Latest vulnerabilities [Wednesday, January 31, 2024]

Latest vulnerabilities [Wednesday, January 31, 2024]
{{titre}}

Last update performed on 01/31/2024 at 11:57:07 PM

(4) CRITICAL VULNERABILITIES [9.0, 10.0]

Source : github.com

Vulnerability ID : CVE-2024-23652

First published on : 31-01-2024 22:15:54
Last modified on : 31-01-2024 22:15:54

Description :
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit frontend or Dockerfile using RUN --mount could trick the feature that removes empty files created for the mountpoints into removing a file outside the container, from the host system. The issue has been fixed in v0.12.5. Workarounds include avoiding using BuildKit frontends from an untrusted source or building an untrusted Dockerfile containing RUN --mount feature.

CVE ID : CVE-2024-23652
Source : security-advisories@github.com
CVSS Score : 10.0

References :
https://github.com/moby/buildkit/pull/4603 | source : security-advisories@github.com
https://github.com/moby/buildkit/releases/tag/v0.12.5 | source : security-advisories@github.com
https://github.com/moby/buildkit/security/advisories/GHSA-4v98-7qmw-rqr8 | source : security-advisories@github.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2024-23653

First published on : 31-01-2024 22:15:54
Last modified on : 31-01-2024 22:15:54

Description :
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. In addition to running containers as build steps, BuildKit also provides APIs for running interactive containers based on built images. It was possible to use these APIs to ask BuildKit to run a container with elevated privileges. Normally, running such containers is only allowed if special `security.insecure` entitlement is enabled both by buildkitd configuration and allowed by the user initializing the build request. The issue has been fixed in v0.12.5 . Avoid using BuildKit frontends from untrusted sources.

CVE ID : CVE-2024-23653
Source : security-advisories@github.com
CVSS Score : 9.8

References :
https://github.com/moby/buildkit/pull/4602 | source : security-advisories@github.com
https://github.com/moby/buildkit/releases/tag/v0.12.5 | source : security-advisories@github.com
https://github.com/moby/buildkit/security/advisories/GHSA-wr6v-9f75-vh2g | source : security-advisories@github.com

Vulnerability : CWE-863


Source : rockwellautomation.com

Vulnerability ID : CVE-2024-21917

First published on : 31-01-2024 19:15:08
Last modified on : 31-01-2024 19:54:43

Description :
A vulnerability exists in Rockwell Automation FactoryTalkยฎ Service Platform that allows a malicious user to obtain the service token and use it for authentication on another FTSP directory. This is due to the lack of digital signing between the FTSP service token and directory. If exploited, a malicious user could potentially retrieve user information and modify settings without any authentication.

CVE ID : CVE-2024-21917
Source : PSIRT@rockwellautomation.com
CVSS Score : 9.8

References :
https://www.rockwellautomation.com/en-us/support/advisory.SD1660.html | source : PSIRT@rockwellautomation.com

Vulnerability : CWE-347


Source : cert.vde.com

Vulnerability ID : CVE-2023-50356

First published on : 31-01-2024 11:15:07
Last modified on : 31-01-2024 14:05:19

Description :
SSL connections to NOVELL and Synology LDAP server are vulnerable to a man-in-the-middle attack due to improper certificate validation in AREAL Topkapi Vision (Server). This allows a remote unauthenticated attacker to gather sensitive information and prevent valid users from login.

CVE ID : CVE-2023-50356
Source : info@cert.vde.com
CVSS Score : 9.1

References :
https://www.areal-topkapi.com/en/services/security-bulletins | source : info@cert.vde.com

Vulnerability : CWE-295


(35) HIGH VULNERABILITIES [7.0, 8.9]

Source : patchstack.com

Vulnerability ID : CVE-2024-22140

First published on : 31-01-2024 14:15:49
Last modified on : 31-01-2024 14:28:47

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Cozmoslabs Profile Builder Pro.This issue affects Profile Builder Pro: from n/a through 3.10.0.

CVE ID : CVE-2024-22140
Source : audit@patchstack.com
CVSS Score : 8.8

References :
https://patchstack.com/database/vulnerability/profile-builder-pro/wordpress-profile-builder-pro-plugin-3-10-0-csrf-leading-to-account-takeover-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-23507

First published on : 31-01-2024 12:16:06
Last modified on : 31-01-2024 14:05:19

Description :
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InstaWP Team InstaWP Connect โ€“ 1-click WP Staging & Migration.This issue affects InstaWP Connect โ€“ 1-click WP Staging & Migration: from n/a through 0.1.0.9.

CVE ID : CVE-2024-23507
Source : audit@patchstack.com
CVSS Score : 8.5

References :
https://patchstack.com/database/vulnerability/instawp-connect/wordpress-instawp-connect-plugin-0-1-0-9-sql-injection-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-22305

First published on : 31-01-2024 12:16:05
Last modified on : 31-01-2024 14:05:19

Description :
Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress โ€“ Kali Forms.This issue affects Contact Form builder with drag & drop for WordPress โ€“ Kali Forms: from n/a through 2.3.36.

CVE ID : CVE-2024-22305
Source : audit@patchstack.com
CVSS Score : 7.5

References :
https://patchstack.com/database/vulnerability/kali-forms/wordpress-kali-forms-plugin-2-3-38-insecure-direct-object-references-idor-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-639


Vulnerability ID : CVE-2024-22287

First published on : 31-01-2024 12:16:05
Last modified on : 31-01-2024 14:05:19

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Lud?k Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a through 1.7.5.

CVE ID : CVE-2024-22287
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/better-anchor-links/wordpress-better-anchor-links-plugin-1-7-5-csrf-to-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-22290

First published on : 31-01-2024 12:16:05
Last modified on : 31-01-2024 14:05:19

Description :
Cross-Site Request Forgery (CSRF) vulnerability in AboZain,O7abeeb,UnitOne Custom Dashboard Widgets allows Cross-Site Scripting (XSS).This issue affects Custom Dashboard Widgets: from n/a through 1.3.1.

CVE ID : CVE-2024-22290
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/custom-dashboard-widgets/wordpress-custom-dashboard-widgets-plugin-1-3-1-csrf-to-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-23508

First published on : 31-01-2024 16:15:47
Last modified on : 31-01-2024 19:54:51

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins PDF Poster โ€“ PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster โ€“ PDF Embedder Plugin for WordPress: from n/a through 2.1.17.

CVE ID : CVE-2024-23508
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/pdf-poster/wordpress-pdf-poster-plugin-2-1-17-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22307

First published on : 31-01-2024 17:15:36
Last modified on : 31-01-2024 19:54:51

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for eBay allows Reflected XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.5.7.

