CISA Bulletins - Vulnerability Summary for the Week of August 21, 2023

system · August 28, 2023, 8:22pm

High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]qemu -- qemu[/LEFT][/TD] [TD][LEFT]The hardware emulation in the of_dpa_cmd_add_l2_flood of rocker device model in QEMU, as used in 7.0.0 and earlier, allows remote attackers to crash the host qemu and potentially execute code on the host via execute a malformed program in the guest OS.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][10]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-36648&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-36648]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36648') [MISC]('https://lists.nongnu.org/archive/html/qemu-devel/2022-06/msg04469.html')[/TD] [/TR] [TR] [TD][LEFT]c-ares -- c-ares[/LEFT][/TD] [TD][LEFT]Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22217&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-22217]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22217') [MISC]('https://github.com/c-ares/c-ares/issues/333')[/TD] [/TR] [TR] [TD][LEFT]flac_project -- flac[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22219&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-22219]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22219') [MISC]('https://github.com/xiph/flac/issues/215')[/TD] [/TR] [TR] [TD][LEFT]leeco -- letv_x43_firmware[/LEFT][/TD] [TD][LEFT]An issue was discovered in kdmserver service in LeEco LeTV X43 version V2401RCN02C080080B04121S, allows attackers to execute arbitrary code, escalate privileges, and cause a denial of service (DoS).[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-28715&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-28715]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-28715') [MISC]('http://leeco.com') [MISC]('https://www.cnvd.org.cn/flaw/show/2602948')[/TD] [/TR] [TR] [TD][LEFT]gnu -- gnu_scientific_library[/LEFT][/TD] [TD][LEFT]A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for gsl_stats_quantile_from_sorted_data of the library may lead to unexpected application termination or arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-35357&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-35357]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-35357') [MISC]('https://savannah.gnu.org/bugs/?59624') [MISC]('https://git.savannah.gnu.org/cgit/gsl.git/commit/?id=989a193268b963aa1047814f7f1402084fb7d859')[/TD] [/TR] [TR] [TD][LEFT]libjpeg-turbo -- libjpeg-turbo[/LEFT][/TD] [TD][LEFT]libjpeg-turbo version 2.0.90 is vulnerable to a heap-buffer-overflow vulnerability in decompress_smooth_data in jdcoefct.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-29390&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-29390]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-29390') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=1943797')[/TD] [/TR] [TR] [TD][LEFT]json-c_project -- json-c[/LEFT][/TD] [TD][LEFT]An issue was discovered in json-c through 0.15-20200726. A stack-buffer-overflow exists in the function parseit located in json_parse.c. It allows an attacker to cause code Execution.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-32292&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-32292]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-32292') [MISC]('https://github.com/json-c/json-c/issues/654')[/TD] [/TR] [TR] [TD][LEFT]dpic_project -- dpic[/LEFT][/TD] [TD][LEFT]dpic 2021.04.10 has a Heap Buffer Overflow in themakevar() function in dpic.y[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-33388&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-33388]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-33388') [MISC]('https://gitlab.com/aplevich/dpic/-/issues/8')[/TD] [/TR] [TR] [TD][LEFT]dpic_project -- dpic[/LEFT][/TD] [TD][LEFT]dpic 2021.04.10 has a use-after-free in thedeletestringbox() function in dpic.y. A different vulnerablility than CVE-2021-32421.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-33390&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-33390]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-33390') [MISC]('https://gitlab.com/aplevich/dpic/-/issues/10')[/TD] [/TR] [TR] [TD][LEFT]terra-master -- terramaster_operating_system[/LEFT][/TD] [TD][LEFT]TerraMaster NAS through 4.2.30 allows remote WAN attackers to execute arbitrary code as root via the raidtype and diskstring parameters for PHP Object Instantiation to the api.php?mobile/createRaid URI. (Shell metacharacters can be placed in raidtype because popen is used without any sanitization.) The credentials from CVE-2022-24990 exploitation can be used.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-24989&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-24989]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-24989') [MISC]('https://attackerkb.com/topics/h8YKVKx21t/cve-2022-24990') [MISC]('https://packetstormsecurity.com/files/172904') [MISC]('https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation') [MISC]('https://forum.terra-master.com/en/viewforum.php?f=28') [MISC]('https://github.com/0xf4n9x/CVE-2022-24990')[/TD] [/TR] [TR] [TD][LEFT]pandorafms -- pandora_fms[/LEFT][/TD] [TD][LEFT]Unrestricted Upload of File with Dangerous Type vulnerability in the Pandora FMS File Manager component, allows an attacker to make make use of this issue ( unrestricted file upload ) to execute arbitrary system commands. This issue affects Pandora FMS v767 version and prior versions on all platforms.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-24517&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-24517]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24517') [MISC]('https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/')[/TD] [/TR] [TR] [TD][LEFT]danfoss -- ak-sm_800a_firmware[/LEFT][/TD] [TD][LEFT]Due to improper input validation, a remote attacker could execute arbitrary commands on the target system.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25915&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-25915]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25915') [MISC]('https://csirt.divd.nl/CVE-2023-25915') [MISC]('https://csirt.divd.nl/DIVD-2023-00025')[/TD] [/TR] [TR] [TD][LEFT]nodejs -- node.js[/LEFT][/TD] [TD][LEFT]The use of [ICODE]Module._load()[/ICODE] can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32002&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32002]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32002') [MISC]('https://hackerone.com/reports/1960870')[/TD] [/TR] [TR] [TD][LEFT]elecom -- lan-w300n\/rs_firmware[/LEFT][/TD] [TD][LEFT]Hidden functionality vulnerability in LAN-W300N/RS all versions, and LAN-W300N/PR5 all versions allow an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32626&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32626]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32626') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]e-excellence -- u-office_force [/LEFT][/TD] [TD][LEFT]e-Excellence U-Office Force file uploading function does not restrict upload of file with dangerous type. An unauthenticated remote attacker without logging the service can exploit this vulnerability to upload arbitrary files to perform arbitrary command or disrupt service.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32757&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32757]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32757') [MISC]('https://www.twcert.org.tw/tw/cp-132-7330-94442-1.html')[/TD] [/TR] [TR] [TD][LEFT]elecom -- lan-wh300andgpe_firmware[/LEFT][/TD] [TD][LEFT]Hidden functionality vulnerability in LOGITEC wireless LAN routers allows an unauthenticated attacker to log in to the product's certain management console and execute arbitrary OS commands. Affected products and versions are as follows: LAN-W300N/DR all versions, LAN-WH300N/DR all versions, LAN-W300N/P all versions, LAN-WH450N/GP all versions, LAN-WH300AN/DGP all versions, LAN-WH300N/DGP all versions, and LAN-WH300ANDGPE all versions.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35991&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35991]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35991') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]langchain -- langchain[/LEFT][/TD] [TD][LEFT]An issue in langchain v.0.0.171 allows a remote attacker to execute arbitrary code via the via the a json file to the load_prompt parameter.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36281&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36281]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36281') [MISC]('https://github.com/hwchase17/langchain/issues/4394') [MISC]('https://aisec.today/LangChain-2e6244a313dd46139c5ef28cbcab9e55')[/TD] [/TR] [TR] [TD][LEFT]ivanti -- mobileiron_sentry[/LEFT][/TD] [TD][LEFT]A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38035&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38035]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38035') [MISC]('https://forums.ivanti.com/s/article/CVE-2023-38035-API-Authentication-Bypass-on-Sentry-Administrator-Interface')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 is vulnerable to incorrect privilege assignment when importing users from an LDAP directory. IBM X-Force ID: 262481.