CISA Bulletins - Vulnerability Summary for the Week of April 3, 2023

system · May 11, 2023, 9:02pm

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

[ul]
[li]High: vulnerabilities with a CVSS base score of 7.0–10.0[/li][li]Medium: vulnerabilities with a CVSS base score of 4.0–6.9[/li][li]Low: vulnerabilities with a CVSS base score of 0.0–3.9[/li][/ul]

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.

High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD]mingsoft -- mcms[/TD] [TD]SQL Injection vulnerability found in Ming-Soft MCMS v.4.7.2 allows a remote attacker to execute arbitrary code via basic_title parameter.[/TD] [TD]2023-04-04[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-20913&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2020-20913]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-20913') [MISC]('https://github.com/ming-soft/MCMS/issues/27')[/TD] [/TR] [TR] [TD]publiccms -- publiccms[/TD] [TD]SQL Injection vulnerability found in San Luan PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via the sql parameter.[/TD] [TD]2023-04-04[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-20914&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2020-20914]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-20914') [MISC]('https://github.com/sanluan/PublicCMS/issues/29')[/TD] [/TR] [TR] [TD]publiccms -- publiccms[/TD] [TD]SQL Injection vulnerability found in PublicCMS v.4.0 allows a remote attacker to execute arbitrary code via sql parameter of the the SysSiteAdminControl.[/TD] [TD]2023-04-04[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-20915&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2020-20915]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-20915') [MISC]('https://github.com/sanluan/PublicCMS/issues/29')[/TD] [/TR] [TR] [TD]generex -- cs141_firmware[/TD] [TD]Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a webshell that could allow him to execute arbitrary code as root.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47190&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2022-47190]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47190') [CONFIRM]('https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/2-12') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/page:2')[/TD] [/TR] [TR] [TD]fernus -- learning_management_systems[/TD] [TD]Unrestricted Upload of File with Dangerous Type vulnerability in Fernus Informatics LMS allows OS Command Injection, Server Side Include (SSI) Injection.This issue affects LMS: before 23.04.03.[/TD] [TD]2023-04-04[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1728&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1728]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1728') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0194')[/TD] [/TR] [TR] [TD]phpmyfaq -- phpmyfaq[/TD] [TD]Weak Password Requirements in GitHub repository thorsten/phpmyfaq prior to 3.1.12.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1753&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1753]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1753') [MISC]('https://github.com/thorsten/phpmyfaq/commit/f612a72494080e04947da7028340fee4493fe8a5') [CONFIRM]('https://huntr.dev/bounties/01d6ae23-3a8f-42a8-99f4-10246187d71b')[/TD] [/TR] [TR] [TD]akbim -- panon[/TD] [TD]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Akbim Computer Panon allows SQL Injection.This issue affects Panon: before 1.0.2.[/TD] [TD]2023-04-03[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1765&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1765]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1765') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0193')[/TD] [/TR] [TR] [TD]sourcecodester -- grade_point_average_\(gpa\)_calculator[/TD] [TD]A vulnerability has been found in SourceCodester Grade Point Average GPA Calculator 1.0 and classified as critical. Affected by this vulnerability is the function get_scale of the file Master.php. The manipulation of the argument perc leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224671.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1770&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1770]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1770') [MISC]('https://vuldb.com/?id.224671') [MISC]('https://vuldb.com/?ctiid.224671') [MISC]('https://github.com/Pe4cefulSnow/SQL-Injection/blob/main/README.md')[/TD] [/TR] [TR] [TD]rockoa -- rockoa[/TD] [TD]A vulnerability was found in Rockoa 2.3.2. It has been declared as critical. This vulnerability affects unknown code of the file webmainConfig.php of the component Configuration File Handler. The manipulation leads to code injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-224674 is the identifier assigned to this vulnerability.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1773&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1773]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1773') [MISC]('https://vuldb.com/?ctiid.224674') [MISC]('https://gitee.com/galaxies2580/cve/blob/master/xinhuv2.3.2.md') [MISC]('https://vuldb.com/?id.224674')[/TD] [/TR] [TR] [TD]jeecg -- jeecg_boot[/TD] [TD]A vulnerability was found in jeecg-boot 3.5.0 and classified as critical. This issue affects some unknown processing of the component API Documentation. The manipulation leads to improper authentication. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224699.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1784&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1784]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1784') [MISC]('https://note.youdao.com/ynoteshare/index.html?id=7eb8fc804ea3544d8add43749a09173e') [MISC]('https://vuldb.com/?ctiid.224699') [MISC]('https://vuldb.com/?id.224699')[/TD] [/TR] [TR] [TD]sourcecodester -- earnings_and_expense_tracker_app[/TD] [TD]A vulnerability was found in SourceCodester Earnings and Expense Tracker App 1.0. It has been classified as critical. Affected is an unknown function of the file manage_user.