CVE ID : CVE-2024-22307
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/wp-lister-for-ebay/wordpress-wp-lister-lite-for-ebay-plugin-3-5-7-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22160

First published on : 31-01-2024 18:15:47
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bradley B. Dalina Image Tag Manager allows Reflected XSS.This issue affects Image Tag Manager: from n/a through 1.5.

CVE ID : CVE-2024-22160
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/image-tag-manager/wordpress-image-tag-manager-plugin-1-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22162

First published on : 31-01-2024 18:15:47
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM Shortcodes allows Reflected XSS.This issue affects WPZOOM Shortcodes: from n/a through 1.0.1.

CVE ID : CVE-2024-22162
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/wpzoom-shortcodes/wordpress-wpzoom-shortcodes-plugin-1-0-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22163

First published on : 31-01-2024 18:15:48
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shield Security Shield Security โ€“ Smart Bot Blocking & Intrusion Prevention Security allows Stored XSS.This issue affects Shield Security โ€“ Smart Bot Blocking & Intrusion Prevention Security: from n/a through 18.5.7.

CVE ID : CVE-2024-22163
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/wp-simple-firewall/wordpress-shield-security-plugin-18-5-7-unauthenticated-stored-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22282

First published on : 31-01-2024 18:15:48
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Torbert SimpleMap Store Locator allows Reflected XSS.This issue affects SimpleMap Store Locator: from n/a through 2.6.1.

CVE ID : CVE-2024-22282
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/simplemap/wordpress-simplemap-store-locator-plugin-2-6-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22286

First published on : 31-01-2024 18:15:48
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aluka BA Plus โ€“ Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus โ€“ Before & After Image Slider FREE: from n/a through 1.0.3.

CVE ID : CVE-2024-22286
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/ba-plus-before-after-image-slider-free/wordpress-ba-plus-plugin-1-0-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22289

First published on : 31-01-2024 18:15:48
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Post views Stats allows Reflected XSS.This issue affects Post views Stats: from n/a through 1.3.

CVE ID : CVE-2024-22289
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/post-views-stats/wordpress-post-views-stats-plugin-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22293

First published on : 31-01-2024 18:15:49
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5.

CVE ID : CVE-2024-22293
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/bp-profile-search/wordpress-bp-profile-search-plugin-5-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22159

First published on : 31-01-2024 19:15:09
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in realmag777 WOLF โ€“ WordPress Posts Bulk Editor and Manager Professional allows Reflected XSS.This issue affects WOLF โ€“ WordPress Posts Bulk Editor and Manager Professional: from n/a through 1.0.8.

CVE ID : CVE-2024-22159
Source : audit@patchstack.com
CVSS Score : 7.1

References :
https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-8-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Source : hackerone.com

Vulnerability ID : CVE-2024-21888

First published on : 31-01-2024 18:15:47
Last modified on : 31-01-2024 19:53:06

Description :
A privilege escalation vulnerability in web component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows a user to elevate privileges to that of an administrator.

CVE ID : CVE-2024-21888
Source : support@hackerone.com
CVSS Score : 8.8

References :
https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US | source : support@hackerone.com

Vulnerability : NVD-CWE-noinfo

Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*


Vulnerability ID : CVE-2024-21893

First published on : 31-01-2024 18:15:47
Last modified on : 31-01-2024 19:54:04

Description :
A server-side request forgery vulnerability in the SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) and Ivanti Neurons for ZTA allows an attacker to access certain restricted resources without authentication.

CVE ID : CVE-2024-21893
Source : support@hackerone.com
CVSS Score : 8.2

References :
https://forums.ivanti.com/s/article/CVE-2024-21888-Privilege-Escalation-for-Ivanti-Connect-Secure-and-Ivanti-Policy-Secure?language=en_US | source : support@hackerone.com

Vulnerability : CWE-918

Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3.3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r3.5:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r4.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r5.0:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.0:r6.0:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r10:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r11:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r11.3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r11.4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r11.5:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r12:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r12.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r13:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r13.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r14:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r15:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r15.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r16:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r16.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r17:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r17.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r18:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r18.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r18.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r4.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r4.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r4.3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r5:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r6:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r7:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r8:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r8.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r8.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r9:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:9.1:r9.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:21.9:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:21.12:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.1:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.1:r6:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.2:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.2:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.3:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.4:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.4:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.6:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.6:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.6:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:connect_secure:22.6:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:neurons_for_zero-trust_access:-:*:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r3.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.0:r4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:-:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r10:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r11:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r12:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r13:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r13.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r14:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r15:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r16:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r17:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r18:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r18.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r18.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r3.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r4:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r4.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r4.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r4.3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r5:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r6:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r7:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r8:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r8.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r8.2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:9.1:r9:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.1:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.1:r6:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.2:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.2:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.3:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.3:r3:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.4:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.4:r2:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.4:r2.1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.5:r1:*:*:*:*:*:*
Vulnerable product(s) : cpe:2.3:a:ivanti:policy_secure:22.6:r1:*:*:*:*:*:*


Source : github.com

Vulnerability ID : CVE-2024-24747

First published on : 31-01-2024 22:15:54
Last modified on : 31-01-2024 22:15:54

Description :
MinIO is a High Performance Object Storage. When someone creates an access key, it inherits the permissions of the parent key. Not only for `s3:*` actions, but also `admin:*` actions. Which means unless somewhere above in the access-key hierarchy, the `admin` rights are denied, access keys will be able to simply override their own `s3` permissions to something more permissive. The vulnerability is fixed in RELEASE.2024-01-31T20-20-33Z.

CVE ID : CVE-2024-24747
Source : security-advisories@github.com
CVSS Score : 8.8

References :
https://github.com/minio/minio/commit/0ae4915a9391ef4b3ec80f5fcdcf24ee6884e776 | source : security-advisories@github.com
https://github.com/minio/minio/releases/tag/RELEASE.2024-01-31T20-20-33Z | source : security-advisories@github.com
https://github.com/minio/minio/security/advisories/GHSA-xx8w-mq23-29g4 | source : security-advisories@github.com

Vulnerability : CWE-269


Vulnerability ID : CVE-2024-23651

First published on : 31-01-2024 22:15:54
Last modified on : 31-01-2024 22:15:54

Description :
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Two malicious build steps running in parallel sharing the same cache mounts with subpaths could cause a race condition that can lead to files from the host system being accessible to the build container. The issue has been fixed in v0.12.5. Workarounds include, avoiding using BuildKit frontend from an untrusted source or building an untrusted Dockerfile containing cache mounts with --mount=type=cache,source=... options.