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38734&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38734]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38734') [MISC]('https://www.ibm.com/support/pages/node/7028227') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/262481')[/TD] [/TR] [TR] [TD][LEFT]jerryscript -- jerryscript[/LEFT][/TD] [TD][LEFT]Buffer Overflwo vulnerability in JerryScript Project jerryscript v.3.0.0 allows a remote attacker to execute arbitrary code via the scanner_is_context_needed component in js-scanner-until.c.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38961&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38961]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38961') [MISC]('https://github.com/jerryscript-project/jerryscript/issues/5092')[/TD] [/TR] [TR] [TD][LEFT]elecom -- wrc-x1800gs-b_firmware[/LEFT][/TD] [TD][LEFT]Buffer overflow vulnerability in WRC-X1800GS-B v1.13 and earlier, WRC-X1800GSA-B v1.13 and earlier, and WRC-X1800GSH-B v1.13 and earlier allows an unauthenticated attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39454&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39454]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39454') [MISC]('https://www.elecom.co.jp/news/security/20230711-01/') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/')[/TD] [/TR] [TR] [TD][LEFT]totolink -- x5000r_firmware[/LEFT][/TD] [TD][LEFT]TOTOLINK X5000R_V9.1.0cu.2089_B20211224 and X5000R_V9.1.0cu.2350_B20230313 were discovered to contain a remote code execution (RCE) vulnerability via the lang parameter in the setLanguageCfg function.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39617&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39617]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39617') [MISC]('https://sedate-class-393.notion.site/TOTOlink-ee7eb0d4cd5d43e9983296200371eff1?pvs=4')[/TD] [/TR] [TR] [TD][LEFT]totolink -- x5000r_firmware[/LEFT][/TD] [TD][LEFT]TOTOLINK X5000R B20210419 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg interface.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39618&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39618]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39618') [MISC]('https://sedate-class-393.notion.site/TOTOlink-3567fd9f93d84afab0d81cd8c063f9a1?pvs=4')[/TD] [/TR] [TR] [TD][LEFT]gabrieleventuri -- pandasai[/LEFT][/TD] [TD][LEFT]An issue in Gaberiele Venturi pandasai v.0.8.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the prompt function.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39660&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39660]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39660') [MISC]('https://github.com/gventuri/pandas-ai/issues/399') [MISC]('https://github.com/gventuri/pandas-ai/pull/409')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-842_firmware[/LEFT][/TD] [TD][LEFT]D-Link DIR-842 fw_revA_1-02_eu_multi_20151008 was discovered to contain multiple buffer overflows in the fgets function via the acStack_120 and acStack_220 parameters.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39666&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39666]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39666') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR-842%20buffer%20overflow.md') [MISC]('https://support.dlink.com/')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac6_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC6 _US_AC6V1.0BR_V15.03.05.16 was discovered to contain a buffer overflow via the function fgets.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39670&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39670]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39670') [MISC]('https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/AC6%20buffer%20overflow.md') [MISC]('https://www.tendacn.com/download/list-3.html')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-880l_a1_firmware[/LEFT][/TD] [TD][LEFT]D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function FUN_0001be68.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39671&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39671]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39671') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://support.dlink.com/') [MISC]('https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR880%20buffer%20overflow.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- wh450a_firmware[/LEFT][/TD] [TD][LEFT]Tenda WH450 v1.0.0.18 was discovered to contain a buffer overflow via the function fgets.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39672&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39672]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39672') [MISC]('https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/WH450%20buffer%20overflow.md') [MISC]('https://www.tendacn.com/download/list-3.html')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac15_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC15 V1.0BR_V15.03.05.18_multi_TD01 was discovered to contain a buffer overflow via the function FUN_00010e34().[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39673&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39673]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39673') [MISC]('https://github.com/Davidteeri/Bug-Report/blob/main/Tenda/AC15%20Impoper%20Input%20Validation.md') [MISC]('https://www.tendacn.com/download/list-3.html')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-880l_a1_firmware[/LEFT][/TD] [TD][LEFT]D-Link DIR-880 A1_FW107WWb08 was discovered to contain a buffer overflow via the function fgets.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39674&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39674') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/DIR880%20buffe%20overflow.md') [MISC]('https://support.dlink.com/')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tl-wr940n_v2_firmware[/LEFT][/TD] [TD][LEFT]TP-Link WR841N V8, TP-Link TL-WR940N V2, and TL-WR941ND V5 were discovered to contain a buffer overflow via the radiusSecret parameter at /userRpm/WlanSecurityRpm.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39747&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39747]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39747') [MISC]('https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/17/TP-Link%20WR841N%20wireless%20router%20WlanSecurityRpm%20Stack%20Overflow%20vulnerability.md')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dap-2660_firmware[/LEFT][/TD] [TD][LEFT]D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the component /adv_resource. This vulnerability is exploited via a crafted GET request.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39749&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39749]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39749') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/a101e-IoTvul/iotvul/blob/main/d-link/2/D-Link%20DAP-2660%20adv_resource.md')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dap-2660_firmware[/LEFT][/TD] [TD][LEFT]D-Link DAP-2660 v1.13 was discovered to contain a buffer overflow via the f_ipv6_enable parameter at /bsc_ipv6. This vulnerability is exploited via a crafted POST request.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39750&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39750]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39750') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/a101e-IoTvul/iotvul/blob/main/d-link/1/D-Link%20DAP-2660%20bsc_ipv6.md')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tl-wr941nd_v6_firmware[/LEFT][/TD] [TD][LEFT]TP-Link TL-WR941ND V6 were discovered to contain a buffer overflow via the pSize parameter at /userRpm/PingIframeRpm.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39751&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39751]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39751') [MISC]('https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/20/WR941ND_userRpm_PingIframeRpm_buffer_write_out-of-bounds_vulnerability.md')[/TD] [/TR] [TR] [TD][LEFT]nvki -- intelligent_broadband_subscriber_gateway[/LEFT][/TD] [TD][LEFT]N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a SQL injection vulnerability via the a_passwd parameter at /portal/user-register.php.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39807&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39807]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39807') [MISC]('http://nvkinter.com') [MISC]('http://ibsg.com')[/TD] [/TR] [TR] [TD][LEFT]nvki -- intelligent_broadband_subscriber_gateway[/LEFT][/TD] [TD][LEFT]N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a hardcoded root password which allows attackers to login with root privileges via the SSH service.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39808&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39808]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39808') [MISC]('http://nvkinter.com') [MISC]('http://ibsg.com')[/TD] [/TR] [TR] [TD][LEFT]nvki -- intelligent_broadband_subscriber_gateway[/LEFT][/TD] [TD][LEFT]N.V.K.INTER CO., LTD. (NVK) iBSG v3.5 was discovered to contain a command injection vulnerability via the system_hostname parameter at /manage/network-basic.php.