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-224700.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1785&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1785]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1785') [MISC]('https://github.com/web-zxl/img/blob/main/4.png') [MISC]('https://vuldb.com/?id.224700') [MISC]('https://vuldb.com/?ctiid.224700')[/TD] [/TR] [TR] [TD]firefly-iii -- firefly_iii[/TD] [TD]Improper Input Validation in GitHub repository firefly-iii/firefly-iii prior to 6.0.0.[/TD] [TD]2023-04-01[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1789&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1789]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1789') [MISC]('https://github.com/firefly-iii/firefly-iii/commit/6b05c0fbd3e8c40ae9b24dc2698821786fccf0c5') [CONFIRM]('https://huntr.dev/bounties/2c3489f7-6b84-48f8-9368-9cea67cf373d')[/TD] [/TR] [TR] [TD]sourcecodester -- simple_task_allocation_system[/TD] [TD]A vulnerability has been found in SourceCodester Simple Task Allocation System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file manage_user.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224743.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1791&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1791]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1791') [MISC]('https://github.com/Pe4cefulSnow/SQL-Injection/blob/main/SQLcve.md') [MISC]('https://vuldb.com/?ctiid.224743') [MISC]('https://vuldb.com/?id.224743')[/TD] [/TR] [TR] [TD]sourcecodester -- simple_mobile_comparison_website[/TD] [TD]A vulnerability was found in SourceCodester Simple Mobile Comparison Website 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/fields/manage_field.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224744.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1792&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1792]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1792') [MISC]('https://vuldb.com/?id.224744') [MISC]('https://github.com/LOBSSSA5DD5/bug_report/blob/main/SQLi-1.md') [MISC]('https://vuldb.com/?ctiid.224744')[/TD] [/TR] [TR] [TD]sourcecodester -- police_crime_record_management_system[/TD] [TD]A vulnerability was found in SourceCodester Police Crime Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /officer/assigncase.php of the component GET Parameter Handler. The manipulation of the argument caseid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224745 was assigned to this vulnerability.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1793&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1793]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1793') [MISC]('https://vuldb.com/?id.224745') [MISC]('https://vuldb.com/?ctiid.224745') [MISC]('https://github.com/fillorkill/bug_report/blob/main/SQLi-1.md')[/TD] [/TR] [TR] [TD]otcms -- otcms[/TD] [TD]A vulnerability classified as critical was found in OTCMS 6.0.1. Affected by this vulnerability is an unknown functionality of the file sysCheckFile.php?mudi=sql. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-224749 was assigned to this vulnerability.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1797&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1797]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1797') [MISC]('https://vuldb.com/?id.224749') [MISC]('https://vuldb.com/?ctiid.224749') [MISC]('https://gitee.com/wkstestete/cve/blob/master/upload/upload1.md')[/TD] [/TR] [TR] [TD]go-fastdfs_project -- go-fastdfs[/TD] [TD]A vulnerability, which was classified as critical, has been found in sjqzhang go-fastdfs up to 1.4.3. Affected by this issue is the function upload of the file /group1/uploa of the component File Upload Handler. The manipulation leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224768.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1800&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1800]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1800') [MISC]('https://github.com/yangyanglo/ForCVE/blob/main/2023-0x05.md') [MISC]('https://vuldb.com/?ctiid.224768') [MISC]('https://vuldb.com/?id.224768')[/TD] [/TR] [TR] [TD]sourcecodester -- online_computer_and_laptop_store[/TD] [TD]A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file php-ocls\admin\system_info\index.php. The manipulation of the argument img leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-224841 was assigned to this vulnerability.[/TD] [TD]2023-04-04[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1826&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1826]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1826') [MISC]('https://vuldb.com/?ctiid.224841') [MISC]('https://vuldb.com/?id.224841')[/TD] [/TR] [TR] [TD]htmlunit_project -- htmlunit[/TD] [TD]Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage.[/TD] [TD]2023-04-03[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26119&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-26119]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26119') [MISC]('https://siebene.github.io/2022/12/30/HtmlUnit-RCE/') [MISC]('https://security.snyk.io/vuln/SNYK-JAVA-NETSOURCEFORGEHTMLUNIT-3252500') [MISC]('https://github.com/HtmlUnit/htmlunit/commit/641325bbc84702dc9800ec7037aec061ce21956b')[/TD] [/TR] [TR] [TD]dlink -- go-rt-ac750_firmware[/TD] [TD]D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at soapcgi.main.[/TD] [TD]2023-04-01[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26822&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-26822]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26822') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/yzskyt/Vuln/blob/main/Go-RT-AC750/Go-RT-AC750.md')[/TD] [/TR] [TR] [TD]gladinet -- centrestack[/TD] [TD]An authentication bypass vulnerability in the Password Reset component of Gladinet CentreStack before 13.5.9808 allows remote attackers to set a new password for any valid user account, without needing the previous known password, resulting in a full authentication bypass.