CVE ID : CVE-2024-23651
Source : security-advisories@github.com
CVSS Score : 8.7

References :
https://github.com/moby/buildkit/pull/4604 | source : security-advisories@github.com
https://github.com/moby/buildkit/releases/tag/v0.12.5 | source : security-advisories@github.com
https://github.com/moby/buildkit/security/advisories/GHSA-m3r6-h7wv-7xxv | source : security-advisories@github.com

Vulnerability : CWE-362


Vulnerability ID : CVE-2024-21626

First published on : 31-01-2024 22:15:53
Last modified on : 31-01-2024 22:15:53

Description :
runc is a CLI tool for spawning and running containers on Linux according to the OCI specification. In runc 1.1.11 and earlier, due to an internal file descriptor leak, an attacker could cause a newly-spawned container process (from runc exec) to have a working directory in the host filesystem namespace, allowing for a container escape by giving access to the host filesystem ("attack 2"). The same attack could be used by a malicious image to allow a container process to gain access to the host filesystem through runc run ("attack 1"). Variants of attacks 1 and 2 could be also be used to overwrite semi-arbitrary host binaries, allowing for complete container escapes ("attack 3a" and "attack 3b"). runc 1.1.12 includes patches for this issue.

CVE ID : CVE-2024-21626
Source : security-advisories@github.com
CVSS Score : 8.6

References :
https://github.com/opencontainers/runc/commit/02120488a4c0fc487d1ed2867e901eeed7ce8ecf | source : security-advisories@github.com
https://github.com/opencontainers/runc/releases/tag/v1.1.12 | source : security-advisories@github.com
https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv | source : security-advisories@github.com

Vulnerability : CWE-403
Vulnerability : CWE-668


Source : rockwellautomation.com

Vulnerability ID : CVE-2024-21916

First published on : 31-01-2024 19:15:08
Last modified on : 31-01-2024 19:54:43

Description :
A denial-of-service vulnerability exists in specific Rockwell Automation ControlLogix ang GuardLogix controllers. If exploited, the product could potentially experience a major nonrecoverable fault (MNRF). The device will restart itself to recover from the MNRF.

CVE ID : CVE-2024-21916
Source : PSIRT@rockwellautomation.com
CVSS Score : 8.6

References :
https://www.rockwellautomation.com/en-us/support/advisory.SD1661.html | source : PSIRT@rockwellautomation.com

Vulnerability : CWE-119


Source : pega.com

Vulnerability ID : CVE-2023-50165

First published on : 31-01-2024 18:15:46
Last modified on : 31-01-2024 19:54:51

Description :
Pega Platform versions 8.2.1 to Infinity 23.1.0 are affected by an Generated PDF issue that could expose file contents.

CVE ID : CVE-2023-50165
Source : security@pega.com
CVSS Score : 8.5

References :
https://support.pega.com/support-doc/pega-security-advisory-g23-vulnerability-remediation-note | source : security@pega.com

Vulnerability : CWE-918


Source : redhat.com

Vulnerability ID : CVE-2023-6779

First published on : 31-01-2024 14:15:48
Last modified on : 31-01-2024 18:15:47

Description :
An off-by-one heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a message bigger than INT_MAX bytes, leading to an incorrect calculation of the buffer size to store the message, resulting in an application crash. This issue affects glibc 2.37 and newer.

CVE ID : CVE-2023-6779
Source : secalert@redhat.com
CVSS Score : 8.2

References :
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-6779 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2254395 | source : secalert@redhat.com
https://www.openwall.com/lists/oss-security/2024/01/30/6 | source : secalert@redhat.com

Vulnerability : CWE-122


Vulnerability ID : CVE-2023-6246

First published on : 31-01-2024 14:15:48
Last modified on : 31-01-2024 18:15:46

Description :
A heap-based buffer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name (the basename of argv[0]) is bigger than 1024 bytes, resulting in an application crash or local privilege escalation. This issue affects glibc 2.36 and newer.

CVE ID : CVE-2023-6246
Source : secalert@redhat.com
CVSS Score : 7.8

References :
http://packetstormsecurity.com/files/176931/glibc-qsort-Out-Of-Bounds-Read-Write.html | source : secalert@redhat.com
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-6246 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2249053 | source : secalert@redhat.com
https://www.openwall.com/lists/oss-security/2024/01/30/6 | source : secalert@redhat.com

Vulnerability : CWE-787

Vulnerability : CWE-122

Vulnerable product(s) : cpe:2.3:a:gnu:glibc:*:*:*:*:*:*:*:*

Vulnerable product(s) : cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*


Source : google.com

Vulnerability ID : CVE-2024-1085

First published on : 31-01-2024 13:15:10
Last modified on : 31-01-2024 14:05:19

Description :
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_setelem_catchall_deactivate() function checks whether the catch-all set element is active in the current generation instead of the next generation before freeing it, but only flags it inactive in the next generation, making it possible to free the element multiple times, leading to a double free vulnerability. We recommend upgrading past commit b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7.

CVE ID : CVE-2024-1085
Source : cve-coordination@google.com
CVSS Score : 7.8

References :
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7 | source : cve-coordination@google.com
https://kernel.dance/b1db244ffd041a49ecc9618e8feb6b5c1afcdaa7 | source : cve-coordination@google.com

Vulnerability : CWE-416


Vulnerability ID : CVE-2024-1086

First published on : 31-01-2024 13:15:10
Last modified on : 31-01-2024 14:05:19

Description :
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.

CVE ID : CVE-2024-1086
Source : cve-coordination@google.com
CVSS Score : 7.8

References :
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660 | source : cve-coordination@google.com
https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660 | source : cve-coordination@google.com

Vulnerability : CWE-416


Source : progress.com

Vulnerability ID : CVE-2024-0219

First published on : 31-01-2024 16:15:45
Last modified on : 31-01-2024 19:54:51

Description :
In Telerik JustDecompile versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik JustDecompile install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.

CVE ID : CVE-2024-0219
Source : security@progress.com
CVSS Score : 7.8

References :
https://docs.telerik.com/devtools/justdecompile/knowledge-base/legacy-installer-vulnerability | source : security@progress.com
https://www.telerik.com/products/decompiler.aspx | source : security@progress.com

Vulnerability : CWE-269


Vulnerability ID : CVE-2024-0832

First published on : 31-01-2024 16:15:46
Last modified on : 31-01-2024 19:54:51

Description :
In Telerik Reporting versions prior to 2024 R1, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Reporting install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.

CVE ID : CVE-2024-0832
Source : security@progress.com
CVSS Score : 7.8

References :
https://docs.telerik.com/reporting/knowledge-base/legacy-installer-vulnerability | source : security@progress.com
https://www.telerik.com/products/reporting.aspx | source : security@progress.com

Vulnerability : CWE-269


Vulnerability ID : CVE-2024-0833

First published on : 31-01-2024 16:15:46
Last modified on : 31-01-2024 19:54:51

Description :
In Telerik Test Studio versions prior to v2023.3.1330, a privilege elevation vulnerability has been identified in the applications installer component. In an environment where an existing Telerik Test Studio install is present, a lower privileged user has the ability to manipulate the installation package to elevate their privileges on the underlying operating system.

