisories/GHSA-v4xv-795h-rv4h | source : security-advisories@github.com

Vulnerability : CWE-79


Source : krcert.or.kr

Vulnerability ID : CVE-2024-22768

First published on : 23-01-2024 05:15:08
Last modified on : 23-01-2024 13:44:00

Description :
Improper Input Validation in Hitron Systems DVR HVR-4781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.

CVE ID : CVE-2024-22768
Source : vuln@krcert.or.kr
CVSS Score : 7.4

References :
http://www.hitron.co.kr/firmware/ | source : vuln@krcert.or.kr

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-22769

First published on : 23-01-2024 05:15:08
Last modified on : 23-01-2024 13:44:00

Description :
Improper Input Validation in Hitron Systems DVR HVR-8781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.

CVE ID : CVE-2024-22769
Source : vuln@krcert.or.kr
CVSS Score : 7.4

References :
http://www.hitron.co.kr/firmware/ | source : vuln@krcert.or.kr

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-22770

First published on : 23-01-2024 05:15:09
Last modified on : 23-01-2024 13:43:53

Description :
Improper Input Validation in Hitron Systems DVR HVR-16781 1.03~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.

CVE ID : CVE-2024-22770
Source : vuln@krcert.or.kr
CVSS Score : 7.4

References :
http://www.hitron.co.kr/firmware/ | source : vuln@krcert.or.kr

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-22771

First published on : 23-01-2024 05:15:09
Last modified on : 23-01-2024 13:43:53

Description :
Improper Input Validation in Hitron Systems DVR LGUVR-4H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.

CVE ID : CVE-2024-22771
Source : vuln@krcert.or.kr
CVSS Score : 7.4

References :
http://www.hitron.co.kr/firmware/ | source : vuln@krcert.or.kr

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-22772

First published on : 23-01-2024 05:15:09
Last modified on : 23-01-2024 13:43:53

Description :
Improper Input Validation in Hitron Systems DVR LGUVR-8H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.

CVE ID : CVE-2024-22772
Source : vuln@krcert.or.kr
CVSS Score : 7.4

References :
http://www.hitron.co.kr/firmware/ | source : vuln@krcert.or.kr

Vulnerability : CWE-20


Vulnerability ID : CVE-2024-23842

First published on : 23-01-2024 05:15:10
Last modified on : 23-01-2024 13:43:53

Description :
Improper Input Validation in Hitron Systems DVR LGUVR-16H 1.02~4.02 allows an attacker to cause network attack in case of using defalut admin ID/PW.

CVE ID : CVE-2024-23842
Source : vuln@krcert.or.kr
CVSS Score : 7.4

References :
http://www.hitron.co.kr/firmware/ | source : vuln@krcert.or.kr

Vulnerability : CWE-20


(12) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : wordfence.com

Vulnerability ID : CVE-2024-0587

First published on : 23-01-2024 07:15:52
Last modified on : 23-01-2024 13:43:53

Description :
The AMP for WP โ€“ Accelerated Mobile Pages plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'disqus_name' parameter in all versions up to, and including, 1.0.92.1 due to insufficient input sanitization and output escaping on the executed JS file. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.

CVE ID : CVE-2024-0587
Source : security@wordfence.com
CVSS Score : 6.1

References :
https://plugins.trac.wordpress.org/changeset/3024147/accelerated-mobile-pages/trunk/includes/disqus.html | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/85ca96a6-7992-424b-8b88-9a0751925223?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-0703

First published on : 23-01-2024 11:15:08
Last modified on : 23-01-2024 13:43:53

Description :
The Sticky Buttons โ€“ floating buttons builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via sticky URLs in all versions up to, and including, 3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

CVE ID : CVE-2024-0703
Source : security@wordfence.com
CVSS Score : 4.4

References :
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3024941%40sticky-buttons&new=3024941%40sticky-buttons&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/b3c070be-e955-4076-9878-0b1044766397?source=cve | source : security@wordfence.com


Source : github.com

Vulnerability ID : CVE-2024-22417

First published on : 23-01-2024 18:15:18
Last modified on : 23-01-2024 19:40:11

Description :
Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `element` method in `app/routes.py` does not validate the user-controlled `src_type` and `element_url` variables and passes them to the `send` method which sends a `GET` request on lines 339-343 in `requests.py`. The returned contents of the URL are then passed to and reflected back to the user in the `send_file` function on line 484, together with the user-controlled `src_type`, which allows the attacker to control the HTTP response content type leading to a cross-site scripting vulnerability. An attacker could craft a special URL to point to a malicious website and send the link to a victim. The fact that the link would contain a trusted domain (e.g. from one of public Whoogle instances) could be used to trick the user into clicking the link.The malicious website could, for example, be a copy of a real website, meant to steal a personโ€™s credentials to the website, or trick that person in another way. Version 0.8.4 contains a patch for this issue.

CVE ID : CVE-2024-22417
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/request.py#L339-L343 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L465-L490 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L466 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L476 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L479 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L484C6-L484C7 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/commit/3a2e0b262e4a076a20416b45e6b6f23fd265aeda | source : security-advisories@github.com
https://securitylab.github.com/advisories/GHSL-2023-186_GHSL-2023-189_benbusby_whoogle-search/ | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-23341

First published on : 23-01-2024 18:15:19
Last modified on : 23-01-2024 19:40:11

Description :
TuiTse-TsuSin is a package for organizing the comparative corpus of Taiwanese Chinese characters and Roman characters, and extracting sentences of the Taiwanese Chinese characters and the Roman characters. Prior to version 1.3.2, when using `tuitse_html` without quoting the input, there is a html injection vulnerability. Version 1.3.2 contains a patch for the issue. As a workaround, sanitize Taigi input with HTML quotation.