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39809&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39809]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39809') [MISC]('http://nvkinter.com') [MISC]('http://ibsg.com')[/TD] [/TR] [TR] [TD][LEFT]elecom -- wrc-f1167acf_firmware[/LEFT][/TD] [TD][LEFT]OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-F1167ACF all versions, WRC-1750GHBK all versions, WRC-1167GHBK2 all versions, WRC-1750GHBK2-I all versions, and WRC-1750GHBK-E all versions.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40069&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40069]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40069') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]fobybus -- social-media-skeleton[/LEFT][/TD] [TD][LEFT]Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Insufficient session expiration is a web application security vulnerability that occurs when a web application does not properly manage the lifecycle of a user's session. Social media skeleton releases prior to 1.0.5 did not properly limit manage user session lifecycles. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40174&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40174]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40174') [MISC]('https://github.com/fobybus/social-media-skeleton/commit/99738b2cc5efb6a5739161c931daa43f99431e5a') [MISC]('https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-cr5c-ggwq-g4hq')[/TD] [/TR] [TR] [TD][LEFT]puma -- puma[/LEFT][/TD] [TD][LEFT]Puma is a Ruby/Rack web server built for parallelism. Prior to versions 6.3.1 and 5.6.7, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies and zero-length Content-Length headers in a way that allowed HTTP request smuggling. Severity of this issue is highly dependent on the nature of the web site using puma is. This could be caused by either incorrect parsing of trailing fields in chunked transfer encoding bodies or by parsing of blank/zero-length Content-Length headers. Both issues have been addressed and this vulnerability has been fixed in versions 6.3.1 and 5.6.7. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40175&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40175]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40175') [MISC]('https://github.com/puma/puma/commit/690155e7d644b80eeef0a6094f9826ee41f1080a') [MISC]('https://github.com/puma/puma/security/advisories/GHSA-68xg-gqqm-vgj8')[/TD] [/TR] [TR] [TD][LEFT]devolutions -- remote_desktop_manager[/LEFT][/TD] [TD][LEFT]Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights via the remote tools feature.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4373&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4373]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4373') [MISC]('https://devolutions.net/security/advisories/DEVO-2023-0015/')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. This makes it possible for unauthenticated attackers to specify their user role by supplying the 'role' parameter during a registration.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4404&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4404]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4404') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/522ecc1c-5834-4325-9234-79cf712213f3?source=cve') [MISC]('https://plugins.trac.wordpress.org/browser/charitable/tags/1.7.0.12/includes/users/class-charitable-user.php#L866')[/TD] [/TR] [TR] [TD][LEFT]credit_lite_project -- credit_lite[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in Codecanyon Credit Lite 1.5.4. Affected by this vulnerability is an unknown functionality of the file /portal/reports/account_statement of the component POST Request Handler. The manipulation of the argument date1/date2 leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-237511.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4407&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4407]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4407') [MISC]('https://vuldb.com/?ctiid.237511') [MISC]('https://vuldb.com/?id.237511') [MISC]('http://packetstormsecurity.com/files/174244/Credit-Lite-1.5.4-SQL-Injection.html')[/TD] [/TR] [TR] [TD][LEFT]totolink -- ex1200l_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023. This affects the function setDiagnosisCfg. The manipulation leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237513 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4410&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4410]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4410') [MISC]('https://vuldb.com/?ctiid.237513') [MISC]('https://vuldb.com/?id.237513') [MISC]('https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8')[/TD] [/TR] [TR] [TD][LEFT]totolink -- ex1200l_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This vulnerability affects the function setTracerouteCfg. The manipulation leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-237514 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4411&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4411]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4411') [MISC]('https://vuldb.com/?ctiid.237514') [MISC]('https://vuldb.com/?id.237514') [MISC]('https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8')[/TD] [/TR] [TR] [TD][LEFT]totolink -- ex1200l_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability was found in TOTOLINK EX1200L EN_V9.3.5u.6146_B20201023 and classified as critical. This issue affects the function setWanCfg. The manipulation leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237515. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4412&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4412]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4412') [MISC]('https://vuldb.com/?id.237515') [MISC]('https://vuldb.com/?ctiid.237515') [MISC]('https://gist.github.com/dmknght/02a29e1c5ae18b45eacc2085d22068e8')[/TD] [/TR] [TR] [TD][LEFT]beijing_baichuo -- smart_s85f_management_platform[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237517 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4414&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4414]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4414') [MISC]('https://github.com/RCEraser/cve/blob/main/S85F.md') [MISC]('https://vuldb.com/?ctiid.237517') [MISC]('https://vuldb.com/?id.237517')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- inventory_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in SourceCodester Inventory Management System 1.0. This issue affects some unknown processing of the file app/action/edit_update.php. The manipulation of the argument user_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237557 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4436&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4436]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4436') [MISC]('https://github.com/E1CHO/cve_hub/blob/main/PUBLIC%20CVE%20HUB/Free%20and%20Open%20Source%20inventory%20management%20system%20-%20vuln%201.pdf') [MISC]('https://vuldb.com/?ctiid.237557') [MISC]('https://vuldb.com/?id.237557')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- inventory_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/search_sell_paymen_report.php. The manipulation of the argument customer leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-237558 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4437&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4437]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4437') [MISC]('https://github.com/E1CHO/cve_hub/blob/main/PUBLIC%20CVE%20HUB/Free%20and%20Open%20Source%20inventory%20management%20system%20-%20vuln%202.pdf') [MISC]('https://vuldb.com/?ctiid.237558') [MISC]('https://vuldb.com/?id.237558')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- inventory_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file app/ajax/search_sales_report.php. The manipulation of the argument customer leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237559.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4438&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4438]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4438') [MISC]('https://vuldb.com/?id.237559') [MISC]('https://github.com/E1CHO/cve_hub/blob/main/PUBLIC%20CVE%20HUB/Free%20and%20Open%20Source%20inventory%20management%20system%20-%20vuln%203.pdf') [MISC]('https://vuldb.com/?ctiid.237559')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_hospital_management_system_for_small_practices[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been classified as critical. This affects an unknown part of the file appointment.php. The manipulation of the argument sheduledate leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237561 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4440&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4440]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4440') [MISC]('https://vuldb.com/?ctiid.237561') [MISC]('https://vuldb.com/?id.237561') [MISC]('https://github.com/CookedMelon/cve/tree/master/hospital/patient')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_hospital_management_system_for_small_practices[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /patient/appointment.php. The manipulation of the argument sheduledate leads to sql injection. The attack can be initiated remotely. VDB-237562 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4441&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4441]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4441') [MISC]('https://vuldb.com/?id.237562') [MISC]('https://vuldb.com/?ctiid.237562')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_hospital_management_system_for_small_practices[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Free Hospital Management System for Small Practices 1.0. It has been rated as critical. This issue affects some unknown processing of the file \vm\patient\booking-complete.php. The manipulation of the argument userid/apponum/scheduleid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237563.