CVE ID : CVE-2024-0833
Source : security@progress.com
CVSS Score : 7.8

References :
https://docs.telerik.com/teststudio/knowledge-base/product-notices-kb/legacy-installer-vulnerability | source : security@progress.com
https://www.telerik.com/teststudio | source : security@progress.com

Vulnerability : CWE-269


Source : apache.org

Vulnerability ID : CVE-2023-44313

First published on : 31-01-2024 09:15:43
Last modified on : 31-01-2024 18:15:46

Description :
Server-Side Request Forgery (SSRF) vulnerability in Apache ServiceComb Service-Center. Attackers can obtain sensitive server information through specially crafted requests.This issue affects Apache ServiceComb before 2.1.0(include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.

CVE ID : CVE-2023-44313
Source : security@apache.org
CVSS Score : 7.6

References :
http://www.openwall.com/lists/oss-security/2024/01/31/4 | source : security@apache.org
https://lists.apache.org/thread/kxovd455o9h4f2v811hcov2qknbwld5r | source : security@apache.org

Vulnerability : CWE-918


Source : incibe.es

Vulnerability ID : CVE-2024-1112

First published on : 31-01-2024 14:15:49
Last modified on : 31-01-2024 14:28:47

Description :
Heap-based buffer overflow vulnerability in Resource Hacker, developed by Angus Johnson, affecting version 3.6.0.92. This vulnerability could allow an attacker to execute arbitrary code via a long filename argument.

CVE ID : CVE-2024-1112
Source : cve-coordination@incibe.es
CVSS Score : 7.3

References :
https://www.incibe.es/en/incibe-cert/notices/aviso/buffer-overflow-vulnerability-resource-hacker | source : cve-coordination@incibe.es

Vulnerability : CWE-119


Source : vuldb.com

Vulnerability ID : CVE-2024-1115

First published on : 31-01-2024 20:15:45
Last modified on : 31-01-2024 20:15:45

Description :
A vulnerability was found in openBI up to 1.0.8 and classified as critical. This issue affects the function dlfile of the file /application/websocket/controller/Setting.php. The manipulation of the argument phpPath leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252473 was assigned to this vulnerability.

CVE ID : CVE-2024-1115
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/81JmiyogcYL7 | source : cna@vuldb.com
https://vuldb.com/?ctiid.252473 | source : cna@vuldb.com
https://vuldb.com/?id.252473 | source : cna@vuldb.com

Vulnerability : CWE-78


Vulnerability ID : CVE-2024-1116

First published on : 31-01-2024 20:15:45
Last modified on : 31-01-2024 20:15:45

Description :
A vulnerability was found in openBI up to 1.0.8. It has been classified as critical. Affected is the function index of the file /application/plugins/controller/Upload.php. The manipulation leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-252474 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1116
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/uCElTQRGWVyw | source : cna@vuldb.com
https://vuldb.com/?ctiid.252474 | source : cna@vuldb.com
https://vuldb.com/?id.252474 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2024-1117

First published on : 31-01-2024 21:15:08
Last modified on : 31-01-2024 21:15:08

Description :
A vulnerability was found in openBI up to 1.0.8. It has been declared as critical. Affected by this vulnerability is the function index of the file /application/index/controller/Screen.php. The manipulation of the argument fileurl leads to code injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252475.

CVE ID : CVE-2024-1117
Source : cna@vuldb.com
CVSS Score : 7.3

References :
https://note.zhaoj.in/share/Liu1nbjddxu4 | source : cna@vuldb.com
https://vuldb.com/?ctiid.252475 | source : cna@vuldb.com
https://vuldb.com/?id.252475 | source : cna@vuldb.com

Vulnerability : CWE-94


Source : wordfence.com

Vulnerability ID : CVE-2024-1069

First published on : 31-01-2024 03:15:08
Last modified on : 31-01-2024 14:05:27

Description :
The Contact Form Entries plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation on the 'view_page' function in versions up to, and including, 1.3.2. This makes it possible for authenticated attackers with administrator-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible.

CVE ID : CVE-2024-1069
Source : security@wordfence.com
CVSS Score : 7.2

References :
https://plugins.trac.wordpress.org/browser/contact-form-entries/trunk/includes/plugin-pages.php?rev=3003884#L1213 | source : security@wordfence.com
https://plugins.trac.wordpress.org/changeset/3028640/contact-form-entries#file1 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/120313be-9f98-4448-9f5d-a77186a6ff08?source=cve | source : security@wordfence.com


(38) MEDIUM VULNERABILITIES [4.0, 6.9]

Source : patchstack.com

Vulnerability ID : CVE-2024-23502

First published on : 31-01-2024 16:15:46
Last modified on : 31-01-2024 19:54:51

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in InfornWeb Posts List Designer by Category โ€“ List Category Posts Or Recent Posts allows Stored XSS.This issue affects Posts List Designer by Category โ€“ List Category Posts Or Recent Posts: from n/a through 3.3.2.

CVE ID : CVE-2024-23502
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/post-list-designer/wordpress-posts-list-designer-by-category-plugin-3-3-2-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-23505

First published on : 31-01-2024 16:15:47
Last modified on : 31-01-2024 19:54:51

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive PDF Viewer & 3D PDF Flipbook โ€“ DearPDF allows Stored XSS.This issue affects PDF Viewer & 3D PDF Flipbook โ€“ DearPDF: from n/a through 2.0.38.

CVE ID : CVE-2024-23505
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/dearpdf-lite/wordpress-pdf-viewer-3d-pdf-flipbook-dearpdf-plugin-2-0-38-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22302

First published on : 31-01-2024 17:15:34
Last modified on : 31-01-2024 19:54:51

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ignazio Scimone Albo Pretorio On line allows Stored XSS.This issue affects Albo Pretorio On line: from n/a through 4.6.6.

CVE ID : CVE-2024-22302
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/albo-pretorio-on-line/wordpress-albo-pretorio-on-line-plugin-4-6-6-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22310

First published on : 31-01-2024 17:15:38
Last modified on : 31-01-2024 19:54:51

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.7.

CVE ID : CVE-2024-22310
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/formzu-wp/wordpress-formzu-wp-plugin-1-6-7-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22292

First published on : 31-01-2024 18:15:49
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.2.8.

CVE ID : CVE-2024-22292
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/wp-todo/wordpress-wp-to-do-plugin-1-2-8-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22297

First published on : 31-01-2024 18:15:49
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codeboxr CBX Map for Google Map & OpenStreetMap allows Stored XSS.This issue affects CBX Map for Google Map & OpenStreetMap: from n/a through 1.1.11.