CVE ID : CVE-2024-23341
Source : security-advisories@github.com
CVSS Score : 6.1

References :
https://github.com/i3thuan5/TuiTse-TsuSin/commit/9d21d99d7cfcd7c42aade251fab98ec102e730ea | source : security-advisories@github.com
https://github.com/i3thuan5/TuiTse-TsuSin/pull/22 | source : security-advisories@github.com
https://github.com/i3thuan5/TuiTse-TsuSin/security/advisories/GHSA-m4m5-j36m-8x72 | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2023-44401

First published on : 23-01-2024 14:15:37
Last modified on : 23-01-2024 15:47:28

Description :
The Silverstripe CMS GraphQL Server serves Silverstripe data as GraphQL representations. In versions 4.0.0 prior to 4.3.7 and 5.0.0 prior to 5.1.3, `canView` permission checks are bypassed for ORM data in paginated GraphQL query results where the total number of records is greater than the number of records per page. Note that this also affects GraphQL queries which have a limit applied, even if the query isnโ€™t paginated per se. This has been fixed in versions 4.3.7 and 5.1.3 by ensuring no new records are pulled in from the database after performing `canView` permission checks for each page of results. This may result in some pages in the query results having less than the maximum number of records per page even when there are more pages of results. This behavior is consistent with how pagination works in other areas of Silverstripe CMS, such as in `GridField`, and is a result of having to perform permission checks in PHP rather than in the database directly. One may disable these permission checks by disabling the `CanViewPermission` plugin.

CVE ID : CVE-2023-44401
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/silverstripe/silverstripe-graphql/security/advisories/GHSA-jgph-w8rh-xf5p | source : security-advisories@github.com
https://www.silverstripe.org/download/security-releases/CVE-2023-44401 | source : security-advisories@github.com

Vulnerability : CWE-863


Vulnerability ID : CVE-2024-22204

First published on : 23-01-2024 18:15:18
Last modified on : 23-01-2024 19:40:11

Description :
Whoogle Search is a self-hosted metasearch engine. Versions 0.8.3 and prior have a limited file write vulnerability when the configuration options in Whoogle are enabled. The `config` function in `app/routes.py` does not validate the user-controlled `name` variable on line 447 and `config_data` variable on line 437. The `name` variable is insecurely concatenated in `os.path.join`, leading to path manipulation. The POST data from the `config_data` variable is saved with `pickle.dump` which leads to a limited file write. However, the data that is saved is earlier transformed into a dictionary and the `url` key value pair is added before the file is saved on the system. All in all, the issue allows us to save and overwrite files on the system that the application has permissions to, with a dictionary containing arbitrary data and the `url` key value, which is a limited file write. Version 0.8.4 contains a patch for this issue.

CVE ID : CVE-2024-22204
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L419-L452 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L437 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L444 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/blob/92e8ede24e9277a5440d403f75877209f1269884/app/routes.py#L447 | source : security-advisories@github.com
https://github.com/benbusby/whoogle-search/commit/3a2e0b262e4a076a20416b45e6b6f23fd265aeda | source : security-advisories@github.com
https://securitylab.github.com/advisories/GHSL-2023-186_GHSL-2023-189_benbusby_whoogle-search/ | source : security-advisories@github.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2024-23330

First published on : 23-01-2024 18:15:19
Last modified on : 23-01-2024 19:40:11

Description :
Tuta is an encrypted email service. In versions prior to 119.10, an attacker can attach an image in a html mail which is loaded from external resource in the default setting, which should prevent loading of external resources. When displaying emails containing external content, they should be loaded by default only after confirmation by the user. However, it could be recognized that certain embedded images (see PoC) are loaded, even though the "Automatic Reloading of Images" function is disabled by default. The reloading is also done unencrypted via HTTP and redirections are followed. This behavior is unexpected for the user, since the user assumes that external content will only be loaded after explicit manual confirmation. The loading of external content in e-mails represents a risk, because this makes the sender aware that the e-mail address is used, when the e-mail was read, which device is used and expose the user's IP address. Version 119.10 contains a patch for this issue.

CVE ID : CVE-2024-23330
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/tutao/tutanota/security/advisories/GHSA-32w8-v5fc-vpp7 | source : security-advisories@github.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2023-48714

First published on : 23-01-2024 14:15:37
Last modified on : 23-01-2024 15:47:28

Description :
Silverstripe Framework is the framework that forms the base of the Silverstripe content management system. Prior to versions 4.13.39 and 5.1.11, if a user should not be able to see a record, but that record can be added to a `GridField` using the `GridFieldAddExistingAutocompleter` component, the record's title can be accessed by that user. Versions 4.13.39 and 5.1.11 contain a fix for this issue.

