Latest vulnerabilities [Tuesday, January 30, 2024]

Latest vulnerabilities [Tuesday, January 30, 2024]
{{titre}}

Last update performed on 01/30/2024 at 11:57:12 PM

(2) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : yd.MitsubishiElectric.co.jp

Vulnerability ID : CVE-2023-6943

First published on : 30-01-2024 09:15:47
Last modified on : 30-01-2024 14:18:33

Description :
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to execute a malicious code by RPC with a path to a malicious library while connected to the products.

CVE ID : CVE-2023-6943
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 9.8

References :
https://jvn.jp/vu/JVNVU95103362 | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-020_en.pdf | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Vulnerability : CWE-470


Source : honeywell.com

Vulnerability ID : CVE-2023-5389

First published on : 30-01-2024 20:15:45
Last modified on : 30-01-2024 20:48:58

Description :
An attacker could potentially exploit this vulnerability, leading to the ability to modify files on Honeywell Experion VirtualUOC and UOC . This exploit could be used to write a file that may result in unexpected behavior based on configuration changes or updating of files that could result in subsequent execution of a malicious application if triggered. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.

CVE ID : CVE-2023-5389
Source : psirt@honeywell.com
CVSS Score : 9.1

References :
https://process.honeywell.com | source : psirt@honeywell.com
https://www.honeywell.com/us/en/product-security | source : psirt@honeywell.com

Vulnerability : CWE-749


(17) HIGH VULNERABILITIES [7.0, 8.9]

Source : github.com

Vulnerability ID : CVE-2024-21649

First published on : 30-01-2024 16:15:47
Last modified on : 30-01-2024 20:48:58

Description :
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Prior to 4.2.0, authenticated users could inject code into algorithm environment variables, resulting in remote code execution. This vulnerability is patched in 4.2.0.

CVE ID : CVE-2024-21649
Source : security-advisories@github.com
CVSS Score : 8.8

References :
https://github.com/vantage6/vantage6/commit/eac19db737145d3ca987adf037a454fae0790ddd | source : security-advisories@github.com
https://github.com/vantage6/vantage6/security/advisories/GHSA-w9h2-px87-74vx | source : security-advisories@github.com

Vulnerability : CWE-94


Vulnerability ID : CVE-2024-23838

First published on : 30-01-2024 17:15:11
Last modified on : 30-01-2024 20:48:58

Description :
TrueLayer.NET is the .Net client for TrueLayer. The vulnerability could potentially allow a malicious actor to gain control over the destination URL of the HttpClient used in the API classes. For applications using the SDK, requests to unexpected resources on local networks or to the internet could be made which could lead to information disclosure. The issue can be mitigated by having strict egress rules limiting the destinations to which requests can be made, and applying strict validation to any user input passed to the `truelayer-dotnet` library. Versions of TrueLayer.Client `v1.6.0` and later are not affected.

CVE ID : CVE-2024-23838
Source : security-advisories@github.com
CVSS Score : 8.6

References :
https://github.com/TrueLayer/truelayer-dotnet/commit/75e436ed5360faa73d6e7ce3a9903a3c49505e3e | source : security-advisories@github.com
https://github.com/TrueLayer/truelayer-dotnet/security/advisories/GHSA-67m4-qxp3-j6hh | source : security-advisories@github.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2024-23841

First published on : 30-01-2024 18:15:48
Last modified on : 30-01-2024 20:48:58

Description :
apollo-client-nextjs is the Apollo Client support for the Next.js App Router. The @apollo/experimental-apollo-client-nextjs NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this vulnerability, an attacker would need to either inject malicious input (e.g. by redirecting a user to a specifically-crafted link) or arrange to have malicious input be returned by a GraphQL server (e.g. by persisting it in a database). To fix this issue, please update to version 0.7.0 or later.

CVE ID : CVE-2024-23841
Source : security-advisories@github.com
CVSS Score : 8.2

References :
https://github.com/apollographql/apollo-client-nextjs/commit/b92bc42abd5f8e17d4db361c36bd08e4f541a46b | source : security-advisories@github.com
https://github.com/apollographql/apollo-client-nextjs/security/advisories/GHSA-rv8p-rr2h-fgpg | source : security-advisories@github.com

Vulnerability : CWE-80


Vulnerability ID : CVE-2024-24558

First published on : 30-01-2024 20:15:45
Last modified on : 30-01-2024 20:48:58

Description :
TanStack Query supplies asynchronous state management, server-state utilities and data fetching for the web. The `@tanstack/react-query-next-experimental` NPM package is vulnerable to a cross-site scripting vulnerability. To exploit this, an attacker would need to either inject malicious input or arrange to have malicious input be returned from an endpoint. To fix this issue, please update to version 5.18.0 or later.

CVE ID : CVE-2024-24558
Source : security-advisories@github.com
CVSS Score : 8.2

References :
https://github.com/TanStack/query/commit/f2ddaf2536e8b71d2da88a9310ac9a48c13512a1 | source : security-advisories@github.com
https://github.com/TanStack/query/security/advisories/GHSA-997g-27x8-43rf | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-24556

First published on : 30-01-2024 18:15:48
Last modified on : 30-01-2024 20:48:58

Description :
urql is a GraphQL client that exposes a set of helpers for several frameworks. The `@urql/next` package is vulnerable to XSS. To exploit this an attacker would need to ensure that the response returns `html` tags and that the web-application is using streamed responses (non-RSC). This vulnerability is due to improper escaping of html-like characters in the response-stream. To fix this vulnerability upgrade to version 1.1.1

CVE ID : CVE-2024-24556
Source : security-advisories@github.com
CVSS Score : 7.2

References :
https://github.com/urql-graphql/urql/commit/4b7011b70d5718728ff912d02a4dbdc7f703540d | source : security-advisories@github.com
https://github.com/urql-graphql/urql/security/advisories/GHSA-qhjf-hm5j-335w | source : security-advisories@github.com

Vulnerability : CWE-79


Source : tenable.com

Vulnerability ID : CVE-2024-1061

First published on : 30-01-2024 09:15:48
Last modified on : 30-01-2024 14:18:33

Description :
The 'HTML5 Video Player' WordPress Plugin, version < 2.5.25 is affected by an unauthenticated SQL injection vulnerability in the 'id' parameter in the 'get_view' function.