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26829&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-26829]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26829') [MISC]('https://www.whiteoaksecurity.com/blog/centrestack-disclosure/')[/TD] [/TR] [TR] [TD]myprestamodules -- frequently_asked_questions_page[/TD] [TD]SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26858&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-26858]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26858') [MISC]('https://addons.prestashop.com/en/faq-frequently-asked-questions/16036-frequently-asked-questions-faq-page.html') [MISC]('https://friends-of-presta.github.io/security-advisories/modules/2023/03/28/faqs.html')[/TD] [/TR] [TR] [TD]ibm -- aspera_cargo/aspera_connect[/TD] [TD]IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27284&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-27284]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27284') [MISC]('https://www.ibm.com/support/pages/node/6966588') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/248616')[/TD] [/TR] [TR] [TD]ibm -- aspera_cargo/aspera_connect[/TD] [TD]IBM Aspera Cargo 4.2.5 and IBM Aspera Connect 4.2.5 are vulnerable to a buffer overflow, caused by improper bounds checking. An attacker could overflow a buffer and execute arbitrary code on the system. IBM X-Force ID: 248616.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27286&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-27286]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27286') [MISC]('https://www.ibm.com/support/pages/node/6966588') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/248627')[/TD] [/TR] [TR] [TD]jenkins -- role-based_authorization_strategy[/TD] [TD]Jenkins Role-based Authorization Strategy Plugin 587.v2872c41fa_e51 and earlier grants permissions even after they've been disabled.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28668&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28668]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28668') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-3053')[/TD] [/TR] [TR] [TD]jenkins -- convert_to_pipeline[/TD] [TD]Jenkins Convert To Pipeline Plugin 1.0 and earlier uses basic string concatenation to convert Freestyle projects' Build Environment, Build Steps, and Post-build Actions to the equivalent Pipeline step invocations, allowing attackers able to configure Freestyle projects to prepare a crafted configuration that injects Pipeline script code into the (unsandboxed) Pipeline resulting from a convertion by Jenkins Convert To Pipeline Plugin.[/TD] [TD]2023-04-02[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28677&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28677]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28677') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2966')[/TD] [/TR] [TR] [TD]202-ecommerce -- paypal[/TD] [TD]PrestaShop/paypal is an open source module for the PrestaShop web commerce ecosystem which provides paypal payment support. A SQL injection vulnerability found in the PrestaShop paypal module from release from 3.12.0 to and including 3.16.3 allow a remote attacker to gain privileges, modify data, and potentially affect system availability. The cause of this issue is that SQL queries were being constructed with user input which had not been properly filtered. Only deployments on PrestaShop 1.6 are affected. Users are advised to upgrade to module version 3.16.4. There are no known workarounds for this vulnerability.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28843&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28843]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28843') [MISC]('https://github.com/202ecommerce/paypal/commit/2f6884ea1d0fe4b58441699fcc1d6c56c7d733eb') [MISC]('https://github.com/202ecommerce/paypal/security/advisories/GHSA-66pc-8gh8-mx7m')[/TD] [/TR] [TR] [TD]artifex -- ghostscript[/TD] [TD]In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.[/TD] [TD]2023-03-31[/TD] [TD][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28879&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28879]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28879') [MISC]('https://bugs.ghostscript.com/show_bug.cgi?id=706494') [MISC]('https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=37ed5022cecd584de868933b5b60da2e995b3179') [MISC]('https://ghostscript.readthedocs.io/en/latest/News.html') [MLIST]('https://lists.debian.org/debian-lts-announce/2023/04/msg00003.html') [DEBIAN]('https://www.debian.org/security/2023/dsa-5383')[/TD] [/TR] [TR] [TD]generex -- cs141_firmware[/TD] [TD]Generex UPS CS141 below 2.06 version, allows an attacker toupload a firmware file containing an incorrect configuration, in order to disrupt the normal functionality of the device.[/TD] [TD]2023-03-31[/TD] [TD][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47189&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H')[/TD] [TD][CVE-2022-47189]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47189') [CONFIRM]('https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/2-12') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/page:2')[/TD] [/TR] [TR] [TD]openapi-generator -- openapi_generator[/TD] [TD]openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/gen/clients/{language}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.[/TD] [TD]2023-03-31[/TD] [TD][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27162&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/TD] [TD][CVE-2023-27162]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27162') [MISC]('https://notes.sjtu.edu.cn/s/2_yki_2Xq') [MISC]('https://github.com/OpenAPITools/openapi-generator') [MISC]('https://gist.github.com/b33t1e/6121210ebd9efd4f693c73b830d8ab08') [MISC]('http://openapi-generator.com')[/TD] [/TR] [TR] [TD]deltaww -- dx-2100l1-cn_firmware[/TD] [TD]The web configuration service of the affected device contains an authenticated command injection vulnerability. It can be used to execute system commands on the operating system (OS) from the device in the context of the user "root." If the attacker has credentials for the web service, then the device could be fully compromised.