CVE ID : CVE-2023-48714
Source : security-advisories@github.com
CVSS Score : 4.3

References :
https://github.com/silverstripe/silverstripe-framework/security/advisories/GHSA-qm2j-qvq3-j29v | source : security-advisories@github.com
https://www.silverstripe.org/download/security-releases/CVE-2023-48714 | source : security-advisories@github.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-49783

First published on : 23-01-2024 14:15:37
Last modified on : 23-01-2024 15:47:28

Description :
Silverstripe Admin provides a basic management interface for the Silverstripe Framework. In versions on the 1.x branch prior to 1.13.19 and on the 2.x branch prior to 2.1.8, users who don't have edit or delete permissions for records exposed in a `ModelAdmin` can still edit or delete records using the CSV import form, provided they have create permissions. The likelihood of a user having create permissions but not having edit or delete permissions is low, but it is possible. Note that this doesn't affect any `ModelAdmin` which has had the import form disabled via the `showImportForm` public property. Versions 1.13.19 and 2.1.8 contain a patch for the issue. Those who have a custom implementation of `BulkLoader` should update their implementations to respect permissions when the return value of `getCheckPermissions()` is true. Those who use any `BulkLoader` in their own project logic, or maintain a module which uses it, should consider passing `true` to `setCheckPermissions()` if the data is provided by users.

CVE ID : CVE-2023-49783
Source : security-advisories@github.com
CVSS Score : 4.3

References :
https://github.com/silverstripe/silverstripe-admin/security/advisories/GHSA-j3m6-gvm8-mhvw | source : security-advisories@github.com
https://www.silverstripe.org/download/security-releases/CVE-2023-49783 | source : security-advisories@github.com

Vulnerability : CWE-863


Source : hq.dhs.gov

Vulnerability ID : CVE-2023-7237

First published on : 23-01-2024 22:15:16
Last modified on : 23-01-2024 22:15:16

Description :
Lantronix XPort sends weakly encoded credentials within web request headers.

CVE ID : CVE-2023-7237
Source : ics-cert@hq.dhs.gov
CVSS Score : 5.7

References :
https://www.cisa.gov/news-events/ics-advisories/icsa-24-023-05 | source : ics-cert@hq.dhs.gov
https://www.lantronix.com/products/xport-edge/ | source : ics-cert@hq.dhs.gov

Vulnerability : CWE-261


Source : hpe.com

Vulnerability ID : CVE-2023-6573

First published on : 23-01-2024 18:15:18
Last modified on : 23-01-2024 19:40:11

Description :
HPE OneView may have a missing passphrase during restore.

CVE ID : CVE-2023-6573
Source : security-alert@hpe.com
CVSS Score : 5.5

References :
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04586en_us | source : security-alert@hpe.com


Source : redhat.com

Vulnerability ID : CVE-2023-39197

First published on : 23-01-2024 03:15:11
Last modified on : 23-01-2024 13:44:00

Description :
An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol.

CVE ID : CVE-2023-39197
Source : secalert@redhat.com
CVSS Score : 4.0

References :
https://access.redhat.com/security/cve/CVE-2023-39197 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2218342 | source : secalert@redhat.com

Vulnerability : CWE-125


(0) LOW VULNERABILITIES [0.1, 3.9]

(107) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : apple.com

Vulnerability ID : CVE-2023-40528

First published on : 23-01-2024 01:15:09
Last modified on : 23-01-2024 14:15:37

Description :
This issue was addressed by removing the vulnerable code. This issue is fixed in tvOS 17, watchOS 10, macOS Sonoma 14, iOS 17 and iPadOS 17, macOS Ventura 13.6.4. An app may be able to bypass Privacy preferences.

CVE ID : CVE-2023-40528
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT213936 | source : product-security@apple.com
https://support.apple.com/en-us/HT213937 | source : product-security@apple.com
https://support.apple.com/en-us/HT213938 | source : product-security@apple.com
https://support.apple.com/en-us/HT213940 | source : product-security@apple.com
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/kb/HT213936 | source : product-security@apple.com
https://support.apple.com/kb/HT213937 | source : product-security@apple.com
https://support.apple.com/kb/HT213938 | source : product-security@apple.com
https://support.apple.com/kb/HT213940 | source : product-security@apple.com


Vulnerability ID : CVE-2023-42881

First published on : 23-01-2024 01:15:09
Last modified on : 23-01-2024 13:44:14

Description :
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Processing a file may lead to unexpected app termination or arbitrary code execution.

CVE ID : CVE-2023-42881
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214036 | source : product-security@apple.com


Vulnerability ID : CVE-2023-42887

First published on : 23-01-2024 01:15:09
Last modified on : 23-01-2024 14:15:37

Description :
An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ventura 13.6.4, macOS Sonoma 14.2. An app may be able to read arbitrary files.

CVE ID : CVE-2023-42887
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214036 | source : product-security@apple.com
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/kb/HT214036 | source : product-security@apple.com


Vulnerability ID : CVE-2023-42888

First published on : 23-01-2024 01:15:09
Last modified on : 23-01-2024 14:15:37

Description :
The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. Processing a maliciously crafted image may result in disclosure of process memory.