CVE ID : CVE-2024-1061
Source : vulnreport@tenable.com
CVSS Score : 8.6

References :
https://www.tenable.com/security/research/tra-2024-02 | source : vulnreport@tenable.com

Vulnerability : CWE-89


Source : ncsc.ch

Vulnerability ID : CVE-2024-1019

First published on : 30-01-2024 16:15:47
Last modified on : 30-01-2024 20:49:05

Description :
ModSecurity / libModSecurity 3.0.0 to 3.0.11 is affected by a WAF bypass for path-based payloads submitted via specially crafted request URLs. ModSecurity v3 decodes percent-encoded characters present in request URLs before it separates the URL path component from the optional query string component. This results in an impedance mismatch versus RFC compliant back-end applications. The vulnerability hides an attack payload in the path component of the URL from WAF rules inspecting it. A back-end may be vulnerable if it uses the path component of request URLs to construct queries. Integrators and users are advised to upgrade to 3.0.12. The ModSecurity v2 release line is not affected by this vulnerability.

CVE ID : CVE-2024-1019
Source : vulnerability@ncsc.ch
CVSS Score : 8.6

References :
https://owasp.org/www-project-modsecurity/tab_cves#cve-2024-1019-2024-01-30 | source : vulnerability@ncsc.ch

Vulnerability : CWE-20


Source : splunk.com

Vulnerability ID : CVE-2023-46230

First published on : 30-01-2024 17:15:09
Last modified on : 30-01-2024 20:48:58

Description :
In Splunk Add-on Builder versions below 4.1.4, the app writes sensitive information to internal log files.

CVE ID : CVE-2023-46230
Source : prodsec@splunk.com
CVSS Score : 8.2

References :
https://advisory.splunk.com/advisories/SVD-2024-0111 | source : prodsec@splunk.com

Vulnerability : CWE-532


Source : redhat.com

Vulnerability ID : CVE-2023-6258

First published on : 30-01-2024 17:15:10
Last modified on : 30-01-2024 20:48:58

Description :
A security vulnerability has been identified in the pkcs11-provider, which is associated with Public-Key Cryptography Standards (PKCS#11). If exploited successfully, this vulnerability could result in a Bleichenbacher-like security flaw, potentially enabling a side-channel attack on PKCS#1 1.5 decryption.

CVE ID : CVE-2023-6258
Source : secalert@redhat.com
CVSS Score : 8.1

References :
https://bugzilla.redhat.com/show_bug.cgi?id=2251062 | source : secalert@redhat.com
https://github.com/latchset/pkcs11-provider/pull/308 | source : secalert@redhat.com

Vulnerability : CWE-1300


Source : hitachi.co.jp

Vulnerability ID : CVE-2024-21840

First published on : 30-01-2024 03:15:07
Last modified on : 30-01-2024 14:18:33

Description :
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2.

CVE ID : CVE-2024-21840
Source : hirt@hitachi.co.jp
CVSS Score : 7.9

References :
https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2024-108/index.html | source : hirt@hitachi.co.jp

Vulnerability : CWE-276


Source : yd.MitsubishiElectric.co.jp

Vulnerability ID : CVE-2023-6942

First published on : 30-01-2024 09:15:47
Last modified on : 30-01-2024 14:18:33

Description :
Missing Authentication for Critical Function vulnerability in Mitsubishi Electric Corporation EZSocket versions 3.0 and later, FR Configurator2 all versions, GT Designer3 Version1(GOT1000) all versions, GT Designer3 Version1(GOT2000) all versions, GX Works2 versions 1.11M and later, GX Works3 all versions, MELSOFT Navigator versions 1.04E and later, MT Works2 all versions, MX Component versions 4.00A and later and MX OPC Server DA/UA all versions allows a remote unauthenticated attacker to bypass authentication by sending specially crafted packets and connect to the products illegally.

CVE ID : CVE-2023-6942
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 7.5

References :
https://jvn.jp/vu/JVNVU95103362 | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-020_en.pdf | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Vulnerability : CWE-306


Source : snyk.io

Vulnerability ID : CVE-2024-21488

First published on : 30-01-2024 05:15:09
Last modified on : 30-01-2024 14:18:33

Description :
Versions of the package network before 0.7.0 are vulnerable to Arbitrary Command Injection due to use of the child_process exec function without input sanitization. If (attacker-controlled) user input is given to the mac_address_for function of the package, it is possible for an attacker to execute arbitrary commands on the operating system that this package is being run on.

CVE ID : CVE-2024-21488
Source : report@snyk.io
CVSS Score : 7.3

References :
https://gist.github.com/icemonster/282ab98fb68fc22aac7c576538f6369c | source : report@snyk.io
https://github.com/tomas/network/commit/5599ed6d6ff1571a5ccadea775430c131f381de7 | source : report@snyk.io
https://github.com/tomas/network/commit/6ec8713580938ab4666df2f2d0f3399891ed2ad7 | source : report@snyk.io
https://github.com/tomas/network/commit/72c523265940fe279eb0050d441522628f8988e5 | source : report@snyk.io
https://security.snyk.io/vuln/SNYK-JS-NETWORK-6184371 | source : report@snyk.io

Vulnerability : CWE-77


Source : vuldb.com

Vulnerability ID : CVE-2024-1032

First published on : 30-01-2024 14:15:47
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability classified as critical was found in openBI up to 1.0.8. Affected by this vulnerability is the function testConnection of the file /application/index/controller/Databasesource.php of the component Test Connection Handler. The manipulation leads to deserialization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252307.