CVE ID : CVE-2024-22297
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/cbxgooglemap/wordpress-cbx-map-for-google-map-openstreetmap-plugin-1-1-11-cross-site-scripting-xss-vulnerability-2?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22146

First published on : 31-01-2024 19:15:08
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Magazine3 Schema & Structured Data for WP & AMP allows Stored XSS.This issue affects Schema & Structured Data for WP & AMP: from n/a through 1.25.

CVE ID : CVE-2024-22146
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/schema-and-structured-data-for-wp/wordpress-schema-structured-data-for-wp-amp-plugin-1-25-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22150

First published on : 31-01-2024 19:15:09
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PWR Plugins Portfolio & Image Gallery for WordPress | PowerFolio allows Stored XSS.This issue affects Portfolio & Image Gallery for WordPress | PowerFolio: from n/a through 3.1.

CVE ID : CVE-2024-22150
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/portfolio-elementor/wordpress-powerfolio-plugin-3-1-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22158

First published on : 31-01-2024 19:15:09
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PeepSo Community by PeepSo โ€“ Social Network, Membership, Registration, User Profiles allows Stored XSS.This issue affects Community by PeepSo โ€“ Social Network, Membership, Registration, User Profiles: from n/a before 6.3.1.0.

CVE ID : CVE-2024-22158
Source : audit@patchstack.com
CVSS Score : 6.5

References :
https://patchstack.com/database/vulnerability/peepso-photos/wordpress-peepso-photos-add-on-plugin-6-3-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22306

First published on : 31-01-2024 17:15:35
Last modified on : 31-01-2024 19:54:51

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Stored XSS.This issue affects Mang Board WP: from n/a through 1.7.7.

CVE ID : CVE-2024-22306
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/mangboard/wordpress-mang-board-wp-plugin-1-7-7-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22161

First published on : 31-01-2024 18:15:47
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Harmonic Design HD Quiz allows Stored XSS.This issue affects HD Quiz: from n/a through 1.8.11.

CVE ID : CVE-2024-22161
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/hd-quiz/wordpress-hd-quiz-plugin-1-8-11-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22295

First published on : 31-01-2024 18:15:49
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery allows Stored XSS.This issue affects Photo Gallery, Images, Slider in Rbs Image Gallery: from n/a through 3.2.17.

CVE ID : CVE-2024-22295
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/robo-gallery/wordpress-robo-gallery-plugin-3-2-17-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22153

First published on : 31-01-2024 19:15:09
Last modified on : 31-01-2024 19:54:43

Description :
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood & Alexandre Faustino Stock Locations for WooCommerce allows Stored XSS.This issue affects Stock Locations for WooCommerce: from n/a through 2.5.9.

CVE ID : CVE-2024-22153
Source : audit@patchstack.com
CVSS Score : 5.9

References :
https://patchstack.com/database/vulnerability/stock-locations-for-woocommerce/wordpress-stock-locations-for-woocommerce-plugin-2-5-9-cross-site-scripting-xss-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-22143

First published on : 31-01-2024 13:15:11
Last modified on : 31-01-2024 14:05:19

Description :
Cross-Site Request Forgery (CSRF) vulnerability in WP Spell Check.This issue affects WP Spell Check: from n/a through 9.17.

CVE ID : CVE-2024-22143
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/wp-spell-check/wordpress-wp-spell-check-plugin-9-17-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-22285

First published on : 31-01-2024 13:15:11
Last modified on : 31-01-2024 14:05:19

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Elise Bosse Frontpage Manager.This issue affects Frontpage Manager: from n/a through 1.3.

CVE ID : CVE-2024-22285
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/frontpage-manager/wordpress-frontpage-manager-plugin-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-22304

First published on : 31-01-2024 13:15:11
Last modified on : 31-01-2024 14:05:19

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Borbis Media FreshMail For WordPress.This issue affects FreshMail For WordPress: from n/a through 2.3.2.

CVE ID : CVE-2024-22304
Source : audit@patchstack.com
CVSS Score : 5.4

References :
https://patchstack.com/database/vulnerability/freshmail-integration/wordpress-freshmail-for-wordpress-plugin-2-3-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-22291

First published on : 31-01-2024 13:15:11
Last modified on : 31-01-2024 14:05:19

Description :
Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Browser Theme Color.This issue affects Browser Theme Color: from n/a through 1.3.

CVE ID : CVE-2024-22291
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/browser-theme-color/wordpress-browser-theme-color-plugin-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Vulnerability ID : CVE-2024-22136

First published on : 31-01-2024 14:15:49
Last modified on : 31-01-2024 14:28:47

Description :
Cross-Site Request Forgery (CSRF) vulnerability in DroitThemes Droit Elementor Addons โ€“ Widgets, Blocks, Templates Library For Elementor Builder.This issue affects Droit Elementor Addons โ€“ Widgets, Blocks, Templates Library For Elementor Builder: from n/a through 3.1.5.

CVE ID : CVE-2024-22136
Source : audit@patchstack.com
CVSS Score : 4.3

References :
https://patchstack.com/database/vulnerability/droit-elementor-addons/wordpress-droit-elementor-addons-plugin-3-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve | source : audit@patchstack.com

Vulnerability : CWE-352


Source : vuldb.com

Vulnerability ID : CVE-2024-1114

First published on : 31-01-2024 20:15:45
Last modified on : 31-01-2024 20:15:45

Description :
A vulnerability has been found in openBI up to 1.0.8 and classified as critical. This vulnerability affects the function dlfile of the file /application/index/controller/Screen.php. The manipulation of the argument fileUrl leads to improper access controls. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252472.

CVE ID : CVE-2024-1114
Source : cna@vuldb.com
CVSS Score : 6.5

References :
https://note.zhaoj.in/share/9wv48TygKRxo | source : cna@vuldb.com
https://vuldb.com/?ctiid.252472 | source : cna@vuldb.com
https://vuldb.com/?id.252472 | source : cna@vuldb.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2024-1012

First published on : 31-01-2024 08:15:41
Last modified on : 31-01-2024 14:05:27

Description :
A vulnerability, which was classified as critical, has been found in Wanhu ezOFFICE 11.1.0. This issue affects some unknown processing of the file defaultroot/platform/bpm/work_flow/operate/wf_printnum.jsp. The manipulation of the argument recordId leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-252281 was assigned to this vulnerability.