[/TD] [TD]2023-03-31[/TD] [TD][9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0432&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H')[/TD] [TD][CVE-2023-0432]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0432') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-033-05')[/TD] [/TR] [TR] [TD]phpmywind -- phpmywind[/TD] [TD]SQL injection vulnerability found in PHPMyWind v.5.6 allows a remote attacker to gain privileges via the delete function of the administrator management page.[/TD] [TD]2023-04-04[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21060&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2020-21060]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21060') [MISC]('https://github.com/gaozhifeng/PHPMyWind/issues/10')[/TD] [/TR] [TR] [TD]admesh_project -- admesh[/TD] [TD]An improper array index validation vulnerability exists in the stl_fix_normal_directions functionality of ADMesh Master Commit 767a105 and v0.98.4. A specially-crafted stl file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.[/TD] [TD]2023-04-03[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-38072&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2022-38072]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38072') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2022-1594') [MISC]('https://github.com/admesh/admesh/commit/5fab257268a0ee6f832c18d72af89810a29fbd5f')[/TD] [/TR] [TR] [TD]hcltech -- hcl_compass[/TD] [TD]HCL Compass is vulnerable to Cross-Origin Resource Sharing (CORS). This vulnerability can allow an unprivileged remote attacker to trick a legitimate user into accessing a special resource and executing a malicious request.[/TD] [TD]2023-04-02[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-42447&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2022-42447]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42447') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0103581')[/TD] [/TR] [TR] [TD]generex -- cs141_firmware[/TD] [TD]Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a firmware file containing a file with modified permissions, allowing him to escalate privileges.[/TD] [TD]2023-03-31[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47191&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2022-47191]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47191') [CONFIRM]('https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/2-12') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/page:2')[/TD] [/TR] [TR] [TD]generex -- cs141_firmware[/TD] [TD]Generex UPS CS141 below 2.06 version, could allow a remote attacker to upload a backup file containing a modified "users.json" to the web server of the device, allowing him to replace the administrator password.[/TD] [TD]2023-03-31[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47192&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2022-47192]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47192') [CONFIRM]('https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/2-12') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/page:2')[/TD] [/TR] [TR] [TD]bestwebsoft -- user_role[/TD] [TD]The User Role by BestWebSoft WordPress plugin before 1.6.7 does not protect against CSRF in requests to update role capabilities, leading to arbitrary privilege escalation of any role.[/TD] [TD]2023-04-03[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0820&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-0820]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0820') [MISC]('https://wpscan.com/vulnerability/b93d9f9d-0fd9-49b8-b465-d32b95351912')[/TD] [/TR] [TR] [TD]ibos -- ibos[/TD] [TD]A vulnerability has been found in IBOS up to 4.5.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /?r=email/api/mark&op=delFromSend. The manipulation of the argument emailids leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 4.5.5 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-224635.[/TD] [TD]2023-03-31[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1747&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1747]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1747') [MISC]('https://gitee.com/wkstestete/cve/blob/master/sql/ibos%20sql%20injection.md') [MISC]('https://vuldb.com/?id.224635') [MISC]('https://vuldb.com/?ctiid.224635')[/TD] [/TR] [TR] [TD]phpmyfaq -- phpmyfaq[/TD] [TD]Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12.[/TD] [TD]2023-03-31[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1762&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1762]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1762') [MISC]('https://github.com/thorsten/phpmyfaq/commit/ae6c1d8c3eab05d6e2227c7a9998707f4f891514') [CONFIRM]('https://huntr.dev/bounties/3c2374cc-7082-44b7-a6a6-ccff7a650a3a')[/TD] [/TR] [TR] [TD]jenkins -- octoperf_load_testing[/TD] [TD]A cross-site request forgery (CSRF) vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials.[/TD] [TD]2023-04-02[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28674&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28674') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-3067%20(4)')[/TD] [/TR] [TR] [TD]jenkins -- convert_to_pipeline[/TD] [TD]A cross-site request forgery (CSRF) vulnerability in Jenkins Convert To Pipeline Plugin 1.0 and earlier allows attackers to create a Pipeline based on a Freestyle project, potentially leading to remote code execution (RCE).[/TD] [TD]2023-04-02[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28676&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28676]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28676') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2963')[/TD] [/TR] [TR] [TD]panasonic -- aiseg2_firmware[/TD] [TD]Panasonic AiSEG2 versions 2.80F through 2.93A allows remote attackers to execute arbitrary OS commands.