CVE ID : CVE-2024-1032
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/6ISYe2urjlkI | source : cna@vuldb.com
https://vuldb.com/?ctiid.252307 | source : cna@vuldb.com
https://vuldb.com/?id.252307 | source : cna@vuldb.com

Vulnerability : CWE-502


Vulnerability ID : CVE-2024-1034

First published on : 30-01-2024 15:15:08
Last modified on : 30-01-2024 15:22:14

Description :
A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadFile of the file /application/index/controller/File.php. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252309 was assigned to this vulnerability.

CVE ID : CVE-2024-1034
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/ABYkFE4wRPW5 | source : cna@vuldb.com
https://vuldb.com/?ctiid.252309 | source : cna@vuldb.com
https://vuldb.com/?id.252309 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2024-1035

First published on : 30-01-2024 16:15:47
Last modified on : 30-01-2024 20:48:58

Description :
A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function uploadIcon of the file /application/index/controller/Icon.php. The manipulation of the argument image leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-252310 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1035
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/AIbnbytIW9Bq | source : cna@vuldb.com
https://vuldb.com/?ctiid.252310 | source : cna@vuldb.com
https://vuldb.com/?id.252310 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2024-1036

First published on : 30-01-2024 18:15:47
Last modified on : 30-01-2024 20:48:58

Description :
A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function uploadIcon of the file /application/index/controller/Screen.php of the component Icon Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252311.

CVE ID : CVE-2024-1036
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/X1ASzPP5rHel | source : cna@vuldb.com
https://vuldb.com/?ctiid.252311 | source : cna@vuldb.com
https://vuldb.com/?id.252311 | source : cna@vuldb.com

Vulnerability : CWE-434


Source : zyxel.com.tw

Vulnerability ID : CVE-2023-5372

First published on : 30-01-2024 01:15:59
Last modified on : 30-01-2024 14:18:33

Description :
The post-authentication command injection vulnerability in Zyxel NAS326 firmware versions through V5.21(AAZF.15)C0 and NAS542 firmware versions through V5.21(ABAG.12)C0 could allow an authenticated attacker with administrator privileges to execute some operating system (OS) commands by sending a crafted query parameter attached to the URL of an affected deviceโ€™s web management interface.

CVE ID : CVE-2023-5372
Source : security@zyxel.com.tw
CVSS Score : 7.2

References :
https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-post-authentication-command-injection-vulnerability-in-nas-products-01-30-2024 | source : security@zyxel.com.tw

Vulnerability : CWE-78


(18) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : splunk.com

Vulnerability ID : CVE-2023-46231

First published on : 30-01-2024 17:15:10
Last modified on : 30-01-2024 20:48:58

Description :
In Splunk Add-on Builder versions below 4.1.4, the application writes user session tokens to its internal log files when you visit the Splunk Add-on Builder or when you build or edit a custom app or add-on.

CVE ID : CVE-2023-46231
Source : prodsec@splunk.com
CVSS Score : 6.8

References :
https://advisory.splunk.com/advisories/SVD-2024-0110 | source : prodsec@splunk.com

Vulnerability : CWE-532


Source : github.com

Vulnerability ID : CVE-2024-21653

First published on : 30-01-2024 16:15:47
Last modified on : 30-01-2024 20:48:58

Description :
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). Nodes and servers get a ssh config by default that permits root login with password authentication. In a proper deployment, the SSH service is not exposed so there is no risk, but not all deployments are ideal. The default should therefore be less permissive. The vulnerability can be mitigated by removing the ssh part from the docker file and rebuilding the docker image. Version 4.2.0 patches the vulnerability.

CVE ID : CVE-2024-21653
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/vantage6/vantage6/commit/3fcc6e6a8bd1142fd7a558d8fdd2b246e55c8841 | source : security-advisories@github.com
https://github.com/vantage6/vantage6/security/advisories/GHSA-2wgc-48g2-cj5w | source : security-advisories@github.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2024-23647

First published on : 30-01-2024 17:15:10
Last modified on : 30-01-2024 20:48:58

Description :
Authentik is an open-source Identity Provider. There is a bug in our implementation of PKCE that allows an attacker to circumvent the protection that PKCE offers. PKCE adds the code_challenge parameter to the authorization request and adds the code_verifier parameter to the token request. Prior to 2023.8.7 and 2023.10.7, a downgrade scenario is possible: if the attacker removes the code_challenge parameter from the authorization request, authentik will not do the PKCE check. Because of this bug, an attacker can circumvent the protection PKCE offers, such as CSRF attacks and code injection attacks. Versions 2023.8.7 and 2023.10.7 fix the issue.

CVE ID : CVE-2024-23647
Source : security-advisories@github.com
CVSS Score : 6.5

References :
https://github.com/goauthentik/authentik/commit/38e04ae12720e5d81b4f7ac77997eb8d1275d31a | source : security-advisories@github.com
https://github.com/goauthentik/authentik/security/advisories/GHSA-mrx3-gxjx-hjqj | source : security-advisories@github.com

Vulnerability : CWE-287


Vulnerability ID : CVE-2024-23834

First published on : 30-01-2024 22:15:53
Last modified on : 30-01-2024 22:15:53

Description :
Discourse is an open-source discussion platform. Improperly sanitized user input could lead to an XSS vulnerability in some situations. This vulnerability only affects Discourse instances which have disabled the default Content Security Policy. The vulnerability is patched in 3.1.5 and 3.2.0.beta5. As a workaround, ensure Content Security Policy is enabled and does not include `unsafe-inline`.