CVE ID : CVE-2024-1012
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://github.com/4nNns/cveAdd/blob/b73e94ff089ae2201d9836b4d61b8175ff21618a/sqli/%E4%B8%87%E6%88%B7EZOFFICE%20%E5%89%8D%E5%8F%B0SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md | source : cna@vuldb.com
https://vuldb.com/?ctiid.252281 | source : cna@vuldb.com
https://vuldb.com/?id.252281 | source : cna@vuldb.com

Vulnerability : CWE-89


Vulnerability ID : CVE-2024-1113

First published on : 31-01-2024 20:15:45
Last modified on : 31-01-2024 20:15:45

Description :
A vulnerability, which was classified as critical, was found in openBI up to 1.0.8. This affects the function uploadUnity of the file /application/index/controller/Unity.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252471.

CVE ID : CVE-2024-1113
Source : cna@vuldb.com
CVSS Score : 6.3

References :
https://note.zhaoj.in/share/hPSx8li8LFfJ | source : cna@vuldb.com
https://vuldb.com/?ctiid.252471 | source : cna@vuldb.com
https://vuldb.com/?id.252471 | source : cna@vuldb.com

Vulnerability : CWE-434


Vulnerability ID : CVE-2024-1098

First published on : 31-01-2024 12:16:04
Last modified on : 31-01-2024 14:05:19

Description :
A vulnerability was found in Rebuild up to 3.5.5 and classified as problematic. This issue affects the function QiniuCloud.getStorageFile of the file /filex/proxy-download. The manipulation of the argument url leads to information disclosure. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-252455.

CVE ID : CVE-2024-1098
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://vuldb.com/?ctiid.252455 | source : cna@vuldb.com
https://vuldb.com/?id.252455 | source : cna@vuldb.com
https://www.yuque.com/mailemonyeyongjuan/tha8tr/ouiw375l0m8mw5ls | source : cna@vuldb.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2024-1111

First published on : 31-01-2024 19:15:08
Last modified on : 31-01-2024 19:54:43

Description :
A vulnerability, which was classified as problematic, has been found in SourceCodester QR Code Login System 1.0. Affected by this issue is some unknown functionality of the file add-user.php. The manipulation of the argument qr-code leads to cross site scripting. The attack may be launched remotely. VDB-252470 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1111
Source : cna@vuldb.com
CVSS Score : 4.3

References :
https://vuldb.com/?ctiid.252470 | source : cna@vuldb.com
https://vuldb.com/?id.252470 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : wordfence.com

Vulnerability ID : CVE-2023-2439

First published on : 31-01-2024 03:15:07
Last modified on : 31-01-2024 14:05:27

Description :
The UserPro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'userpro' shortcode in versions up to, and including, 5.1.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.

CVE ID : CVE-2023-2439
Source : security@wordfence.com
CVSS Score : 6.4

References :
https://codecanyon.net/item/userpro-user-profiles-with-social-login/5958681 | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/21cb424c-4efd-4c12-a08a-6d574f118c28?source=cve | source : security@wordfence.com


Vulnerability ID : CVE-2024-0836

First published on : 31-01-2024 08:15:41
Last modified on : 31-01-2024 14:05:27

Description :
The WordPress Review & Structure Data Schema Plugin โ€“ Review Schema plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rtrs_review_edit() function in all versions up to, and including, 2.1.14. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify arbitrary reviews.

CVE ID : CVE-2024-0836
Source : security@wordfence.com
CVSS Score : 4.3

References :
https://plugins.trac.wordpress.org/changeset/3028627/review-schema/trunk/app/Controllers/Ajax/Review.php | source : security@wordfence.com
https://www.wordfence.com/threat-intel/vulnerabilities/id/b7039206-a25a-4aa0-87e2-be11dd1f12eb?source=cve | source : security@wordfence.com


Source : pega.com

Vulnerability ID : CVE-2023-50166

First published on : 31-01-2024 18:15:46
Last modified on : 31-01-2024 19:54:51

Description :
Pega Platform from 8.5.4 to 8.8.3 is affected by an XSS issue with an unauthenticated user and the redirect parameter.

CVE ID : CVE-2023-50166
Source : security@pega.com
CVSS Score : 6.1

References :
https://support.pega.com/support-doc/pega-security-advisory-h23-vulnerability-remediation-note | source : security@pega.com

Vulnerability : CWE-79


Source : redhat.com

Vulnerability ID : CVE-2024-0914

First published on : 31-01-2024 05:15:08
Last modified on : 31-01-2024 14:05:27

Description :
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.

CVE ID : CVE-2024-0914
Source : secalert@redhat.com
CVSS Score : 5.9

References :
https://access.redhat.com/security/cve/CVE-2024-0914 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2260407 | source : secalert@redhat.com
https://people.redhat.com/~hkario/marvin/ | source : secalert@redhat.com

Vulnerability : CWE-203


Vulnerability ID : CVE-2023-5992

First published on : 31-01-2024 14:15:48
Last modified on : 31-01-2024 14:28:47

Description :
A vulnerability was found in OpenSC where PKCS#1 encryption padding removal is not implemented as side-channel resistant. This issue may result in the potential leak of private data.

CVE ID : CVE-2023-5992
Source : secalert@redhat.com
CVSS Score : 5.6

References :
https://access.redhat.com/security/cve/CVE-2023-5992 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2248685 | source : secalert@redhat.com
https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992 | source : secalert@redhat.com

Vulnerability : CWE-200


Vulnerability ID : CVE-2023-6780

First published on : 31-01-2024 14:15:48
Last modified on : 31-01-2024 18:15:47

Description :
An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer.

CVE ID : CVE-2023-6780
Source : secalert@redhat.com
CVSS Score : 5.3

References :
http://packetstormsecurity.com/files/176932/glibc-syslog-Heap-Based-Buffer-Overflow.html | source : secalert@redhat.com
https://access.redhat.com/security/cve/CVE-2023-6780 | source : secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=2254396 | source : secalert@redhat.com
https://www.openwall.com/lists/oss-security/2024/01/30/6 | source : secalert@redhat.com

Vulnerability : CWE-131


Source : apache.org

Vulnerability ID : CVE-2023-44312

First published on : 31-01-2024 09:15:43
Last modified on : 31-01-2024 18:15:46

Description :
Exposure of Sensitive Information to an Unauthorized Actor in Apache ServiceComb Service-Center.This issue affects Apache ServiceComb Service-Center before 2.1.0 (include). Users are recommended to upgrade to version 2.2.0, which fixes the issue.

CVE ID : CVE-2023-44312
Source : security@apache.org
CVSS Score : 5.8

References :
http://www.openwall.com/lists/oss-security/2024/01/31/5 | source : security@apache.org
https://lists.apache.org/thread/dkvlgnrmc17qzjdy9k0cr60wpzcssk1s | source : security@apache.org

Vulnerability : CWE-200


Source : github.com

Vulnerability ID : CVE-2023-47116

First published on : 31-01-2024 17:15:13
Last modified on : 31-01-2024 19:54:51

Description :
Label Studio is a popular open source data labeling tool. The vulnerability affects all versions of Label Studio prior to 1.11.0 and was tested on version 1.8.2. Label Studio's SSRF protections that can be enabled by setting the `SSRF_PROTECTION_ENABLED` environment variable can be bypassed to access internal web servers. This is because the current SSRF validation is done by executing a single DNS lookup to verify that the IP address is not in an excluded subnet range. This protection can be bypassed by either using HTTP redirection or performing a DNS rebinding attack.