[/TD] [TD]2023-03-31[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28726&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28726]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28726') [MISC]('https://www2.panasonic.biz/jp/densetsu/aiseg/firmup_info.html')[/TD] [/TR] [TR] [TD]panasonic -- aiseg2_firmware[/TD] [TD]Panasonic AiSEG2 versions 2.00J through 2.93A allows adjacent attackers bypass authentication due to mishandling of X-Forwarded-For headers.[/TD] [TD]2023-03-31[/TD] [TD][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28727&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28727]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28727') [MISC]('https://www2.panasonic.biz/jp/densetsu/aiseg/firmup_info.html')[/TD] [/TR] [TR] [TD]jenkins -- visual_studio_code_metrics[/TD] [TD]Jenkins Visual Studio Code Metrics Plugin 1.7 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.[/TD] [TD]2023-04-02[/TD] [TD][8.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28681&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N')[/TD] [TD][CVE-2023-28681]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28681') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2926')[/TD] [/TR] [TR] [TD]jenkins -- performance_publisher[/TD] [TD]Jenkins Performance Publisher Plugin 8.09 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.[/TD] [TD]2023-04-02[/TD] [TD][8.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28682&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N')[/TD] [TD][CVE-2023-28682]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28682') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2928')[/TD] [/TR] [TR] [TD]jenkins -- phabricator_differential[/TD] [TD]Jenkins Phabricator Differential Plugin 2.1.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.[/TD] [TD]2023-04-02[/TD] [TD][8.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28683&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N')[/TD] [TD][CVE-2023-28683]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28683') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2942')[/TD] [/TR] [TR] [TD]nvidia -- virtual_gpu[/TD] [TD]NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler which may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.[/TD] [TD]2023-04-01[/TD] [TD][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0189&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-0189]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0189') [MISC]('https://nvidia.custhelp.com/app/answers/detail/a_id/5452')[/TD] [/TR] [TR] [TD]gnu -- binutils[/TD] [TD]Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64.[/TD] [TD]2023-04-03[/TD] [TD][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1579&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1579]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1579') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29988')[/TD] [/TR] [TR] [TD]linux -- kernel[/TD] [TD]hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush) because of calls to hci_dev_put and hci_conn_put. There is a double free that may lead to privilege escalation.[/TD] [TD]2023-03-31[/TD] [TD][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28464&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-28464]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28464') [MISC]('https://lore.kernel.org/lkml/[email protected]/') [MISC]('https://www.openwall.com/lists/oss-security/2023/03/28/2') [MISC]('https://www.openwall.com/lists/oss-security/2023/03/28/3')[/TD] [/TR] [TR] [TD]x-man_project -- x-man[/TD] [TD]X-Man 1.0 has a SQL injection vulnerability, which can cause data leakage.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46021&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2022-46021]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46021') [MISC]('https://github.com/Howard512966/x-man-injection') [MISC]('https://github.com/Howard512966/x-man-injection/blob/main/README.md')[/TD] [/TR] [TR] [TD]generex -- cs141_firmware[/TD] [TD]There is an arbitrary file reading vulnerability in Generex UPS CS141 below 2.06 version. An attacker, making use of the default credentials, could upload a backup file containing a symlink to /etc/shadow, allowing him to obtain the content of this path.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47188&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2022-47188]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47188') [CONFIRM]('https://www.incibe-cert.es/en/early-warning/ics-advisories/update-03032023-multiple-vulnerabilities-generex-ups-cs141') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/2-12') [CONFIRM]('https://www.generex.de/support/changelogs/cs141/page:2')[/TD] [/TR] [TR] [TD]facebook -- zstandard[/TD] [TD]A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4899&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/TD] [TD][CVE-2022-4899]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4899') [MISC]('https://github.com/facebook/zstd/issues/3200')[/TD] [/TR] [TR] [TD]akuvox -- e11_firmware[/TD] [TD]Akuvox E11 contains a function that encrypts messages which are then forwarded. The IV vector and the key are static, and this may allow an attacker to decrypt messages.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0343&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-0343]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0343') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01')[/TD] [/TR] [TR] [TD]akuvox -- e11_firmware[/TD] [TD]Akuvox E11 appears to be using a custom version of dropbear SSH server. This server allows an insecure option that by default is not in the official dropbear SSH server.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0344&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/TD] [TD][CVE-2023-0344]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0344') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-068-01')[/TD] [/TR] [TR] [TD]devolutions -- devolutions_gateway[/TD] [TD]Uncontrolled resource consumption in the logging feature in Devolutions Gateway 2023.1.1 and earlier allows an attacker to cause a denial of service by filling up the disk and render the system unusable.