CVE ID : CVE-2024-23834
Source : security-advisories@github.com
CVSS Score : 6.3

References :
https://github.com/discourse/discourse/commit/568d704a94c528b7c2cb0f3512a7b7b606bc3000 | source : security-advisories@github.com
https://github.com/discourse/discourse/security/advisories/GHSA-rj3g-8q6p-63pc | source : security-advisories@github.com
https://meta.discourse.org/t/3-1-5-security-and-bug-fix-release/293094 | source : security-advisories@github.com
https://meta.discourse.org/t/3-2-0-beta5-add-groups-to-dms-mobile-chat-footer-redesign-passkeys-enabled-by-default-and-more/293093 | source : security-advisories@github.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-24565

First published on : 30-01-2024 17:15:12
Last modified on : 30-01-2024 20:48:58

Description :
CrateDB is a distributed SQL database that makes it simple to store and analyze massive amounts of data in real-time. There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage. This vulnerability is patched in 5.3.9, 5.4.8, 5.5.4, and 5.6.1.

CVE ID : CVE-2024-24565
Source : security-advisories@github.com
CVSS Score : 5.7

References :
https://github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6 | source : security-advisories@github.com
https://github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96 | source : security-advisories@github.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2024-23840

First published on : 30-01-2024 17:15:11
Last modified on : 30-01-2024 20:48:58

Description :
GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. `goreleaser release --debug` log shows secret values used in the in the custom publisher. This vulnerability is fixed in 1.24.0.

CVE ID : CVE-2024-23840
Source : security-advisories@github.com
CVSS Score : 5.5

References :
https://github.com/goreleaser/goreleaser/commit/d5b6a533ca1dc3366983d5d31ee2d2b6232b83c0 | source : security-advisories@github.com
https://github.com/goreleaser/goreleaser/security/advisories/GHSA-h3q2-8whx-c29h | source : security-advisories@github.com

Vulnerability : CWE-532


Vulnerability ID : CVE-2024-24567

First published on : 30-01-2024 21:15:08
Last modified on : 30-01-2024 21:15:08

Description :
Vyper is a pythonic Smart Contract Language for the ethereum virtual machine. Vyper compiler allows passing a value in builtin raw_call even if the call is a delegatecall or a staticcall. But in the context of delegatecall and staticcall the handling of value is not possible due to the semantics of the respective opcodes, and vyper will silently ignore the value= argument. If the semantics of the EVM are unknown to the developer, he could suspect that by specifying the `value` kwarg, exactly the given amount will be sent along to the target. This vulnerability affects 0.3.10 and earlier versions.

CVE ID : CVE-2024-24567
Source : security-advisories@github.com
CVSS Score : 4.8

References :
https://github.com/vyperlang/vyper/blob/9136169468f317a53b4e7448389aa315f90b95ba/vyper/builtins/functions.py#L1100 | source : security-advisories@github.com
https://github.com/vyperlang/vyper/security/advisories/GHSA-x2c2-q32w-4w6m | source : security-advisories@github.com

Vulnerability : CWE-754


Source : microsoft.com

Vulnerability ID : CVE-2024-21388

First published on : 30-01-2024 18:15:48
Last modified on : 30-01-2024 20:48:58

Description :
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

CVE ID : CVE-2024-21388
Source : secure@microsoft.com
CVSS Score : 6.5

References :
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21388 | source : secure@microsoft.com


Source : wordfence.com

Vulnerability ID : CVE-2023-7225

First published on : 30-01-2024 08:15:40
Last modified on : 30-01-2024 14:18:33

Description :
The MapPress Maps for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the width and height parameters in all versions up to, and including, 2.88.16 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-7225
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://advisory.abay.sh/cve-2023-7225/ | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023266%40mappress-google-maps-for-wordpress%2Ftrunk&old=3022439%40mappress-google-maps-for-wordpress%2Ftrunk&sfp_email=&sfph_mail= | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/fce76126-0cfd-464f-b644-45d4301e958d?source=cve | source : security@wordfence.com


Source : hcl.com

Vulnerability ID : CVE-2023-37518

First published on : 30-01-2024 16:15:46
Last modified on : 30-01-2024 20:49:05

Description :
HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker could inject arbitrary code and execute within the context of the running user.

CVE ID : CVE-2023-37518
Source : psirt@hcl.com
CVSS Score : 6.4

References :
https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0110202 | source : psirt@hcl.com


Source : vuldb.com

Vulnerability ID : CVE-2024-1027

First published on : 30-01-2024 03:15:07
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability, which was classified as critical, was found in SourceCodester Facebook News Feed Like 1.0. Affected is an unknown function of the component Post Handler. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-252300.

CVE ID : CVE-2024-1027
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://vuldb.com/?ctiid.252300 | source : cna@vuldb.com
https://vuldb.com/?id.252300 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2024-1033

First published on : 30-01-2024 14:15:47
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability, which was classified as problematic, has been found in openBI up to 1.0.8. Affected by this issue is the function agent of the file /application/index/controller/Datament.php. The manipulation of the argument api leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252308.

CVE ID : CVE-2024-1033
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://note.zhaoj.in/share/nD654ot6zRQZ | source : cna@vuldb.com
https://vuldb.com/?ctiid.252308 | source : cna@vuldb.com
https://vuldb.com/?id.252308 | source : cna@vuldb.com

Vulnerability : CWE-200


Source : incibe.es

Vulnerability ID : CVE-2024-0674

First published on : 30-01-2024 13:15:08
Last modified on : 30-01-2024 14:18:33

Description :
Privilege escalation vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, which could allow a local user to acquire root permissions by modifying the updatescript.js, inserting special code inside the script and creating the done.txt file. This would cause the watchdog process to run as root and execute the payload stored in the updatescript.js.