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4442&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4442]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4442') [MISC]('https://vuldb.com/?id.237563') [MISC]('https://vuldb.com/?ctiid.237563') [MISC]('https://github.com/CookedMelon/cve/tree/master/hospital/patient-book')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_hospital_management_system_for_small_practices[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in SourceCodester Free Hospital Management System for Small Practices 1.0/5.0.12. Affected is an unknown function of the file vm\doctor\edit-doc.php. The manipulation of the argument id00/nic/oldemail/email/spec/Tele leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237564.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4443&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4443]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4443') [MISC]('https://vuldb.com/?ctiid.237564') [MISC]('https://vuldb.com/?id.237564') [MISC]('https://github.com/CookedMelon/cve/tree/master/hospital/doctor-edit')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_hospital_management_system_for_small_practices[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in SourceCodester Free Hospital Management System for Small Practices 1.0. Affected by this vulnerability is an unknown functionality of the file vm\patient\edit-user.php. The manipulation of the argument id00/nic/oldemail/email/spec/Tele leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-237565 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4444&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4444]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4444') [MISC]('https://vuldb.com/?ctiid.237565') [MISC]('https://vuldb.com/?id.237565') [MISC]('https://github.com/CookedMelon/cve/tree/master/hospital/patient-edit')[/TD] [/TR] [TR] [TD][LEFT]mini -- mini-tmall[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in Mini-Tmall up to 20230811. Affected by this issue is some unknown functionality of the file product/1/1?test=1&test2=2&. The manipulation of the argument orderBy leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237566 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4445&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4445]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4445') [MISC]('https://vuldb.com/?ctiid.237566') [MISC]('https://github.com/FFR66/Mini-Tmall_SQL/blob/main/README.md') [MISC]('https://vuldb.com/?id.237566')[/TD] [/TR] [TR] [TD][LEFT]openrapid -- rapidcms[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in OpenRapid RapidCMS 1.3.1. This affects an unknown part of the file template/default/category.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-237567.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4446&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4446]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4446') [MISC]('https://github.com/OpenRapid/rapidcms/issues/3') [MISC]('https://vuldb.com/?ctiid.237567') [MISC]('https://vuldb.com/?id.237567')[/TD] [/TR] [TR] [TD][LEFT]openrapid -- rapidcms[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in OpenRapid RapidCMS 1.3.1 and classified as critical. This vulnerability affects unknown code of the file admin/article-chat.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237568.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4447&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4447]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4447') [MISC]('https://github.com/OpenRapid/rapidcms/issues/4') [MISC]('https://vuldb.com/?ctiid.237568') [MISC]('https://vuldb.com/?id.237568')[/TD] [/TR] [TR] [TD][LEFT]openrapid -- rapidcms[/LEFT][/TD] [TD][LEFT]A vulnerability was found in OpenRapid RapidCMS 1.3.1 and classified as critical. This issue affects some unknown processing of the file admin/run-movepass.php. The manipulation of the argument password/password2 leads to weak password recovery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is 4dff387283060961c362d50105ff8da8ea40bcbe. It is recommended to apply a patch to fix this issue. The identifier VDB-237569 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4448&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4448]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4448') [MISC]('https://github.com/OpenRapid/rapidcms/commit/4dff387283060961c362d50105ff8da8ea40bcbe#diff-fc57d4c69cf5912c6edb5233c6df069a91106ebd481c115faf1ea124478b26d0') [MISC]('https://github.com/OpenRapid/rapidcms/issues/5') [MISC]('https://vuldb.com/?ctiid.237569') [MISC]('https://vuldb.com/?id.237569')[/TD] [/TR] [TR] [TD][LEFT]jeecg -- jimureport[/LEFT][/TD] [TD][LEFT]A vulnerability was found in jeecgboot JimuReport up to 1.6.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Template Handler. The manipulation leads to injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.1 is able to address this issue. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-237571.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4450&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4450]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4450') [MISC]('https://github.com/keecth/bug/blob/main/jimureport%20ssti(RCE).md') [MISC]('https://vuldb.com/?ctiid.237571') [MISC]('https://vuldb.com/?id.237571')[/TD] [/TR] [TR] [TD][LEFT]typora -- typora[/LEFT][/TD] [TD][LEFT]DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in tag. This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.[/LEFT][/TD] [TD][CENTER]2023-08-19[/CENTER][/TD] [TD][CENTER][9.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-2317&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-2317]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2317') [MISC]('https://support.typora.io/What's-New-1.6/') [MISC]('https://starlabs.sg/advisories/23/23-2317/')[/TD] [/TR] [TR] [TD][LEFT]marktext -- marktext[/LEFT][/TD] [TD][LEFT]DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into MarkText.[/LEFT][/TD] [TD][CENTER]2023-08-19[/CENTER][/TD] [TD][CENTER][9.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-2318&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-2318]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2318') [MISC]('https://github.com/marktext/marktext/issues/3618') [MISC]('https://starlabs.sg/advisories/23/23-2318/')[/TD] [/TR] [TR] [TD][LEFT]luxsoft -- luxcal_web_calendar[/LEFT][/TD] [TD][LEFT]SQL injection vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute arbitrary queries against the database and obtain or alter the information in it.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39939&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-39939]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39939') [MISC]('https://www.luxsoft.eu/') [MISC]('https://jvn.jp/en/jp/JVN04876736/') [MISC]('https://www.luxsoft.eu/?download')[/TD] [/TR] [TR] [TD][LEFT]hdfgroup -- hdf5[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18232&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-18232]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18232') [MISC]('https://github.com/winson2004aa/PAAFS/tree/master/vul2')[/TD] [/TR] [TR] [TD][LEFT]hdfgroup -- hdf5[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18494&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-18494]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18494') [MISC]('https://github.com/magicSwordsMan/PAAFS/tree/master/vul12')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19726&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-19726]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19726') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=26241') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=26240')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-24292&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-24292]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24292') [MISC]('https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-24293&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-24293]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24293') [MISC]('https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-24295&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-24295]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24295') [MISC]('https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/')[/TD] [/TR] [TR] [TD][LEFT]cesanta -- mongoose[/LEFT][/TD] [TD][LEFT]Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-25887&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-25887]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-25887') [MISC]('https://github.com/cesanta/mongoose/issues/1140')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in PluginJPEG.cpp.