[/TD] [TD]2023-04-02[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1580&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/TD] [TD][CVE-2023-1580]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1580') [MISC]('https://devolutions.net/security/advisories/DEVO-2023-0007')[/TD] [/TR] [TR] [TD]sourcecodester -- grade_point_average_\(gpa\)_calculator[/TD] [TD]A vulnerability, which was classified as problematic, was found in SourceCodester Grade Point Average GPA Calculator 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page with the input php://filter/read=convert.base64-encode/resource=grade_table leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-224670 is the identifier assigned to this vulnerability.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1769&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-1769]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1769') [MISC]('https://vuldb.com/?id.224670') [MISC]('https://vuldb.com/?ctiid.224670') [MISC]('https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/README.md')[/TD] [/TR] [TR] [TD]sourcecodester -- simple_task_allocation_system[/TD] [TD]A vulnerability, which was classified as problematic, was found in SourceCodester Simple Task Allocation System 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page leads to information disclosure. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224724.[/TD] [TD]2023-04-01[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1790&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-1790]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1790') [MISC]('https://github.com/Pe4cefulSnow/CVE-Advisory/blob/main/uploadcve.md') [MISC]('https://vuldb.com/?ctiid.224724') [MISC]('https://vuldb.com/?id.224724')[/TD] [/TR] [TR] [TD]cesnet -- libyang[/TD] [TD]libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lys_parse_mem at lys_parse_mem.c.[/TD] [TD]2023-04-03[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26916&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/TD] [TD][CVE-2023-26916]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26916') [MISC]('https://github.com/CESNET/libyang/issues/1979')[/TD] [/TR] [TR] [TD]dlink -- dir-882_firmware[/TD] [TD]An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26925&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-26925]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26925') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/laotun-s/POC/blob/main/CVE-2023-26925.txt')[/TD] [/TR] [TR] [TD]tenda -- ac6_firmware[/TD] [TD]Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function.[/TD] [TD]2023-04-04[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26976&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/TD] [TD][CVE-2023-26976]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26976') [MISC]('https://github.com/Funcy33/Vluninfo_Repo/tree/main/CNVDs/AC6/205_1')[/TD] [/TR] [TR] [TD]ruoyi -- ruoyi[/TD] [TD]An arbitrary file download vulnerability in the background management module of RuoYi v4.7.6 and below allows attackers to download arbitrary files in the server.[/TD] [TD]2023-04-02[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27025&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-27025]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27025') [MISC]('https://gitee.com/y_project/RuoYi/commit/432d5ce1be2e9384a6230d7ccd8401eef5ce02b0') [MISC]('https://gitee.com/y_project/RuoYi/issues/I697Q5')[/TD] [/TR] [TR] [TD]appwrite -- appwrite[/TD] [TD]Appwrite up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /v1/avatars/favicon. This vulnerability allows attackers to access network resources and sensitive information via a crafted GET request.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27159&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-27159]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27159') [MISC]('https://notes.sjtu.edu.cn/gMNlpByZSDiwrl9uZyHTKA') [MISC]('https://gist.github.com/b33t1e/e9e8192317c111e7897e04d2f9bf5fdb') [MISC]('https://github.com/appwrite/appwrite') [MISC]('https://gist.github.com/b33t1e/43b26c31e895baf7e7aea2dbf9743a9a') [MISC]('http://appwrite.com')[/TD] [/TR] [TR] [TD]jenkins -- crap4j[/TD] [TD]Jenkins Crap4J Plugin 0.9 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.[/TD] [TD]2023-04-02[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28680&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-28680]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28680') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2925')[/TD] [/TR] [TR] [TD]ruby-lang -- uri[/TD] [TD]A ReDoS issue was discovered in the URI component through 0.12.0 in Ruby through 3.2.1. The URI parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to URI objects. The fixed versions are 0.12.1, 0.11.1, 0.10.2 and 0.10.0.1.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28755&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/TD] [TD][CVE-2023-28755]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28755') [MISC]('https://github.com/ruby/uri/releases/') [MISC]('https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/') [CONFIRM]('https://www.ruby-lang.org/en/news/2023/03/28/redos-in-uri-cve-2023-28755/') [MISC]('https://www.ruby-lang.org/en/downloads/releases/')[/TD] [/TR] [TR] [TD]ruby-lang -- time[/TD] [TD]A ReDoS issue was discovered in the Time component through 0.2.1 in Ruby through 3.2.1. The Time parser mishandles invalid URLs that have specific characters. It causes an increase in execution time for parsing strings to Time objects. The fixed versions are 0.1.1 and 0.2.2.[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28756&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/TD] [TD][CVE-2023-28756]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28756') [MISC]('https://www.ruby-lang.org/en/news/2022/12/25/ruby-3-2-0-released/') [CONFIRM]('https://www.ruby-lang.org/en/news/2023/03/30/redos-in-time-cve-2023-28756/') [MISC]('https://github.com/ruby/time/releases/') [MISC]('https://www.ruby-lang.org/en/downloads/releases/')[/TD] [/TR] [TR] [TD]vtex -- apps-graphql[/TD] [TD]The VTEX [email][email protected][/email] GraphQL API module does not properly restrict unauthorized access to private configuration data. ([email][email protected][/email] is unaffected by this issue.)