CVE ID : CVE-2024-0674
Source : cve-coordination@incibe.es
CVSS Score : 6.3

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines | source : cve-coordination@incibe.es

Vulnerability : CWE-269


Vulnerability ID : CVE-2024-0675

First published on : 30-01-2024 13:15:08
Last modified on : 30-01-2024 14:18:33

Description :
Vulnerability of improper checking for unusual or exceptional conditions in Lamassu Bitcoin ATM Douro machines, in its 7.1 version, the exploitation of which could allow an attacker with physical access to the ATM to escape kiosk mode, access the underlying Xwindow interface and execute arbitrary commands as an unprivileged user.

CVE ID : CVE-2024-0675
Source : cve-coordination@incibe.es
CVSS Score : 6.3

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines | source : cve-coordination@incibe.es

Vulnerability : CWE-754


Vulnerability ID : CVE-2024-0676

First published on : 30-01-2024 13:15:08
Last modified on : 30-01-2024 14:18:33

Description :
Weak password requirement vulnerability in Lamassu Bitcoin ATM Douro machines, in its 7.1 version , which allows a local user to interact with the machine where the application is installed, retrieve stored hashes from the machine and crack long 4-character passwords using a dictionary attack.

CVE ID : CVE-2024-0676
Source : cve-coordination@incibe.es
CVSS Score : 5.6

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-lamassu-bitcoin-atm-douro-machines | source : cve-coordination@incibe.es

Vulnerability : CWE-521


Source : yd.MitsubishiElectric.co.jp

Vulnerability ID : CVE-2023-6374

First published on : 30-01-2024 09:15:47
Last modified on : 30-01-2024 14:18:33

Description :
Authentication Bypass by Capture-replay vulnerability in Mitsubishi Electric Corporation MELSEC WS Series WS0-GETH00200 all serial numbers allows a remote unauthenticated attacker to bypass authentication by capture-replay attack and illegally login to the affected module. As a result, the remote attacker who has logged in illegally may be able to disclose or tamper with the programs and parameters in the modules.

CVE ID : CVE-2023-6374
Source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
CVSS Score : 5.9

References :
https://jvn.jp/vu/JVNVU99497477 | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp
https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2023-019_en.pdf | source : Mitsubishielectric.Psirt@yd.MitsubishiElectric.co.jp

Vulnerability : CWE-294


Source : tenable.com

Vulnerability ID : CVE-2024-1063

First published on : 30-01-2024 10:15:09
Last modified on : 30-01-2024 14:18:33

Description :
Appwrite <= v1.4.13 is affected by a Server-Side Request Forgery (SSRF) via the '/v1/avatars/favicon' endpoint due to an incomplete fix of CVE-2023-27159.

CVE ID : CVE-2024-1063
Source : vulnreport@tenable.com
CVSS Score : 5.3

References :
https://www.tenable.com/security/research/tra-2024-03 | source : vulnreport@tenable.com

Vulnerability : CWE-918


Source : redhat.com

Vulnerability ID : CVE-2024-0564

First published on : 30-01-2024 15:15:08
Last modified on : 30-01-2024 15:22:14

Description :
A flaw was found in the Linux kernel's memory deduplication mechanism. The max page sharing of Kernel Samepage Merging (KSM), added in Linux kernel version 4.4.0-96.119, can create a side channel. When the attacker and the victim share the same host and the default setting of KSM is "max page sharing=256", it is possible for the attacker to time the unmap to merge with the victim's page. The unmapping time depends on whether it merges with the victim's page and additional physical pages are created beyond the KSM's "max page share". Through these operations, the attacker can leak the victim's page.

CVE ID : CVE-2024-0564
Source : secalert@redhat.com
CVSS Score : 4.7

References :
https://access.redhat.com/security/cve/CVE-2024-0564 | source : secalert@redhat.com
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1680513 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2258514 | source : secalert@redhat.com
https://link.springer.com/conference/wisa | source : secalert@redhat.com
https://wisa.or.kr/accepted | source : secalert@redhat.com


(11) LOW VULNERABILITIES [0.1, 3.9]

Source : github.com

Vulnerability ID : CVE-2024-21671

First published on : 30-01-2024 16:15:48
Last modified on : 30-01-2024 20:48:58

Description :
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). It is possible to find out usernames from the response time of login requests. This could aid attackers in credential attacks. Version 4.2.0 patches this vulnerability.

CVE ID : CVE-2024-21671
Source : security-advisories@github.com
CVSS Score : 3.7

References :
https://github.com/vantage6/vantage6/commit/389f416c445da4f2438c72f34c3b1084485c4e30 | source : security-advisories@github.com
https://github.com/vantage6/vantage6/security/advisories/GHSA-45gq-q4xh-cp53 | source : security-advisories@github.com

Vulnerability : CWE-208


Vulnerability ID : CVE-2024-22193

First published on : 30-01-2024 16:15:48
Last modified on : 30-01-2024 20:48:58

Description :
The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning (FL) and Multi-Party Computation (MPC). There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a task with sensitive input data that will then be stored unencrypted in a database. Users should ensure they set the encryption setting correctly. This vulnerability is patched in 4.2.0.

CVE ID : CVE-2024-22193
Source : security-advisories@github.com
CVSS Score : 3.5

References :
https://github.com/vantage6/vantage6/commit/6383283733b81abfcacfec7538dc4dc882e98074 | source : security-advisories@github.com
https://github.com/vantage6/vantage6/security/advisories/GHSA-rjmv-52mp-gjrr | source : security-advisories@github.com

Vulnerability : CWE-922


Vulnerability ID : CVE-2024-22200

First published on : 30-01-2024 16:15:48
Last modified on : 30-01-2024 20:48:58

Description :
vantage6-UI is the User Interface for vantage6. The docker image used to run the UI leaks the nginx version. To mitigate the vulnerability, users can run the UI as an angular application. This vulnerability was patched in 4.2.0.