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40265&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-40265]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40265') [MISC]('https://sourceforge.net/p/freeimage/bugs/337/')[/TD] [/TR] [TR] [TD][LEFT]sass-lang -- libsass[/LEFT][/TD] [TD][LEFT]Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-26592&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-26592]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-26592') [MISC]('https://github.com/sass/libsass/issues/3174')[/TD] [/TR] [TR] [TD][LEFT]geomatika -- isigeo_web[/LEFT][/TD] [TD][LEFT]An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to execute commands.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23564&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-23564]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23564') [MISC]('https://www.geomatika.fr/isigeo-web/') [MISC]('https://github.com/Orange-Cyberdefense/CVE-repository') [MISC]('https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md')[/TD] [/TR] [TR] [TD][LEFT]opensuse -- libeconf[/LEFT][/TD] [TD][LEFT]A stack overflow vulnerability exists in function econf_writeFile in file atlibeconf/lib/libeconf.c in libeconf 0.5.1 allows attackers to cause a Denial of service or execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30078&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30078]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30078') [MISC]('https://raw.githubusercontent.com/yangjiageng/PoC/master/libeconf-PoC/tst-write-string-data.c') [MISC]('https://github.com/openSUSE/libeconf/issues/178') [MISC]('https://github.com/yangjiageng/PoC/blob/master/libeconf-PoC/econf_writeFile_546')[/TD] [/TR] [TR] [TD][LEFT]opensuse -- libeconf[/LEFT][/TD] [TD][LEFT]A stack overflow vulnerability exists in function read_file in atlibeconf/lib/getfilecontents.c in libeconf 0.5.1 allows attackers to cause a Denial of service or execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30079&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30079]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30079') [MISC]('https://raw.githubusercontent.com/yangjiageng/PoC/master/libeconf-PoC/tst-logindefs1.c') [MISC]('https://github.com/openSUSE/libeconf/issues/177') [MISC]('https://github.com/yangjiageng/PoC/blob/master/libeconf-PoC/read_file_503')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- edge_chromium[/LEFT][/TD] [TD][LEFT]Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36787&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36787]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36787') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36787')[/TD] [/TR] [TR] [TD][LEFT]elecom -- lan-w451ngr_firmware[/LEFT][/TD] [TD][LEFT]LAN-W451NGR all versions provided by LOGITEC CORPORATION contains an improper access control vulnerability, which allows an unauthenticated attacker to log in to telnet service.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38132&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38132]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38132') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]boidcms -- boidcms[/LEFT][/TD] [TD][LEFT]File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code via the GIF header component.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38836&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38836]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38836') [MISC]('http://boidcms.com') [MISC]('https://github.com/BoidCMS/BoidCMS/issues/27')[/TD] [/TR] [TR] [TD][LEFT]online_shopping_portal_project -- online_shopping_portal[/LEFT][/TD] [TD][LEFT]Online Shopping Portal Project 3.1 allows remote attackers to execute arbitrary SQL commands/queries via the login form, leading to unauthorized access and potential data manipulation. This vulnerability arises due to insufficient validation of user-supplied input in the username field, enabling SQL Injection attacks.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38890&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38890]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38890') [MISC]('https://github.com/akshadjoshi/CVE-2023-38890')[/TD] [/TR] [TR] [TD][LEFT]elecom -- wrc-1467ghbk-a_firmware[/LEFT][/TD] [TD][LEFT]Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an unauthenticated attacker to execute arbitrary code by sending a specially crafted file to the product's certain management console.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39445&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39445]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39445') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]elecom -- wrc-600ghbk-a_firmware[/LEFT][/TD] [TD][LEFT]OS command injection vulnerability in ELECOM wireless LAN routers allows an authenticated user to execute an arbitrary OS command by sending a specially crafted request. Affected products and versions are as follows: WRC-600GHBK-A all versions, WRC-1467GHBK-A all versions, WRC-1900GHBK-A all versions, WRC-733FEBK2-A all versions, WRC-F1167ACF2 all versions, WRC-1467GHBK-S all versions, and WRC-1900GHBK-S all versions.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39455&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39455]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39455') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]elecom -- wrc-f1167acf_firmware[/LEFT][/TD] [TD][LEFT]OS command injection vulnerability in WRC-F1167ACF all versions, and WRC-1750GHBK all versions allow an attacker who can access the product to execute an arbitrary OS command by sending a specially crafted request.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39944&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39944]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39944') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]elecom -- wab-s600-ps_firmware[/LEFT][/TD] [TD][LEFT]OS command injection vulnerability in WAB-S600-PS all versions, and WAB-S300 all versions allow an authenticated user to execute an arbitrary OS command by sending a specially crafted request.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40072&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40072]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40072') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]fobybus -- social-media-skeleton[/LEFT][/TD] [TD][LEFT]Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. A Cross-site request forgery (CSRF) attack is a type of malicious attack whereby an attacker tricks a victim into performing an action on a website that they do not intend to do. This can be done by sending the victim a malicious link or by exploiting a vulnerability in the website. Prior to version 1.0.5 Social media skeleton did not properly restrict CSRF attacks. This has been addressed in version 1.0.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40172&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40172]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40172') [MISC]('https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-873h-pqjx-3pwg') [MISC]('https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848')[/TD] [/TR] [TR] [TD][LEFT]happysoft -- nbs\&happysoftwechat[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in NBS&HappySoftWeChat 1.1.6. Affected by this issue is some unknown functionality. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237512.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4409&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4409]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4409') [MISC]('https://github.com/ApricityXX/cve/blob/main/upload/upload.md') [MISC]('https://vuldb.com/?ctiid.237512') [MISC]('https://vuldb.com/?id.237512')[/TD] [/TR] [TR] [TD][LEFT]ruijienetworks -- rg-ew1200g_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Ruijie RG-EW1200G 07161417 r483. It has been rated as critical. Affected by this issue is some unknown functionality of the file /api/sys/login. The manipulation leads to improper authentication. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-237518 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4415&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4415]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4415') [MISC]('https://github.com/blakespire/repoforcve/tree/main/RG-EW1200G-logic') [MISC]('https://vuldb.com/?ctiid.237518') [MISC]('https://vuldb.com/?id.237518')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4429&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4429]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4429') [MISC]('https://crbug.com/1469754') [MISC]('https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html') [MISC]('https://www.debian.org/security/2023/dsa-5483')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Vulkan in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4430&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4430]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4430') [MISC]('https://crbug.com/1469542') [MISC]('https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html') [MISC]('https://www.debian.org/security/2023/dsa-5483')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_and_open_source_inventory_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Free and Open Source Inventory Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /index.php?page=member. The manipulation of the argument columns[0][data] leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-237570 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4449&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4449]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4449') [MISC]('https://github.com/Jacky-Y/vuls/blob/main/README.md') [MISC]('https://vuldb.com/?id.237570') [MISC]('https://vuldb.com/?ctiid.237570')[/TD] [/TR] [TR] [TD][LEFT]spice-space -- spice-server[/LEFT][/TD] [TD][LEFT]An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product. There is a security vulnerablility that can restart KVMvirtual machine without any authorization. It is not yet known if there will be other other effects.