CVE ID : CVE-2023-47116
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/HumanSignal/label-studio/commit/55dd6af4716b92f2bb213fe461d1ffbc380c6a64 | source : security-advisories@github.com
https://github.com/HumanSignal/label-studio/releases/tag/1.11.0 | source : security-advisories@github.com
https://github.com/HumanSignal/label-studio/security/advisories/GHSA-p59w-9gqw-wj8r | source : security-advisories@github.com

Vulnerability : CWE-918


Vulnerability ID : CVE-2024-24566

First published on : 31-01-2024 17:15:39
Last modified on : 31-01-2024 19:54:51

Description :
Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. When the application is password-protected (deployed with the `ACCESS_CODE` option), it is possible to access plugins without proper authorization (without password). This vulnerability is patched in 0.122.4.

CVE ID : CVE-2024-24566
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/lobehub/lobe-chat/commit/2184167f09ab68e4efa051ee984ea0c4e7c48fbd | source : security-advisories@github.com
https://github.com/lobehub/lobe-chat/security/advisories/GHSA-pf55-fj96-xf37 | source : security-advisories@github.com

Vulnerability : CWE-284


Vulnerability ID : CVE-2024-24579

First published on : 31-01-2024 17:15:40
Last modified on : 31-01-2024 19:54:51

Description :
stereoscope is a go library for processing container images and simulating a squash filesystem. Prior to version 0.0.1, it is possible to craft an OCI tar archive that, when stereoscope attempts to unarchive the contents, will result in writing to paths outside of the unarchive temporary directory. Specifically, use of `github.com/anchore/stereoscope/pkg/file.UntarToDirectory()` function, the `github.com/anchore/stereoscope/pkg/image/oci.TarballImageProvider` struct, or the higher level `github.com/anchore/stereoscope/pkg/image.Image.Read()` function express this vulnerability. As a workaround, if you are using the OCI archive as input into stereoscope then you can switch to using an OCI layout by unarchiving the tar archive and provide the unarchived directory to stereoscope.

CVE ID : CVE-2024-24579
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/anchore/stereoscope/commit/09dacab4d9ee65ee8bc7af8ebf4aa7b5aaa36204 | source : security-advisories@github.com
https://github.com/anchore/stereoscope/security/advisories/GHSA-hpxr-w9w7-g4gv | source : security-advisories@github.com

Vulnerability : CWE-22


Vulnerability ID : CVE-2024-23650

First published on : 31-01-2024 22:15:53
Last modified on : 31-01-2024 22:15:53

Description :
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. A malicious BuildKit client or frontend could craft a request that could lead to BuildKit daemon crashing with a panic. The issue has been fixed in v0.12.5. As a workaround, avoid using BuildKit frontends from untrusted sources.

CVE ID : CVE-2024-23650
Source : security-advisories@github.com
CVSS Score : 5.3

References :
https://github.com/moby/buildkit/pull/4601 | source : security-advisories@github.com
https://github.com/moby/buildkit/releases/tag/v0.12.5 | source : security-advisories@github.com
https://github.com/moby/buildkit/security/advisories/GHSA-9p26-698r-w4hx | source : security-advisories@github.com

Vulnerability : CWE-754


Vulnerability ID : CVE-2024-23637

First published on : 31-01-2024 18:15:49
Last modified on : 31-01-2024 19:54:43

Description :
OctoPrint is a web interface for 3D printer.s OctoPrint versions up until and including 1.9.3 contain a vulnerability that allows malicious admins to change the password of other admin accounts, including their own, without having to repeat their password. An attacker who managed to hijack an admin account might use this to lock out actual admins from their OctoPrint instance. The vulnerability will be patched in version 1.10.0.

CVE ID : CVE-2024-23637
Source : security-advisories@github.com
CVSS Score : 4.2

References :
https://github.com/OctoPrint/OctoPrint/commit/1729d167b4ae4a5835bbc7211b92c6828b1c4125 | source : security-advisories@github.com
https://github.com/OctoPrint/OctoPrint/releases/tag/1.10.0rc1 | source : security-advisories@github.com
https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-5626-pw9c-hmjr | source : security-advisories@github.com

Vulnerability : CWE-287
Vulnerability : CWE-620


Source : honeywell.com

Vulnerability ID : CVE-2023-5390

First published on : 31-01-2024 18:15:46
Last modified on : 31-01-2024 19:54:51

Description :
An attacker could potentially exploit this vulnerability, leading to files being read from the Honeywell Experion ControlEdge VirtualUOC and ControlEdge UOC. This exploit could be used to read files from the controller that may expose limited information from the device. Honeywell recommends updating to the most recent version of the product. See Honeywell Security Notification for recommendations on upgrading and versioning.

CVE ID : CVE-2023-5390
Source : psirt@honeywell.com
CVSS Score : 5.3

References :
https://process.honeywell.com | source : psirt@honeywell.com
https://www.honeywell.com/us/en/product-security | source : psirt@honeywell.com

Vulnerability : CWE-36


Source : zscaler.com

Vulnerability ID : CVE-2023-28807

First published on : 31-01-2024 20:15:44
Last modified on : 31-01-2024 20:15:44

Description :
In Zscaler Internet Access (ZIA) a mismatch between Connect Host and Client Hello's Server Name Indication (SNI) enables attackers to evade network security controls by hiding their communications within legitimate traffic.

CVE ID : CVE-2023-28807
Source : cve@zscaler.com
CVSS Score : 5.1

References :
https://help.zscaler.com/zia/configuring-advanced-settings#dns-optimization | source : cve@zscaler.com
https://help.zscaler.com/zia/configuring-advanced-settings#domain-fronting | source : cve@zscaler.com

Vulnerability : CWE-295


Source : cert.vde.com

Vulnerability ID : CVE-2023-50357

First published on : 31-01-2024 11:15:08
Last modified on : 31-01-2024 14:05:19

Description :
A cross site scripting vulnerability in the AREAL SAS Websrv1 ASP website allows a remote low-privileged attacker to gain escalated privileges of other non-admin users.