CVE ID : CVE-2023-42888
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214035 | source : product-security@apple.com
https://support.apple.com/en-us/HT214036 | source : product-security@apple.com
https://support.apple.com/en-us/HT214041 | source : product-security@apple.com
https://support.apple.com/en-us/HT214057 | source : product-security@apple.com
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com
https://support.apple.com/kb/HT214035 | source : product-security@apple.com
https://support.apple.com/kb/HT214036 | source : product-security@apple.com
https://support.apple.com/kb/HT214041 | source : product-security@apple.com


Vulnerability ID : CVE-2023-42915

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 14:15:37

Description :
Multiple issues were addressed by updating to curl version 8.4.0. This issue is fixed in macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 16.7.5 and iPadOS 16.7.5. Multiple issues in curl.

CVE ID : CVE-2023-42915
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214036 | source : product-security@apple.com
https://support.apple.com/en-us/HT214057 | source : product-security@apple.com
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com
https://support.apple.com/kb/HT214036 | source : product-security@apple.com


Vulnerability ID : CVE-2023-42935

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 13:44:14

Description :
An authentication issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.6.4. A local attacker may be able to view the previous logged in userโ€™s desktop from the fast user switching screen.

CVE ID : CVE-2023-42935
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/kb/HT213984 | source : product-security@apple.com


Vulnerability ID : CVE-2023-42937

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 14:15:37

Description :
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, watchOS 10.2, macOS Ventura 13.6.4, macOS Sonoma 14.2, macOS Monterey 12.7.3, iOS 17.2 and iPadOS 17.2. An app may be able to access sensitive user data.

CVE ID : CVE-2023-42937
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214035 | source : product-security@apple.com
https://support.apple.com/en-us/HT214036 | source : product-security@apple.com
https://support.apple.com/en-us/HT214041 | source : product-security@apple.com
https://support.apple.com/en-us/HT214057 | source : product-security@apple.com
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com
https://support.apple.com/kb/HT214035 | source : product-security@apple.com
https://support.apple.com/kb/HT214036 | source : product-security@apple.com
https://support.apple.com/kb/HT214041 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23203

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 13:44:14

Description :
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.

CVE ID : CVE-2024-23203
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23204

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 13:44:00

Description :
The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. A shortcut may be able to use sensitive data with certain actions without prompting the user.

CVE ID : CVE-2024-23204
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23206

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 13:44:00

Description :
An access issue was addressed with improved access restrictions. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A maliciously crafted webpage may be able to fingerprint the user.

CVE ID : CVE-2024-23206
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214056 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23207

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 13:44:00

Description :
This issue was addressed with improved redaction of sensitive information. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to access sensitive user data.

CVE ID : CVE-2024-23207
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214057 | source : product-security@apple.com
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23208

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 13:44:00

Description :
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2024-23208
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23209

First published on : 23-01-2024 01:15:10
Last modified on : 23-01-2024 13:44:00

Description :
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2024-23209
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23210

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to view a user's phone number in system logs.

CVE ID : CVE-2024-23210
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23211

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
A privacy issue was addressed with improved handling of user preferences. This issue is fixed in watchOS 10.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. A user's private browsing activity may be visible in Settings.

CVE ID : CVE-2024-23211
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214056 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23212

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, macOS Ventura 13.6.4, macOS Monterey 12.7.3. An app may be able to execute arbitrary code with kernel privileges.

CVE ID : CVE-2024-23212
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214057 | source : product-security@apple.com
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23213

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3. Processing web content may lead to arbitrary code execution.

CVE ID : CVE-2024-23213
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214056 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23214

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, iOS 17.3 and iPadOS 17.3. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE ID : CVE-2024-23214
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23215

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access user-sensitive data.

CVE ID : CVE-2024-23215
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23217

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, iOS 17.3 and iPadOS 17.3. An app may be able to bypass certain Privacy preferences.

CVE ID : CVE-2024-23217
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23218

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.

CVE ID : CVE-2024-23218
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23219

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
The issue was addressed with improved authentication. This issue is fixed in iOS 17.3 and iPadOS 17.3. Stolen Device Protection may be unexpectedly disabled.

CVE ID : CVE-2024-23219
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23222

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
A type confusion issue was addressed with improved checks. This issue is fixed in tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, iOS 16.7.5 and iPadOS 16.7.5, Safari 17.3, macOS Ventura 13.6.4, macOS Monterey 12.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited.

CVE ID : CVE-2024-23222
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214056 | source : product-security@apple.com
https://support.apple.com/en-us/HT214057 | source : product-security@apple.com
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com
https://support.apple.com/en-us/HT214063 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23223

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An app may be able to access sensitive user data.

CVE ID : CVE-2024-23223
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214055 | source : product-security@apple.com
https://support.apple.com/en-us/HT214059 | source : product-security@apple.com
https://support.apple.com/en-us/HT214060 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Vulnerability ID : CVE-2024-23224

First published on : 23-01-2024 01:15:11
Last modified on : 23-01-2024 13:44:00

Description :
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.3, macOS Ventura 13.6.4. An app may be able to access sensitive user data.

CVE ID : CVE-2024-23224
Source : product-security@apple.com
CVSS Score : /

References :
https://support.apple.com/en-us/HT214058 | source : product-security@apple.com
https://support.apple.com/en-us/HT214061 | source : product-security@apple.com


Source : mitre.org

Vulnerability ID : CVE-2024-23848

First published on : 23-01-2024 09:15:35
Last modified on : 23-01-2024 13:43:53

Description :
In the Linux kernel through 6.7.1, there is a use-after-free in cec_queue_msg_fh, related to drivers/media/cec/core/cec-adap.c and drivers/media/cec/core/cec-api.c.