CVE ID : CVE-2024-22200
Source : security-advisories@github.com
CVSS Score : 3.3

References :
https://github.com/vantage6/vantage6-UI/commit/92e0fb5102b544d5bcc23980d973573733e2e020 | source : security-advisories@github.com
https://github.com/vantage6/vantage6-UI/security/advisories/GHSA-8wxq-346h-xmr8 | source : security-advisories@github.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2024-23825

First published on : 30-01-2024 17:15:11
Last modified on : 30-01-2024 20:48:58

Description :
TablePress is a table plugin for Wordpress. For importing tables, TablePress makes external HTTP requests based on a URL that is provided by the user. That user input is filtered insufficiently, which makes it is possible to send requests to unintended network locations and receive responses. On sites in a cloud environment like AWS, an attacker can potentially make GET requests to the instance's metadata REST API. If the instance's configuration is insecure, this can lead to the exposure of internal data, including credentials. This vulnerability is fixed in 2.2.5.

CVE ID : CVE-2024-23825
Source : security-advisories@github.com
CVSS Score : 3.0

References :
https://github.com/TablePress/TablePress/commit/62aab50e7a9c486caaeff26dff4dc01e059ecb91 | source : security-advisories@github.com
https://github.com/TablePress/TablePress/security/advisories/GHSA-x8rf-c8x6-mrpg | source : security-advisories@github.com

Vulnerability : CWE-918


Source : vuldb.com

Vulnerability ID : CVE-2024-1024

First published on : 30-01-2024 01:15:59
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. This vulnerability affects unknown code of the component New Account Handler. The manipulation of the argument First Name/Last Name with the input <script>alert(1)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252292.

CVE ID : CVE-2024-1024
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.252292 | source : cna@vuldb.com
https://vuldb.com/?id.252292 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-1026

First published on : 30-01-2024 01:15:59
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. This issue affects some unknown processing of the file front/admin/config.php. The manipulation of the argument id with the input %22%3E%3Cscript%3Ealert(%27XSS%27)%3C/script%3E leads to cross site scripting. The attack may be initiated remotely. The identifier VDB-252293 was assigned to this vulnerability.

CVE ID : CVE-2024-1026
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.252293 | source : cna@vuldb.com
https://vuldb.com/?id.252293 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-1028

First published on : 30-01-2024 05:15:08
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability has been found in SourceCodester Facebook News Feed Like 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Post Handler. The manipulation of the argument Description with the input <marquee>HACKED</marquee> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252301 was assigned to this vulnerability.

CVE ID : CVE-2024-1028
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.252301 | source : cna@vuldb.com
https://vuldb.com/?id.252301 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-1029

First published on : 30-01-2024 06:15:45
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability was found in Cogites eReserv 7.7.58 and classified as problematic. Affected by this issue is some unknown functionality of the file /front/admin/tenancyDetail.php. The manipulation of the argument Nom with the input Dreux"><script>alert('XSS')</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252302 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1029
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.252302 | source : cna@vuldb.com
https://vuldb.com/?id.252302 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-1030

First published on : 30-01-2024 10:15:08
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability was found in Cogites eReserv 7.7.58. It has been classified as problematic. This affects an unknown part of the file /front/admin/tenancyDetail.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-252303.

CVE ID : CVE-2024-1030
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.252303 | source : cna@vuldb.com
https://vuldb.com/?id.252303 | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-1031

First published on : 30-01-2024 13:15:09
Last modified on : 30-01-2024 14:18:33

Description :
A vulnerability was found in CodeAstro Expense Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file templates/5-Add-Expenses.php of the component Add Expenses Page. The manipulation of the argument item leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252304.

CVE ID : CVE-2024-1031
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://docs.qq.com/doc/DYmhqV3piekZ5dlZi | source : cna@vuldb.com
https://vuldb.com/?ctiid.252304 | source : cna@vuldb.com
https://vuldb.com/?id.252304 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : openanolis.org

Vulnerability ID : CVE-2024-21803

First published on : 30-01-2024 08:15:41
Last modified on : 30-01-2024 14:18:33

Description :
Use After Free vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (bluetooth modules) allows Local Execution of Code. This vulnerability is associated with program files https://gitee.Com/anolis/cloud-kernel/blob/devel-5.10/net/bluetooth/af_bluetooth.C. This issue affects Linux kernel: from v2.6.12-rc2 before v6.8-rc1.

CVE ID : CVE-2024-21803
Source : security@openanolis.org
CVSS Score : 3.5

References :
https://bugzilla.openanolis.cn/show_bug.cgi?id=8081 | source : security@openanolis.org

Vulnerability : CWE-416


(37) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2023-37571

First published on : 30-01-2024 01:15:58
Last modified on : 30-01-2024 14:18:33

Description :
Softing TH SCOPE through 3.70 allows XSS.

CVE ID : CVE-2023-37571
Source : cve@mitre.org
CVSS Score : /

References :
https://industrial.softing.com | source : cve@mitre.org
https://industrial.softing.com/fileadmin/psirt/downloads/2024/syt-2024-1.html | source : cve@mitre.org


Vulnerability ID : CVE-2023-51813

First published on : 30-01-2024 01:15:58
Last modified on : 30-01-2024 14:18:33

Description :
Cross Site Request Forgery (CSRF) vulnerability in Free Open-Source Inventory Management System v.1.0 allows a remote attacker to execute arbitrary code via the staff_list parameter in the index.php component.

CVE ID : CVE-2023-51813
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/xxxxfang/CVE-Apply/blob/main/csrf-1.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-51837

First published on : 30-01-2024 01:15:58
Last modified on : 30-01-2024 14:18:33

Description :
Ylianst MeshCentral 1.1.16 is vulnerable to Missing SSL Certificate Validation.