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][8.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-23793&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-23793]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-23793') [MISC]('https://github.com/zelat/spice-security-issues')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- microsoft_edge [/LEFT][/TD] [TD][LEFT]Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-08-26[/CENTER][/TD] [TD][CENTER][8.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36741&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36741]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36741') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36741')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Out of bounds memory access in CSS in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4428&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4428]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4428') [MISC]('https://crbug.com/1470477') [MISC]('https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html') [MISC]('https://www.debian.org/security/2023/dsa-5483')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4431&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4431]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4431') [MISC]('https://crbug.com/1469348') [MISC]('https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html') [MISC]('https://www.debian.org/security/2023/dsa-5483')[/TD] [/TR] [TR] [TD][LEFT]elecom -- lan-wh300n/re_firmware[/LEFT][/TD] [TD][LEFT]Hidden functionality vulnerability in LAN-WH300N/RE all versions provided by LOGITEC CORPORATION allows an authenticated user to execute arbitrary OS commands on a certain management console.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38576&vector=CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38576]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38576') [MISC]('https://jvn.jp/en/vu/JVNVU91630351/') [MISC]('https://www.elecom.co.jp/news/security/20230810-01/')[/TD] [/TR] [TR] [TD][LEFT]exiv2 -- exiv2[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18831&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-18831]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18831') [MISC]('https://www.exiv2.org/download.html') [MISC]('https://github.com/Exiv2/exiv2/issues/828')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- z3[/LEFT][/TD] [TD][LEFT]There is a use-after-free vulnerability in file pdd_simplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempts to simplify the constraints and causes unexpected memory access. It can cause segmentation faults or arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19725&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-19725]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19725') [MISC]('https://github.com/Z3Prover/z3/issues/3363')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21426&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-21426]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21426') [MISC]('https://sourceforge.net/p/freeimage/bugs/300/')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21427&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-21427]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21427') [MISC]('https://sourceforge.net/p/freeimage/bugs/298/')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21428&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-21428]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21428') [MISC]('https://sourceforge.net/p/freeimage/bugs/299/')[/TD] [/TR] [TR] [TD][LEFT]ogg_video_tools_project -- ogg_video_tools[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code via opening of crafted ogg file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21722&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-21722]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21722') [MISC]('https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-and-heap-use-after-free-detected-in-line-17-of-streamextractorcpp') [MISC]('https://sourceforge.net/p/oggvideotools/bugs/11/')[/TD] [/TR] [TR] [TD][LEFT]ogg_video_tools_project -- ogg_video_tools[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via opening of crafted ogg file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21724&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-21724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21724') [MISC]('https://sourceforge.net/p/oggvideotools/bugs/9/') [MISC]('https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-and-heap-overflow-detected-in-line-17-of-streamextractorcpp')[/TD] [/TR] [TR] [TD][LEFT]artifex -- ghostscript[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21890&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-21890]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21890') [MISC]('https://bugs.ghostscript.com/show_bug.cgi?id=701846')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44840&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-44840]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44840') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29732')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-45703&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-45703]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45703') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29799')[/TD] [/TR] [TR] [TD][LEFT]7-zip -- p7zip[/LEFT][/TD] [TD][LEFT]p7zip 16.02 was discovered to contain a heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd(bool) at CPP/7zip/Archive/Zip/ZipIn.cpp.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47069&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-47069]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47069') [MISC]('https://sourceforge.net/p/p7zip/bugs/241/')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47673&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-47673]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47673') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29876')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_mach_o_get_synthetic_symtab in match-o.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47695&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-47695]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47695') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29846')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function compare_symbols.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47696&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-47696]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47696') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29677')[/TD] [/TR] [TR] [TD][LEFT]berkaygediz -- o_blog[/LEFT][/TD] [TD][LEFT]SQL injection vulnerability in berkaygediz O_Blog v.1.0 allows a local attacker to escalate privileges via the secure_file_priv component.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38899&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38899]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38899') [MISC]('https://github.com/berkaygediz/O_Blog/issues/2') [MISC]('https://github.com/berkaygediz/O_Blog/issues') [MISC]('http://o.com') [MISC]('https://github.com/berkaygediz/O_Blog')[/TD] [/TR] [TR] [TD][LEFT]openvpn -- openvpn[/LEFT][/TD] [TD][LEFT]Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-20813&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-20813]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-20813') [MISC]('https://www.freebuf.com/vuls/215171.html')[/TD] [/TR] [TR] [TD][LEFT]postgresql -- postgresql[/LEFT][/TD] [TD][LEFT]An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21469&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21469]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21469') [MISC]('https://www.postgresql.org/message-id/CAA8ZSMqAHDCgo07hqKoM5XJaoQy6Vv76O7966agez4ffyQktkA%40mail.gmail.com')[/TD] [/TR] [TR] [TD][LEFT]libssh2 -- libssh2[/LEFT][/TD] [TD][LEFT]An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22218&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-22218]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22218') [MISC]('https://github.com/libssh2/libssh2/pull/476')[/TD] [/TR] [TR] [TD][LEFT]memcached -- memcached[/LEFT][/TD] [TD][LEFT]Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22570&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-22570]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22570') [MISC]('https://github.com/memcached/memcached/issues/636')[/TD] [/TR] [TR] [TD][LEFT]freedesktop -- poppler[/LEFT][/TD] [TD][LEFT]Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-23804&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-23804]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-23804') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/issues/936')[/TD] [/TR] [TR] [TD][LEFT]realtek -- rtl8812au_firmware[/LEFT][/TD] [TD][LEFT]An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-26652&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-26652]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-26652') [MISC]('https://github.com/aircrack-ng/rtl8812au/issues/730')[/TD] [/TR] [TR] [TD][LEFT]linux -- kernel[/LEFT][/TD] [TD][LEFT]A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-27418&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2020-27418]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-27418') [MISC]('https://patchwork.freedesktop.org/patch/356372/') [MISC]('http://fedora.com')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-35342&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2020-35342]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-35342') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=25319')[/TD] [/TR] [TR] [TD][LEFT]vsftpd_project -- vsftpd[/LEFT][/TD] [TD][LEFT]VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-30047&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-30047]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-30047') [MISC]('https://www.exploit-db.com/exploits/49719')[/TD] [/TR] [TR] [TD][LEFT]dpic_project -- dpic[/LEFT][/TD] [TD][LEFT]dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-32420&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-32420]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-32420') [MISC]('https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf') [MISC]('https://gitlab.com/aplevich/dpic/-/issues/5')[/TD] [/TR] [TR] [TD][LEFT]dpic_project -- dpic[/LEFT][/TD] [TD][LEFT]dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-32421&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-32421]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-32421') [MISC]('https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf') [MISC]('https://gitlab.com/aplevich/dpic/-/issues/7')[/TD] [/TR] [TR] [TD][LEFT]dpic_project -- dpic[/LEFT][/TD] [TD][LEFT]dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-32422&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-32422]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-32422') [MISC]('https://gitlab.com/aplevich/dpic/-/commit/d317e4066c17f9ceb359b3af13264c32f6fb43cf') [MISC]('https://gitlab.com/aplevich/dpic/-/issues/6')[/TD] [/TR] [TR] [TD][LEFT]imagemagick -- imagemagick[/LEFT][/TD] [TD][LEFT]An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40211&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-40211]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40211') [MISC]('https://github.com/ImageMagick/ImageMagick/issues/4097')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-46174&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-46174]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-46174') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=28753')[/TD] [/TR] [TR] [TD][LEFT]python -- python[/LEFT][/TD] [TD][LEFT]The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-25024&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-25024]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-25024') [MISC]('https://packaging.python.org/en/latest/guides/analyzing-pypi-package-downloads/') [MISC]('https://github.com/vinitkumar/json2xml/pull/107/files') [MISC]('https://github.com/vinitkumar/json2xml/pull/107') [MISC]('https://github.com/vinitkumar/json2xml/issues/106')[/TD] [/TR] [TR] [TD][LEFT]radare -- radare2[/LEFT][/TD] [TD][LEFT]A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28068&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-28068]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28068') [MISC]('https://github.com/radareorg/radare2/commit/637f4bd1af6752e28e0a9998e954e2e9ce6fa992')[/TD] [/TR] [TR] [TD][LEFT]radare -- radare2[/LEFT][/TD] [TD][LEFT]A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28069&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-28069]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28069') [MISC]('https://github.com/radareorg/radare2/commit/49b0cebfdf0db9704e36f8a5533f1df6d3e2ed3a')[/TD] [/TR] [TR] [TD][LEFT]radare -- radare2[/LEFT][/TD] [TD][LEFT]A null pointer deference in __core_anal_fcn function in radare2 5.4.2 and 5.4.0.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28070&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-28070]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28070') [MISC]('https://github.com/radareorg/radare2/commit/4aff1bb00224de4f5bc118f987dfd5d2fe3450d0')[/TD] [/TR] [TR] [TD][LEFT]radare -- radare2[/LEFT][/TD] [TD][LEFT]A use after free in r_reg_get_name_idx function in radare2 5.4.2 and 5.4.0.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28071&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-28071]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28071') [MISC]('https://github.com/radareorg/radare2/commit/65448811e5b9582a19cf631e03cfcaa025a92ef5')[/TD] [/TR] [TR] [TD][LEFT]radare -- radare2[/LEFT][/TD] [TD][LEFT]A heap buffer overflow in r_read_le32 function in radare25.4.2 and 5.4.0.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28072&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-28072]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28072') [MISC]('https://github.com/radareorg/radare2/commit/027cd9b7274988bb1af866539ba6c2fa2ff63e45')[/TD] [/TR] [TR] [TD][LEFT]radare -- radare2[/LEFT][/TD] [TD][LEFT]A use after free in r_reg_set_value function in radare2 5.4.2 and 5.4.0.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28073&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-28073]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28073') [MISC]('https://github.com/radareorg/radare2/commit/59a9dfb60acf8b5c0312061cffd9693fc9526053')[/TD] [/TR] [TR] [TD][LEFT]imagemagick -- imagemagick[/LEFT][/TD] [TD][LEFT]A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of service via the "identify -help" command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48541&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48541]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48541') [MISC]('https://github.com/ImageMagick/ImageMagick/issues/2889')[/TD] [/TR] [TR] [TD][LEFT]python -- python[/LEFT][/TD] [TD][LEFT]A use-after-free exists in Python through 3.9 via heappushpop in heapq.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48560&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48560]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48560') [MISC]('https://bugs.python.org/issue39421')[/TD] [/TR] [TR] [TD][LEFT]cryptopp -- crypto\+\+[/LEFT][/TD] [TD][LEFT]Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSizeAllocatorWithCleanup could write to memory outside of the allocation if the allocated memory was not 16-byte aligned. NOTE: this issue exists because the CVE-2019-14318 fix was intentionally removed for functionality reasons.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48570&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48570]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48570') [MISC]('https://github.com/weidai11/cryptopp/releases/tag/CRYPTOPP_8_4_0') [MISC]('https://github.com/weidai11/cryptopp/issues/992')[/TD] [/TR] [TR] [TD][LEFT]memcached -- memcached[/LEFT][/TD] [TD][LEFT]memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48571&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48571]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48571') [MISC]('https://github.com/memcached/memcached/commit/6b319c8c7a29e9c353dec83dc92f01905f6c8966')[/TD] [/TR] [TR] [TD][LEFT]cisco -- secure_endpoint_private_cloud[/LEFT][/TD] [TD][LEFT]A vulnerability in the AutoIt module of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a logic error in the memory management of an affected device. An attacker could exploit this vulnerability by submitting a crafted AutoIt file to be scanned by ClamAV on the affected device. A successful exploit could allow the attacker to cause the ClamAV scanning process to restart unexpectedly, resulting in a DoS condition.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20212&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-20212]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20212') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-clamav-dos-FTkhqMWZ')[/TD] [/TR] [TR] [TD][LEFT]danfoss -- ak-sm_800a_firmware[/LEFT][/TD] [TD][LEFT]Because of an authentication flaw an attacker would be capable of generating a web report that discloses sensitive information such as internal IP addresses, usernames, store names and other sensitive information.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25913&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-25913]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25913') [MISC]('https://csirt.divd.nl/CVE-2023-25913') [MISC]('https://csirt.divd.nl/DIVD-2023-00025')[/TD] [/TR] [TR] [TD][LEFT]danfoss -- ak-sm_800a_firmware[/LEFT][/TD] [TD][LEFT]Due to improper restriction, attackers could retrieve and read system files of the underlying server through the XML interface.