CVE ID : CVE-2024-23848
Source : cve@mitre.org
CVSS Score : /

References :
https://lore.kernel.org/lkml/e9f42704-2f99-4f2c-ade5-f952e5fd53e5%40xs4all.nl/ | source : cve@mitre.org


Vulnerability ID : CVE-2024-23849

First published on : 23-01-2024 09:15:36
Last modified on : 23-01-2024 13:43:53

Description :
In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.

CVE ID : CVE-2024-23849
Source : cve@mitre.org
CVSS Score : /

References :
https://lore.kernel.org/netdev/1705715319-19199-1-git-send-email-sharath.srinivasan%40oracle.com/ | source : cve@mitre.org
https://lore.kernel.org/netdev/CALGdzuoVdq-wtQ4Az9iottBqC5cv9ZhcE5q8N7LfYFvkRsOVcw%40mail.gmail.com | source : cve@mitre.org


Vulnerability ID : CVE-2024-23850

First published on : 23-01-2024 09:15:36
Last modified on : 23-01-2024 13:43:53

Description :
In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation.

CVE ID : CVE-2024-23850
Source : cve@mitre.org
CVSS Score : /

References :
https://lore.kernel.org/all/6a80cb4b32af89787dadee728310e5e2ca85343f.1705741883.git.wqu%40suse.com/ | source : cve@mitre.org
https://lore.kernel.org/lkml/CALGdzuo6awWdau3X=8XK547x2vX_-VoFmH1aPsqosRTQ5WzJVA%40mail.gmail.com/ | source : cve@mitre.org


Vulnerability ID : CVE-2024-23851

First published on : 23-01-2024 09:15:36
Last modified on : 23-01-2024 13:43:53

Description :
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl.

CVE ID : CVE-2024-23851
Source : cve@mitre.org
CVSS Score : /

References :
https://www.spinics.net/lists/dm-devel/msg56574.html | source : cve@mitre.org
https://www.spinics.net/lists/dm-devel/msg56694.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-46343

First published on : 23-01-2024 10:15:10
Last modified on : 23-01-2024 13:43:53

Description :
In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c.

CVE ID : CVE-2023-46343
Source : cve@mitre.org
CVSS Score : /

References :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.5.9 | source : cve@mitre.org
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=7937609cd387246aed994e81aa4fa951358fba41 | source : cve@mitre.org
https://github.com/torvalds/linux/commit/7937609cd387246aed994e81aa4fa951358fba41 | source : cve@mitre.org
https://lore.kernel.org/netdev/20231013184129.18738-1-krzysztof.kozlowski%40linaro.org/T/#r38bdbaf8ae15305b77f6c5bc8e15d38f405623c7 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51042

First published on : 23-01-2024 11:15:08
Last modified on : 23-01-2024 13:43:53

Description :
In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.

CVE ID : CVE-2023-51042
Source : cve@mitre.org
CVSS Score : /

References :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.12 | source : cve@mitre.org
https://github.com/torvalds/linux/commit/2e54154b9f27262efd0cb4f903cc7d5ad1fe9628 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51043

First published on : 23-01-2024 11:15:08
Last modified on : 23-01-2024 13:43:53

Description :
In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload.

CVE ID : CVE-2023-51043
Source : cve@mitre.org
CVSS Score : /

References :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.4.5 | source : cve@mitre.org
https://github.com/torvalds/linux/commit/4e076c73e4f6e90816b30fcd4a0d7ab365087255 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22076

First published on : 23-01-2024 11:15:09
Last modified on : 23-01-2024 13:43:53

Description :
MyQ Print Server before 8.2 patch 43 allows Unauthenticated Remote Code Execution.

CVE ID : CVE-2024-22076
Source : cve@mitre.org
CVSS Score : /

References :
https://docs.myq-solution.com/en/print-server/8.2/ | source : cve@mitre.org
https://docs.myq-solution.com/en/print-server/8.2/technical-changelog#id-%288.2%29ReleaseNotes-8.2%28Patch43%29 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22705

First published on : 23-01-2024 11:15:09
Last modified on : 23-01-2024 13:43:53

Description :
An issue was discovered in ksmbd in the Linux kernel before 6.6.10. smb2_get_data_area_len in fs/smb/server/smb2misc.c can cause an smb_strndup_from_utf16 out-of-bounds access because the relationship between Name data and CreateContexts data is mishandled.

CVE ID : CVE-2024-22705
Source : cve@mitre.org
CVSS Score : /

References :
https://cdn.kernel.org/pub/linux/kernel/v6.x/ChangeLog-6.6.10 | source : cve@mitre.org
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d10c77873ba1e9e6b91905018e29e196fd5f863d | source : cve@mitre.org


Vulnerability ID : CVE-2024-22660

First published on : 23-01-2024 15:15:11
Last modified on : 23-01-2024 15:47:28

Description :
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg

CVE ID : CVE-2024-22660
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Covteam/iot_vuln/tree/main/setLanguageCfg | source : cve@mitre.org


Vulnerability ID : CVE-2024-22662

First published on : 23-01-2024 15:15:11
Last modified on : 23-01-2024 15:47:28

Description :
TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules

CVE ID : CVE-2024-22662
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Covteam/iot_vuln/tree/main/setParentalRules | source : cve@mitre.org


Vulnerability ID : CVE-2024-22663

First published on : 23-01-2024 15:15:11
Last modified on : 23-01-2024 15:47:28

Description :
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg

CVE ID : CVE-2024-22663
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Covteam/iot_vuln/tree/main/setOpModeCfg2 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22490

First published on : 23-01-2024 17:15:10
Last modified on : 23-01-2024 19:40:11

Description :
Cross Site Scripting (XSS) vulnerability in beetl-bbs 2.0 allows attackers to run arbitrary code via the /index keyword parameter.