CVE ID : CVE-2023-51837
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Ylianst/MeshCentral/blob/master/mpsserver.js | source : cve@mitre.org
https://github.com/tianjk99/Cryptographic-Misuses/blob/main/Bug_MeshCentral.md | source : cve@mitre.org
https://github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-51837.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-51843

First published on : 30-01-2024 01:15:58
Last modified on : 30-01-2024 14:18:33

Description :
react-dashboard 1.4.0 is vulnerable to Cross Site Scripting (XSS) as httpOnly is not set.

CVE ID : CVE-2023-51843
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/flatlogic/react-dashboard | source : cve@mitre.org
https://github.com/flatlogic/react-dashboard/issues/65 | source : cve@mitre.org
https://github.com/tianjk99/Cryptographic-Misuses/blob/main/CVE-2023-51843.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-51982

First published on : 30-01-2024 01:15:59
Last modified on : 30-01-2024 14:18:33

Description :
CrateDB 5.5.1 is contains an authentication bypass vulnerability in the Admin UI component. After configuring password authentication and_ Local_ In the case of an address, identity authentication can be bypassed by setting the X-Real IP request header to a specific value and accessing the Admin UI directly using the default user identity.(https://github.com/crate/crate/issues/15231)

CVE ID : CVE-2023-51982
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/crate/crate/issues/15231 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22682

First published on : 30-01-2024 01:16:00
Last modified on : 30-01-2024 14:18:33

Description :
DuckDB <=0.9.2 and DuckDB extension-template <=0.9.2 are vulnerable to malicious extension injection via the custom extension feature.

CVE ID : CVE-2024-22682
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Tu0Laj1/database_test | source : cve@mitre.org


Vulnerability ID : CVE-2024-22938

First published on : 30-01-2024 01:16:00
Last modified on : 30-01-2024 14:18:33

Description :
Insecure Permissions vulnerability in BossCMS v.1.3.0 allows a local attacker to execute arbitrary code and escalate privileges via the init function in admin.class.php component.

CVE ID : CVE-2024-22938
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/n0Sleeper/bosscmsVuln | source : cve@mitre.org
https://github.com/n0Sleeper/bosscmsVuln/issues/1 | source : cve@mitre.org
https://www.bosscms.net/ | source : cve@mitre.org


Vulnerability ID : CVE-2023-45923

First published on : 30-01-2024 06:15:45
Last modified on : 30-01-2024 06:15:45

Description :
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-45923
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2023-45926

First published on : 30-01-2024 06:15:45
Last modified on : 30-01-2024 06:15:45

Description :
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-45926
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2023-45928

First published on : 30-01-2024 06:15:45
Last modified on : 30-01-2024 06:15:45

Description :
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-45928
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2023-45930

First published on : 30-01-2024 06:15:45
Last modified on : 30-01-2024 06:15:45

Description :
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

CVE ID : CVE-2023-45930
Source : cve@mitre.org
CVSS Score : /

References :


Vulnerability ID : CVE-2023-52071

First published on : 30-01-2024 07:15:07
Last modified on : 30-01-2024 14:18:33

Description :
tiny-curl-8_4_0 , curl-8_4_0 and curl-8_5_0 were discovered to contain an off-by-one out-of-bounds array index via the component tool_cb_wrt.

CVE ID : CVE-2023-52071
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/curl/curl/commit/73980f9ace6c7577e7fcab8008bbde8a0a231692 | source : cve@mitre.org
https://github.com/curl/curl/commit/af3f4e41#r127212213 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22643

First published on : 30-01-2024 07:15:07
Last modified on : 30-01-2024 14:18:33

Description :
A Cross-Site Request Forgery (CSRF) vulnerability in SEO Panel version 4.10.0 allows remote attackers to perform unauthorized user password resets.

CVE ID : CVE-2024-22643
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22643 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22646

First published on : 30-01-2024 07:15:08
Last modified on : 30-01-2024 14:18:33

Description :
An email address enumeration vulnerability exists in the password reset function of SEO Panel version 4.10.0. This allows an attacker to guess which emails exist on the system.

CVE ID : CVE-2024-22646
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22646 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22647

First published on : 30-01-2024 07:15:08
Last modified on : 30-01-2024 14:18:33

Description :
An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames.

CVE ID : CVE-2024-22647
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22647 | source : cve@mitre.org


Vulnerability ID : CVE-2024-22648

First published on : 30-01-2024 07:15:08
Last modified on : 30-01-2024 14:18:33

Description :
A Blind SSRF vulnerability exists in the "Crawl Meta Data" functionality of SEO Panel version 4.10.0. This makes it possible for remote attackers to scan ports in the local environment.

CVE ID : CVE-2024-22648
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22648 | source : cve@mitre.org


Vulnerability ID : CVE-2023-36259

First published on : 30-01-2024 09:15:47
Last modified on : 30-01-2024 14:18:33

Description :
Cross Site Scripting (XSS) vulnerability in Craft CMS Audit Plugin before version 3.0.2 allows attackers to execute arbitrary code during user creation.

CVE ID : CVE-2023-36259
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/sjelfull/craft-audit/pull/73 | source : cve@mitre.org
https://www.linkedin.com/pulse/threat-briefing-craftcms-amrcybersecurity-emi0e/?trackingId=E75GttWvQp6gfvPiJDDUBA%3D%3D | source : cve@mitre.org


Vulnerability ID : CVE-2023-36260

First published on : 30-01-2024 09:15:47
Last modified on : 30-01-2024 14:18:33

Description :
An issue discovered in Craft CMS version 4.6.1. allows remote attackers to cause a denial of service (DoS) via crafted string to Feed-Me Name and Feed-Me URL fields due to saving a feed using an Asset element type with no volume selected.