[/TD] [TD]2023-03-31[/TD] [TD][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28877&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-28877]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28877') [MISC]('https://developers.vtex.com/updates/release-notes/[email protected]')[/TD] [/TR] [TR] [TD]sophos -- web_appliance[/TD] [TD]A post-auth command injection vulnerability in the exception wizard of Sophos Web Appliance older than version 4.3.10.4 allows administrators to execute arbitrary code.[/TD] [TD]2023-04-04[/TD] [TD][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4934&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2022-4934]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4934') [CONFIRM]('https://www.sophos.com/en-us/security-advisories/sophos-sa-20230404-swa-rce')[/TD] [/TR] [TR] [TD]wpeasycart -- wp_easycart[/TD] [TD]The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests, allowing authenticated users with admin privileges to perform LFI attacks.[/TD] [TD]2023-04-03[/TD] [TD][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1124&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-1124]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1124') [MISC]('https://wpscan.com/vulnerability/229b93cd-544b-4877-8d9f-e6debda9511c')[/TD] [/TR] [TR] [TD]gladinet -- centrestack[/TD] [TD]An unrestricted file upload vulnerability in the administrative portal branding component of Gladinet CentreStack before 13.5.9808 allows authenticated attackers to execute arbitrary code by uploading malicious files to the server.[/TD] [TD]2023-03-31[/TD] [TD][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26830&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/TD] [TD][CVE-2023-26830]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26830') [MISC]('https://www.whiteoaksecurity.com/blog/centrestack-disclosure/')[/TD] [/TR] [TR] [TD]nvidia -- virtual_gpu[/TD] [TD]NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer where an out-of-bounds write can lead to denial of service and data tampering.[/TD] [TD]2023-04-01[/TD] [TD][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0183&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/TD] [TD][CVE-2023-0183]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0183') [MISC]('https://nvidia.custhelp.com/app/answers/detail/a_id/5452')[/TD] [/TR] [TR] [TD]nvidia -- virtual_gpu[/TD] [TD]NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an out-of-bounds write can lead to denial of service and data tampering.[/TD] [TD]2023-04-01[/TD] [TD][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0186&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/TD] [TD][CVE-2023-0186]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0186') [MISC]('https://nvidia.custhelp.com/app/answers/detail/a_id/5452')[/TD] [/TR] [TR] [TD]nvidia -- virtual_gpu[/TD] [TD]NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds access may lead to denial of service or data tampering.[/TD] [TD]2023-04-01[/TD] [TD][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0191&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/TD] [TD][CVE-2023-0191]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0191') [MISC]('https://nvidia.custhelp.com/app/answers/detail/a_id/5452')[/TD] [/TR] [TR] [TD]nvidia -- data_center_gpu_manager[/TD] [TD]NVIDIA DCGM for Linux contains a vulnerability in HostEngine (server component) where a user may cause a heap-based buffer overflow through the bound socket. A successful exploit of this vulnerability may lead to denial of service and data tampering.[/TD] [TD]2023-04-01[/TD] [TD][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0208&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/TD] [TD][CVE-2023-0208]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0208') [MISC]('https://nvidia.custhelp.com/app/answers/detail/a_id/5453')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD]monospace -- directus[/TD] [TD]An issue found in Directus API v.2.2.0 allows a remote attacker to cause a denial of service via a great amount of HTTP requests.[/TD] [TD]2023-04-04[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19850&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/TD] [TD][CVE-2020-19850]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19850') [MISC]('https://github.com/directus/api/issues/982')[/TD] [/TR] [TR] [TD]devolutions -- remote_desktop_manager[/TD] [TD]Permission bypass when importing or synchronizing entries in User vault in Devolutions Remote Desktop Manager 2023.1.9 and prior versions allows users with restricted rights to bypass entry permission via id collision.[/TD] [TD]2023-04-02[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1202&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/TD] [TD][CVE-2023-1202]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1202') [MISC]('https://devolutions.net/security/advisories/DEVO-2023-0008')[/TD] [/TR] [TR] [TD]inisev -- redirection[/TD] [TD]The Redirection WordPress plugin before 1.1.4 does not add nonce verification in place when adding the redirect, which could allow attackers to add redirects via a CSRF attack.[/TD] [TD]2023-04-03[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1330&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/TD] [TD][CVE-2023-1330]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1330') [MISC]('https://wpscan.com/vulnerability/de4cff6d-0030-40e6-8221-fef56e12b4de')[/TD] [/TR] [TR] [TD]devolutions -- remote_desktop_manager[/TD] [TD]Information disclosure in the user creation feature of a MSSQL data source in Devolutions Remote Desktop Manager 2023.1.9 and below on Windows allows an attacker with access to the user interface to obtain sensitive information via the error message dialog that displays the password in clear text.