CVE ID : CVE-2024-22490
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cui2shark/security/blob/main/beetl-bbs%20-%20A%20reflected%20cross-site%20scripting%20%28XSS%29%20vulnerability%20was%20discovered%20in%20the%20search%20box.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-22496

First published on : 23-01-2024 17:15:10
Last modified on : 23-01-2024 19:40:11

Description :
Cross Site Scripting (XSS) vulnerability in JFinalcms 5.0.0 allows attackers to run arbitrary code via the /admin/login username parameter.

CVE ID : CVE-2024-22496
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-username%29%20.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-45889

First published on : 23-01-2024 18:15:18
Last modified on : 23-01-2024 19:40:11

Description :
A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10.8 allows remote attackers to inject JavaScript into any webpage. NOTE: this issue exists because of an incomplete fix for CVE-2022-48612.

CVE ID : CVE-2023-45889
Source : cve@mitre.org
CVSS Score : /

References :
https://blog.zerdle.net/classlink/ | source : cve@mitre.org
https://blog.zerdle.net/classlink2/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-51210

First published on : 23-01-2024 19:15:08
Last modified on : 23-01-2024 19:40:11

Description :
SQL injection vulnerability in Webkul Bundle Product 6.0.1 allows a remote attacker to execute arbitrary code via the id_product parameters in the UpdateProductQuantity function.

CVE ID : CVE-2023-51210
Source : cve@mitre.org
CVSS Score : /

References :
https://medium.com/%40nasir.synack/uncovering-critical-vulnerability-cve-2023-51210-in-prestashop-plugin-bundle-product-pack-ad7fb08bdc91 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22497

First published on : 23-01-2024 19:15:08
Last modified on : 23-01-2024 19:40:11

Description :
Cross Site Scripting (XSS) vulnerability in /admin/login password parameter in JFinalcms 5.0.0 allows attackers to run arbitrary code via crafted URL.

CVE ID : CVE-2024-22497
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cui2shark/security/blob/main/%28JFinalcms%20admin-login-password%29%20.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-42143

First published on : 23-01-2024 20:15:45
Last modified on : 23-01-2024 20:15:45

Description :
Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to create a backdoor by redirecting the device to an attacker-controlled machine which serves the manipulated firmware file. The device is updated with the manipulated firmware.

CVE ID : CVE-2023-42143
Source : cve@mitre.org
CVSS Score : /

References :
https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219 | source : cve@mitre.org


Vulnerability ID : CVE-2023-42144

First published on : 23-01-2024 20:15:45
Last modified on : 23-01-2024 20:15:45

Description :
Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local attacker to obtain the Wi-Fi password.

CVE ID : CVE-2023-42144
Source : cve@mitre.org
CVSS Score : /

References :
https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46889

First published on : 23-01-2024 20:15:45
Last modified on : 23-01-2024 20:15:45

Description :
Meross MSH30Q 4.5.23 is vulnerable to Cleartext Transmission of Sensitive Information. During the device setup phase, the MSH30Q creates an unprotected Wi-Fi access point. In this phase, MSH30Q needs to connect to the Internet through a Wi-Fi router. This is why MSH30Q asks for the Wi-Fi network name (SSID) and the Wi-Fi network password. When the user enters the password, the transmission of the Wi-Fi password and name between the MSH30Q and mobile application is observed in the Wi-Fi network. Although the Wi-Fi password is encrypted, a part of the decryption algorithm is public so we complemented the missing parts to decrypt it.

CVE ID : CVE-2023-46889
Source : cve@mitre.org
CVSS Score : /

References :
https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219 | source : cve@mitre.org


Vulnerability ID : CVE-2023-46892

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
The radio frequency communication protocol being used by Meross MSH30Q 4.5.23 is vulnerable to replay attacks, allowing attackers to record and replay previously captured communication to execute unauthorized commands or actions (e.g., thermostat's temperature).

CVE ID : CVE-2023-46892
Source : cve@mitre.org
CVSS Score : /

References :
https://www.kth.se/cs/nse/research/software-systems-architecture-and-security/projects/ethical-hacking-1.1279219 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51200

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
An issue in the default configurations of ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows unauthenticated attackers to authenticate using default credentials.

CVE ID : CVE-2023-51200
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/16yashpatel/CVE-2023-51200 | source : cve@mitre.org


Vulnerability ID : CVE-2021-42142

First published on : 23-01-2024 22:15:16
Last modified on : 23-01-2024 22:15:16

Description :
An issue was discovered in Contiki-NG tinyDTLS through master branch 53a0d97. DTLS servers mishandle the early use of a large epoch number. This vulnerability allows remote attackers to cause a denial of service and false-positive packet drops.