CVE ID : CVE-2023-50357
Source : info@cert.vde.com
CVSS Score : 4.6

References :
https://www.areal-topkapi.com/en/services/security-bulletins | source : info@cert.vde.com

Vulnerability : CWE-79


(4) LOW VULNERABILITIES [0.1, 3.9]

Source : vuldb.com

Vulnerability ID : CVE-2024-1099

First published on : 31-01-2024 12:16:04
Last modified on : 31-01-2024 14:05:19

Description :
A vulnerability was found in Rebuild up to 3.5.5. It has been classified as problematic. Affected is the function getFileOfData of the file /filex/read-raw. The manipulation of the argument url leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-252456.

CVE ID : CVE-2024-1099
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://vuldb.com/?ctiid.252456 | source : cna@vuldb.com
https://vuldb.com/?id.252456 | source : cna@vuldb.com
https://www.yuque.com/mailemonyeyongjuan/tha8tr/dcilugg0htp973nx | source : cna@vuldb.com

Vulnerability : CWE-79


Vulnerability ID : CVE-2024-1103

First published on : 31-01-2024 15:15:10
Last modified on : 31-01-2024 19:54:51

Description :
A vulnerability was found in CodeAstro Real Estate Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file profile.php of the component Feedback Form. The manipulation of the argument Your Feedback with the input <img src=x onerror=alert(document.cookie)> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-252458 is the identifier assigned to this vulnerability.

CVE ID : CVE-2024-1103
Source : cna@vuldb.com
CVSS Score : 3.5

References :
https://docs.google.com/document/d/18M55HRrxHQ9Jhph6CwWF-d5epAKtOSHt/edit?usp=drive_link&ouid=105609487033659389545&rtpof=true&sd=true | source : cna@vuldb.com
https://vuldb.com/?ctiid.252458 | source : cna@vuldb.com
https://vuldb.com/?id.252458 | source : cna@vuldb.com

Vulnerability : CWE-79


Source : vmware.com

Vulnerability ID : CVE-2024-22236

First published on : 31-01-2024 07:15:07
Last modified on : 31-01-2024 14:05:27

Description :
In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in the org.springframework.cloud:spring-cloud-contract-shade dependency.

CVE ID : CVE-2024-22236
Source : security@vmware.com
CVSS Score : 3.3

References :
https://spring.io/security/cve-2024-22236 | source : security@vmware.com


Source : eset.com

Vulnerability ID : CVE-2023-7043

First published on : 31-01-2024 13:15:10
Last modified on : 31-01-2024 14:05:19

Description :
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.

CVE ID : CVE-2023-7043
Source : security@eset.com
CVSS Score : 3.3

References :
https://support.eset.com/en/ca8602 | source : security@eset.com

Vulnerability : CWE-428


(9) NO SCORE VULNERABILITIES [0.0, 0.0]

Source : mitre.org

Vulnerability ID : CVE-2024-22569

First published on : 31-01-2024 02:15:54
Last modified on : 31-01-2024 14:05:27

Description :
Stored Cross-Site Scripting (XSS) vulnerability in POSCMS v4.6.2, allows attackers to execute arbitrary code via a crafted payload to /index.php?c=install&m=index&step=2&is_install_db=0.

CVE ID : CVE-2024-22569
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/Num-Nine/CVE/issues/12 | source : cve@mitre.org


Vulnerability ID : CVE-2024-23745

First published on : 31-01-2024 02:15:54
Last modified on : 31-01-2024 14:05:27

Description :
In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can be manipulated to execute arbitrary commands. Additionally, even if a NIB file is modified within an application, Gatekeeper may still permit the execution of the application, enabling the execution of arbitrary commands within the application's context.

CVE ID : CVE-2024-23745
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/louiselalanne/CVE-2024-23745 | source : cve@mitre.org


Vulnerability ID : CVE-2023-31505

First published on : 31-01-2024 03:15:08
Last modified on : 31-01-2024 14:05:27

Description :
An arbitrary file upload vulnerability in Schlix CMS v2.2.8-1, allows remote authenticated attackers to execute arbitrary code and obtain sensitive information via a crafted .phtml file.

CVE ID : CVE-2023-31505
Source : cve@mitre.org
CVSS Score : /

References :
https://m3n0sd0n4ld.github.io/patoHackventuras/cve-2023-31505 | source : cve@mitre.org


Vulnerability ID : CVE-2024-23170

First published on : 31-01-2024 08:15:42
Last modified on : 31-01-2024 14:05:19

Description :
An issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2. There was a timing side channel in RSA private operations. This side channel could be sufficient for a local attacker to recover the plaintext. It requires the attacker to send a large number of messages for decryption, as described in "Everlasting ROBOT: the Marvin Attack" by Hubert Kario.

CVE ID : CVE-2024-23170
Source : cve@mitre.org
CVSS Score : /

References :
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/ | source : cve@mitre.org


Vulnerability ID : CVE-2024-23775

First published on : 31-01-2024 08:15:42
Last modified on : 31-01-2024 14:05:19

Description :
Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtls_x509_set_extension().

CVE ID : CVE-2024-23775
Source : cve@mitre.org
CVSS Score : /

References :
https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/ | source : cve@mitre.org


Vulnerability ID : CVE-2022-47072

First published on : 31-01-2024 21:15:08
Last modified on : 31-01-2024 21:15:08

Description :
SQL injection vulnerability in Enterprise Architect 16.0.1605 32-bit allows attackers to run arbitrary SQL commands via the Find parameter in the Select Classifier dialog box..

CVE ID : CVE-2022-47072
Source : cve@mitre.org
CVSS Score : /

References :
https://github.com/DojoSecurity/Enterprise-Architect-SQL-Injection | source : cve@mitre.org


Source : redhat.com

Vulnerability ID : CVE-2023-3934

First published on : 31-01-2024 06:15:45
Last modified on : 31-01-2024 06:15:45

Description :
Rejected reason: Please discard this CVE, we are not using this anymore. The vulnerability turned out to be a non-security issue

CVE ID : CVE-2023-3934
Source : secalert@redhat.com
CVSS Score : /

References :


Source : devolutions.net

Vulnerability ID : CVE-2024-0589

First published on : 31-01-2024 13:15:10
Last modified on : 31-01-2024 14:05:19

Description :
Cross-site scripting (XSS) vulnerability in the entry overview tab in Devolutions Remote Desktop Manager 2023.3.36 and earlier on Windows allows an attacker with access to a data source to inject a malicious script via a specially crafted input in an entry.

CVE ID : CVE-2024-0589
Source : security@devolutions.net
CVSS Score : /

References :
https://devolutions.net/security/advisories/DEVO-2024-0001/ | source : security@devolutions.net


Source : google.com

Vulnerability ID : CVE-2024-1087

First published on : 31-01-2024 13:15:11
Last modified on : 31-01-2024 13:15:11

Description :
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because it is a duplicate of CVE-2024-1085.

CVE ID : CVE-2024-1087
Source : cve-coordination@google.com
CVSS Score : /

References :


This website uses the NVD API, but is not approved or certified by it.

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.