[/TD] [TD]2023-04-02[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1574&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-1574]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1574') [MISC]('https://devolutions.net/security/advisories/DEVO-2023-0006')[/TD] [/TR] [TR] [TD]devolutions -- devolutions_server[/TD] [TD]Permission bypass when importing or synchronizing entries in User vault in Devolutions Server 2022.3.13 and prior versions allows users with restricted rights to bypass entry permission via id collision.[/TD] [TD]2023-04-02[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1603&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/TD] [TD][CVE-2023-1603]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1603') [MISC]('https://devolutions.net/security/advisories/DEVO-2023-0008')[/TD] [/TR] [TR] [TD]mattermost -- mattermost_server[/TD] [TD]When running in a High Availability configuration, Mattermost fails to sanitize some of the user_updated and post_deleted events broadcast to all users, leading to disclosure of sensitive information to some of the users with currently connected Websocket clients.[/TD] [TD]2023-03-31[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1775&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-1775]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1775') [MISC]('https://mattermost.com/security-updates/')[/TD] [/TR] [TR] [TD]rbaskets -- request_baskets[/TD] [TD]request-baskets up to v1.2.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /api/baskets/{name}. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request.[/TD] [TD]2023-03-31[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27163&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N')[/TD] [TD][CVE-2023-27163]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27163') [MISC]('https://notes.sjtu.edu.cn/s/MUUhEymt7') [MISC]('https://github.com/darklynx/request-baskets') [MISC]('https://gist.github.com/b33t1e/3079c10c88cad379fb166c389ce3b7b3') [MISC]('http://request-baskets.com')[/TD] [/TR] [TR] [TD]nextcloud -- richdocuments[/TD] [TD]Nextcloud richdocuments is a Nextcloud app integrating the office suit Collabora Online. In affected versions the secure view feature of the rich documents app can be bypassed by using unprotected internal API endpoint of the rich documents app. It is recommended that the Nextcloud Office app (richdocuments) is upgraded to 8.0.0-beta.1, 7.0.2 or 6.3.2. Users unable to upgrade may mitigate the issue by taking steps to restrict the ability to download documents. This includes ensuring that the [ICODE]WOPI configuration[/ICODE] is configured to only serve documents between Nextcloud and Collabora. It is highly recommended to define the list of Collabora server IPs as the allow list within the Office admin settings of Nextcloud.[/TD] [TD]2023-03-31[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28645&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-28645]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28645') [MISC]('https://docs.nextcloud.com/server/latest/admin_manual/office/configuration.html#wopi-settings') [MISC]('https://github.com/nextcloud/security-advisories/security/advisories/GHSA-95j6-p5cj-5hh5') [MISC]('https://github.com/nextcloud/richdocuments/pull/2604')[/TD] [/TR] [TR] [TD]jenkins -- octoperf_load_testing[/TD] [TD]Jenkins OctoPerf Load Testing Plugin Plugin 4.5.1 and earlier does not perform a permission check in a connection test HTTP endpoint, allowing attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.[/TD] [TD]2023-04-02[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28672&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-28672]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28672') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-3067%20(2)')[/TD] [/TR] [TR] [TD]jenkins -- remote-jobs-view[/TD] [TD]Jenkins remote-jobs-view-plugin Plugin 0.0.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.[/TD] [TD]2023-04-02[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28684&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-28684]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28684') [MISC]('https://www.jenkins.io/security/advisory/2023-03-21/#SECURITY-2956')[/TD] [/TR] [TR] [TD]nextcloud -- nextcloud_server[/TD] [TD]Nextcloud server is an open source home cloud implementation. In affected versions users that should not be able to download a file can still download an older version and use that for uncontrolled distribution. This issue has been addressed in versions 24.0.10 and 25.0.4. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/TD] [TD]2023-03-31[/TD] [TD][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28844&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/TD] [TD][CVE-2023-28844]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28844') [MISC]('https://github.com/nextcloud/security-advisories/security/advisories/GHSA-w47p-f66h-h2vj') [MISC]('https://github.com/nextcloud/server/pull/36113')[/TD] [/TR] [TR] [TD]linux -- kernel[/TD] [TD]A use-after-free flaw was found in btrfs_search_slot in fs/btrfs/ctree.c in btrfs in the Linux Kernel.This flaw allows an attacker to crash the system and possibly cause a kernel information lea[/TD] [TD]2023-04-03[/TD] [TD][6.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1611&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H')[/TD] [TD][CVE-2023-1611]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1611') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2181342') [MISC]('https://lore.kernel.org/linux-btrfs/35b9a70650ea947387cf352914a8774b4f7e8a6f.1679481128.git.fdmanana@suse.com/') [FEDORA]('https://lists.fedoraproject.org/archives/list/[email protected]/message/ZWECAZ7V7EPSXMINO6Q6KWNKDY2CO6ZW/') [FEDORA]('https://lists.fedoraproject.org/archives/list/[email protected]/message/5QCM6XO4HSPLGR3DFYWFRIA3GCBIHZR4/')[/TD] [/TR] [TR] [TD]editor.md -- editor.md[/TD] [TD]Cross Site Scripting vulnerability found in Pandao Editor.md v.1.5.0 allows a remote attacker to execute arbitrary code via a crafted script in the