CVE ID : CVE-2021-42142
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/contiki-ng/tinydtls/issues/24 | source : cve@mitre.org
https://seclists.org/fulldisclosure/2024/Jan/15 | source : cve@mitre.org


Vulnerability ID : CVE-2023-31654

First published on : 23-01-2024 22:15:16
Last modified on : 23-01-2024 22:15:16

Description :
Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c.

CVE ID : CVE-2023-31654
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/RedisLabs/redisraft/issues/600 | source : cve@mitre.org
https://seclists.org/fulldisclosure/2024/Jan/13 | source : cve@mitre.org


Vulnerability ID : CVE-2023-36177

First published on : 23-01-2024 22:15:16
Last modified on : 23-01-2024 22:15:16

Description :
An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API.

CVE ID : CVE-2023-36177
Source : cve@mitre.org
CVSS Score : /

References :
http://snapcast.com | source : cve@mitre.org
https://oxnan.com/posts/Snapcast_jsonrpc_rce | source : cve@mitre.org


Vulnerability ID : CVE-2023-51199

First published on : 23-01-2024 22:15:16
Last modified on : 23-01-2024 22:15:16

Description :
Buffer Overflow vulnerability in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to run arbitrary code or cause a denial of service via improper handling of arrays or strings.

CVE ID : CVE-2023-51199
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/16yashpatel/CVE-2023-51199 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51201

First published on : 23-01-2024 22:15:16
Last modified on : 23-01-2024 22:15:16

Description :
Cleartext Transmission issue in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to access sensitive information via a man-in-the-middle attack.

CVE ID : CVE-2023-51201
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/16yashpatel/CVE-2023-51201 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51208

First published on : 23-01-2024 22:15:16
Last modified on : 23-01-2024 22:15:16

Description :
An Arbitrary File Upload vulnerability in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to run arbitrary code and cause other impacts via upload of crafted file.

CVE ID : CVE-2023-51208
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/16yashpatel/CVE-2023-51208 | source : cve@mitre.org


Source : jpcert.or.jp

Vulnerability ID : CVE-2024-23180

First published on : 23-01-2024 10:15:10
Last modified on : 23-01-2024 13:43:53

Description :
Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute arbitrary code by uploading a specially crafted SVG file.

CVE ID : CVE-2024-23180
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://developer.a-blogcms.jp/blog/news/JVN-34565930.html | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN34565930/ | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2024-23181

First published on : 23-01-2024 10:15:10
Last modified on : 23-01-2024 13:43:53

Description :
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote unauthenticated attacker to execute an arbitrary script on the logged-in user's web browser.

CVE ID : CVE-2024-23181
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://developer.a-blogcms.jp/blog/news/JVN-34565930.html | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN34565930/ | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2024-23182

First published on : 23-01-2024 10:15:10
Last modified on : 23-01-2024 13:43:53

Description :
Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to delete arbitrary files on the server.

CVE ID : CVE-2024-23182
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://developer.a-blogcms.jp/blog/news/JVN-34565930.html | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN34565930/ | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2024-23183

First published on : 23-01-2024 10:15:10
Last modified on : 23-01-2024 13:43:53

Description :
Cross-site scripting vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute an arbitrary script on the logged-in user's web browser.

CVE ID : CVE-2024-23183
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://developer.a-blogcms.jp/blog/news/JVN-34565930.html | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN34565930/ | source : vultures@jpcert.or.jp


Vulnerability ID : CVE-2024-23348

First published on : 23-01-2024 10:15:10
Last modified on : 23-01-2024 13:43:53

Description :
Improper input validation vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7, Ver.3.0.x series versions prior to Ver.3.0.29, Ver.2.11.x series versions prior to Ver.2.11.58, Ver.2.10.x series versions prior to Ver.2.10.50, and Ver.2.9.0 and earlier allows a remote authenticated attacker to execute arbitrary JavaScript code by uploading a specially crafted SVG file.

CVE ID : CVE-2024-23348
Source : vultures@jpcert.or.jp
CVSS Score : /

References :
https://developer.a-blogcms.jp/blog/news/JVN-34565930.html | source : vultures@jpcert.or.jp
https://jvn.jp/en/jp/JVN34565930/ | source : vultures@jpcert.or.jp


Source : mozilla.org

Vulnerability ID : CVE-2024-0741

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0741
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1864587 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0742

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0742
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1867152 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0743

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
An unchecked return value in TLS handshake code could have caused a potentially exploitable crash. This vulnerability affects Firefox < 122.

CVE ID : CVE-2024-0743
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1867408 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0744

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
In some circumstances, JIT compiled code could have dereferenced a wild pointer value. This could have led to an exploitable crash. This vulnerability affects Firefox < 122.

CVE ID : CVE-2024-0744
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1871089 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0745

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
The WebAudio `OscillatorNode` object was susceptible to a stack buffer overflow. This could have led to a potentially exploitable crash. This vulnerability affects Firefox < 122.

CVE ID : CVE-2024-0745
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1871838 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0746

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0746
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1660223 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0747

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0747
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1764343 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0748

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
A compromised content process could have updated the document URI. This could have allowed an attacker to set an arbitrary URI in the address bar or history. This vulnerability affects Firefox < 122.

CVE ID : CVE-2024-0748
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1783504 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0749

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0749
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1813463 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0750

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0750
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1863083 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0751

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0751
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1865689 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0752

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
A use-after-free crash could have occurred on macOS if a Firefox update were being applied on a very busy system. This could have resulted in an exploitable crash. This vulnerability affects Firefox < 122.