CVE ID : CVE-2023-36260
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/craftcms/feed-me/commit/b5d6ede51848349bd91bc95fec288b6793f15e28%29 | source : cve@mitre.org
https://www.linkedin.com/pulse/threat-briefing-craftcms-amrcybersecurity-emi0e/?trackingId=E75GttWvQp6gfvPiJDDUBA%3D%3D | source : cve@mitre.org


Vulnerability ID : CVE-2024-22523

First published on : 30-01-2024 09:15:48
Last modified on : 30-01-2024 14:18:33

Description :
Directory Traversal vulnerability in Qiyu iFair version 23.8_ad0 and before, allows remote attackers to obtain sensitive information via uploadimage component.

CVE ID : CVE-2024-22523
Source : cve@mitre.org
CVSS Score : /

References :
https://www.yuque.com/for82/vdzwqe/sc8ictw8poo8v5gl | source : cve@mitre.org


Vulnerability ID : CVE-2024-22894

First published on : 30-01-2024 10:15:09
Last modified on : 30-01-2024 14:18:33

Description :
An issue in AIT-Deutschland Alpha Innotec Heatpumps wp2reg-V.3.88.0-9015 and Novelan Heatpumps wp2reg-V.3.88.0-9015, allows remote attackers to execute arbitrary code via the password component in the shadow file.

CVE ID : CVE-2024-22894
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Jaarden/AlphaInnotec-Password-Vulnerability/ | source : cve@mitre.org
https://github.com/Jaarden/CVE-2024-22894 | source : cve@mitre.org


Vulnerability ID : CVE-2024-24324

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A8000RU v7.1cu.643_B20200521 was discovered to contain a hardcoded password for root stored in /etc/shadow.

CVE ID : CVE-2024-24324
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A8000RU/TOTOlink%20A8000RU%20hard%20code.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24325

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setParentalRules function.

CVE ID : CVE-2024-24325
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/11/TOTOlink%20A3300R%20setParentalRules.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24326

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the arpEnable parameter in the setStaticDhcpRules function.

CVE ID : CVE-2024-24326
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/8/TOTOlink%20A3300R%20setStaticDhcpRules.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24327

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the pppoePass parameter in the setIpv6Cfg function.

CVE ID : CVE-2024-24327
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/7/TOTOlink%20A3300R%20setIpv6Cfg.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24328

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setMacFilterRules function.

CVE ID : CVE-2024-24328
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/12/TOTOlink%20A3300R%20setMacFilterRules.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24329

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setPortForwardRules function.

CVE ID : CVE-2024-24329
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/10/TOTOlink%20A3300R%20setPortForwardRules.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24330

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the port or enable parameter in the setRemoteCfg function.

CVE ID : CVE-2024-24330
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/14/TOTOlink%20A3300R%20setRemoteCfg.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24331

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the enable parameter in the setWiFiScheduleCfg function.

CVE ID : CVE-2024-24331
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/13/TOTOlink%20A3300R%20setWiFiScheduleCfg.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24332

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the url parameter in the setUrlFilterRules function.

CVE ID : CVE-2024-24332
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/9/TOTOlink%20A3300R%20setUrlFilterRules.md | source : cve@mitre.org


Vulnerability ID : CVE-2024-24333

First published on : 30-01-2024 15:15:09
Last modified on : 30-01-2024 15:21:43

Description :
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the desc parameter in the setWiFiAclRules function.

CVE ID : CVE-2024-24333
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/funny-mud-peee/IoT-vuls/blob/main/TOTOLINK%20A3300R/15/TOTOlink%20A3300R%20setWiFiAclRules.md | source : cve@mitre.org


Vulnerability ID : CVE-2023-51197

First published on : 30-01-2024 22:15:52
Last modified on : 30-01-2024 22:15:52

Description :
An issue discovered in shell command execution in ROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows an attacker to run arbitrary commands and cause other impacts.

CVE ID : CVE-2023-51197
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/16yashpatel/CVE-2023-51197 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51198

First published on : 30-01-2024 22:15:52
Last modified on : 30-01-2024 22:15:52

Description :
An issue in the permission and access control components within ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to gain escalate privileges.

CVE ID : CVE-2023-51198
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/16yashpatel/CVE-2023-51198 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51202

First published on : 30-01-2024 22:15:52
Last modified on : 30-01-2024 22:15:52

Description :
OS command injection vulnerability in command processing or system call componentsROS2 (Robot Operating System 2) Foxy Fitzroy, with ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to run arbitrary commands.

CVE ID : CVE-2023-51202
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/16yashpatel/CVE-2023-51202 | source : cve@mitre.org


Vulnerability ID : CVE-2023-51204

First published on : 30-01-2024 22:15:52
Last modified on : 30-01-2024 22:15:52

Description :
Insecure deserialization in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to execute arbitrary code via a crafted input.

CVE ID : CVE-2023-51204
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/16yashpatel/CVE-2023-51204 | source : cve@mitre.org


Source : google.com

Vulnerability ID : CVE-2024-1059

First published on : 30-01-2024 22:15:52
Last modified on : 30-01-2024 22:15:52

Description :
Use after free in Peer Connection in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2024-1059
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html | source : chrome-cve-admin@google.com
https://crbug.com/1514777 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2024-1060

First published on : 30-01-2024 22:15:53
Last modified on : 30-01-2024 22:15:53

Description :
Use after free in Canvas in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

CVE ID : CVE-2024-1060
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html | source : chrome-cve-admin@google.com
https://crbug.com/1511567 | source : chrome-cve-admin@google.com


Vulnerability ID : CVE-2024-1077

First published on : 30-01-2024 22:15:53
Last modified on : 30-01-2024 22:15:53

Description :
Use after free in Network in Google Chrome prior to 121.0.6167.139 allowed a remote attacker to potentially exploit heap corruption via a malicious file. (Chromium security severity: High)

CVE ID : CVE-2024-1077
Source : chrome-cve-admin@google.com
CVSS Score : /

References :
https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop_30.html | source : chrome-cve-admin@google.com
https://crbug.com/1511085 | source : chrome-cve-admin@google.com


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.