CVE ID : CVE-2024-0752
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1866840 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0753

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0753
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1870262 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0754

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
Some WASM source files could have caused a crash when loaded in devtools. This vulnerability affects Firefox < 122.

CVE ID : CVE-2024-0754
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/show_bug.cgi?id=1871605 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org


Vulnerability ID : CVE-2024-0755

First published on : 23-01-2024 14:15:38
Last modified on : 23-01-2024 15:47:28

Description :
Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE ID : CVE-2024-0755
Source : security@mozilla.org
CVSS Score : /

References :
https://bugzilla.mozilla.org/buglist.cgi?bug_id=1868456%2C1871445%2C1873701 | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-01/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-02/ | source : security@mozilla.org
https://www.mozilla.org/security/advisories/mfsa2024-04/ | source : security@mozilla.org


Source : incibe.es

Vulnerability ID : CVE-2024-23854

First published on : 23-01-2024 16:15:49
Last modified on : 23-01-2024 16:15:49

Description :
Rejected reason: This CVE ID was unused by the CNA.

CVE ID : CVE-2024-23854
Source : cve-coordination@incibe.es
CVSS Score : /

References :


Source : trendmicro.com

Vulnerability ID : CVE-2023-38624

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-38625 through CVE-2023-38627.

CVE ID : CVE-2023-38624
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000294176?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-998/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-38625

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-38624.

CVE ID : CVE-2023-38625
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000294176?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-999/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-38626

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-38625.

CVE ID : CVE-2023-38626
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000294176?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1000/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-38627

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central 2019 (lower than build 6481) could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is a similar, but not identical vulnerability as CVE-2023-38626.

CVE ID : CVE-2023-38627
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000294176?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1001/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-41176

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41177.

CVE ID : CVE-2023-41176
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000294695?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-078/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-41177

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41178.

CVE ID : CVE-2023-41177
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000294695?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-079/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-41178

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
Reflected cross-site scripting (XSS) vulnerabilities in Trend Micro Mobile Security (Enterprise) could allow an exploit against an authenticated victim that visits a malicious link provided by an attacker. Please note, this vulnerability is similar to, but not identical to, CVE-2023-41176.

CVE ID : CVE-2023-41178
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000294695?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-080/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47192

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
An agent link vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-47192
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1611/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47193

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47194.

CVE ID : CVE-2023-47193
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1612/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47194

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47195.

CVE ID : CVE-2023-47194
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1614/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47195

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47196.

CVE ID : CVE-2023-47195
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1615/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47196

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47197.

CVE ID : CVE-2023-47196
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1617/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47197

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47198.

CVE ID : CVE-2023-47197
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1616/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47198

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47199.

CVE ID : CVE-2023-47198
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1619/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47199

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47193.

CVE ID : CVE-2023-47199
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1620/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47200

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47201.

CVE ID : CVE-2023-47200
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1618/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47201

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
A plug-in manager origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This vulnerability is similar to, but not identical to, CVE-2023-47200.

CVE ID : CVE-2023-47201
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1613/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-47202

First published on : 23-01-2024 21:15:08
Last modified on : 23-01-2024 21:15:08

Description :
A local file inclusion vulnerability on the Trend Micro Apex One management server could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-47202
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000295652?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-23-1621/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52090

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52090
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-026/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52091

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52091
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-027/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52092

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52092
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-025/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52093

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52093
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-029/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52094

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attacker to abuse the updater to delete an arbitrary folder, leading for a local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52094
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296151?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-028/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52324

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker to create arbitrary files on affected installations. Please note: although authentication is required to exploit this vulnerability, this vulnerability could be exploited when the attacker has any valid set of credentials. Also, this vulnerability could be potentially used in combination with another vulnerability to execute arbitrary code.

CVE ID : CVE-2023-52324
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-077/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52325

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remote attacker to execute arbitrary code on affected installations. Please note: this vulnerability must be used in conjunction with another one to exploit an affected system. In addition, an attacker must first obtain a valid set of credentials on target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52325
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-024/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52326

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52327.

CVE ID : CVE-2023-52326
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-023/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52327

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52328.

CVE ID : CVE-2023-52327
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-022/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52328

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52329.

CVE ID : CVE-2023-52328
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-021/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52329

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scripting (XSS) attacks that may allow an attacker to achieve remote code execution on affected servers. Please note this vulnerability is similar, but not identical to CVE-2023-52326.

CVE ID : CVE-2023-52329
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-074/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52330

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to execute arbitrary code on affected installations of Trend Micro Apex Central. Please note: user interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

CVE ID : CVE-2023-52330
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-051/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52331

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central could allow an attacker to interact with internal or local services directly. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52331
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296153?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-052/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52337

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52337
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-075/ | source : security@trendmicro.com


Vulnerability ID : CVE-2023-52338

First published on : 23-01-2024 21:15:09
Last modified on : 23-01-2024 21:15:09

Description :
A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - Endpoint and Workload Security Agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE ID : CVE-2023-52338
Source : security@trendmicro.com
CVSS Score : /

References :
https://success.trendmicro.com/dcx/s/solution/000296337?language=en_US | source : security@trendmicro.com
https://www.zerodayinitiative.com/advisories/ZDI-24-076/ | source : security@trendmicro.com


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.