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25914&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-25914]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25914') [MISC]('https://csirt.divd.nl/CVE-2023-25914') [MISC]('https://csirt.divd.nl/DIVD-2023-00025')[/TD] [/TR] [TR] [TD][LEFT]e-excellence -- u-office_force [/LEFT][/TD] [TD][LEFT]e-Excellence U-Office Force has a path traversal vulnerability within its file uploading and downloading functions. An unauthenticated remote attacker can exploit this vulnerability to read arbitrary system files but can’t control system or disrupt service.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32756&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32756]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32756') [MISC]('https://www.twcert.org.tw/tw/cp-132-7329-d8e4c-1.html')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Change WP Admin Login WordPress plugin before 1.1.4 discloses the URL of the hidden login page when accessing a crafted URL, bypassing the protection offered.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3604&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-3604]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3604') [MISC]('https://wpscan.com/vulnerability/8f6615e8-f607-4ce4-a0e0-d5fc841ead16')[/TD] [/TR] [TR] [TD][LEFT]qt -- qt[/LEFT][/TD] [TD][LEFT]In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37369&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-37369]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37369') [MISC]('https://codereview.qt-project.org/c/qt/qtbase/+/455027') [MISC]('https://bugreports.qt.io/browse/QTBUG-114829') [MLIST]('https://lists.debian.org/debian-lts-announce/2023/08/msg00028.html')[/TD] [/TR] [TR] [TD][LEFT]kidus -- minimati[/LEFT][/TD] [TD][LEFT]SQL injection vulnerability in Kidus Minimati v.1.0.0 allows a remote attacker to obtain sensitive information via theID parameter in the fulldelete.php component.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38839&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38839]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38839') [MISC]('https://github.com/kiduswb/minimati/issues/2')[/TD] [/TR] [TR] [TD][LEFT]weaviate -- weaviate[/LEFT][/TD] [TD][LEFT]An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38976&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38976]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38976') [MISC]('https://github.com/weaviate/weaviate/issues/3258')[/TD] [/TR] [TR] [TD][LEFT]ntsc-crt_project -- ntsc-crt[/LEFT][/TD] [TD][LEFT]NTSC-CRT 2.2.1 has an integer overflow and out-of-bounds write in loadBMP in bmp_rw.c because a file's width, height, and BPP are not validated. NOTE: the vendor's perspective is "this main application was not intended to be a well-tested program, it's just something to demonstrate it works and for the user to see how to integrate it into their own programs."[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39125&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39125]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39125') [MISC]('https://github.com/LMP88959/NTSC-CRT/issues/32')[/TD] [/TR] [TR] [TD][LEFT]northgrid -- proself[/LEFT][/TD] [TD][LEFT]Improper authentication vulnerability in Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote unauthenticated attacker to log in to the product's Control Panel and perform an unintended operation.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39415&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39415]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39415') [MISC]('https://jvn.jp/en/jp/JVN19661362/') [MISC]('https://www.proself.jp/information/150/') [MISC]('https://www.proself.jp/information/149/')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-880l_a1_firmware[/LEFT][/TD] [TD][LEFT]D-Link DIR-880 A1_FW107WWb08 was discovered to contain a NULL pointer dereference in the function FUN_00010824.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39669&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39669]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39669') [MISC]('https://github.com/Davidteeri/Bug-Report/blob/main/D-Link/880%20unchecked%20return%20value.md') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://support.dlink.com/')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tl-wr940n_v2_firmware[/LEFT][/TD] [TD][LEFT]TP-Link TL-WR940N V2, TP-Link TL-WR941ND V5 and TP-Link TL-WR841N V8 were discovered to contain a buffer overflow via the component /userRpm/AccessCtrlAccessRulesRpm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted GET request.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39745&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39745]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39745') [MISC]('https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/16/TP-Link%20WR940N%20WR941ND%20WR841N%20wireless%20router%20userRpmAccessCtrlAccessRulesRpm%20buffer%20read%20out-of-bounds%20vulnerability.md')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tl-wr1041n_v2_firmware[/LEFT][/TD] [TD][LEFT]An issue in the component /userRpm/NetworkCfgRpm of TP-Link TL-WR1041N V2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39748&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39748]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39748') [MISC]('https://github.com/a101e-IoTvul/iotvul/blob/main/tp-link/19/TL_WR1041N_NetworkCfgRpm_denial_of_service_vulnerability.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the save_virtualser_data function.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39784&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39784]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39784') [MISC]('http://tenda.com') [MISC]('https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the list parameter in the set_qosMib_list function.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39785&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39785]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39785') [MISC]('http://tenda.com') [MISC]('https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/2')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the time parameter in the sscanf function.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39786&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39786]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39786') [MISC]('http://tenda.com') [MISC]('https://github.com/Xunflash/IOT/tree/main/Tenda_AC8_V4/3')[/TD] [/TR] [TR] [TD][LEFT]fobybus -- social-media-skeleton[/LEFT][/TD] [TD][LEFT]Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords. This issue has been addressed in version 1.0.5 and users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40173&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40173]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40173') [MISC]('https://github.com/fobybus/social-media-skeleton/commit/344d798e82d6cc39844962c6d3cb2560f5907848') [MISC]('https://github.com/fobybus/social-media-skeleton/commit/df31da44ffed3ea065cbbadc3c8052d0d489a2ef') [MISC]('https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-rfmv-7m7g-v628')[/TD] [/TR] [TR] [TD][LEFT]veilid -- veilid[/LEFT][/TD] [TD][LEFT]Veilid before 0.1.9 does not check the size of uncompressed data during decompression upon an envelope receipt, which allows remote attackers to cause a denial of service (out-of-memory abort) via crafted packet data, as exploited in the wild in August 2023.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40711&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40711]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40711') [MISC]('https://gitlab.com/veilid/veilid/-/blob/main/CHANGELOG.md')[/TD] [/TR] [TR] [TD][LEFT]typora -- typora[/LEFT][/TD] [TD][LEFT]Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.[/LEFT][/TD] [TD][CENTER]2023-08-19[/CENTER][/TD] [TD][CENTER][7.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-2316&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-2316]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2316') [MISC]('https://starlabs.sg/advisories/23/23-2316/') [MISC]('https://support.typora.io/What's-New-1.6/')[/TD] [/TR] [TR] [TD][LEFT]northgrid -- proself[/LEFT][/TD] [TD][LEFT]Proself Enterprise/Standard Edition Ver5.61 and earlier, Proself Gateway Edition Ver1.62 and earlier, and Proself Mail Sanitize Edition Ver1.07 and earlier allow a remote authenticated attacker with an administrative privilege to execute arbitrary OS commands.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39416&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39416]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39416') [MISC]('https://jvn.jp/en/jp/JVN19661362/') [MISC]('https://www.proself.jp/information/150/') [MISC]('https://www.proself.jp/information/149/')[/TD] [/TR] [TR] [TD][LEFT]mcafee -- safe_connect[/LEFT][/TD] [TD][LEFT]McAfee Safe Connect before 2.16.1.126 may allow an adversary with system privileges to achieve privilege escalation by loading arbitrary DLLs.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40352&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40352]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40352') [CONFIRM]('https://www.mcafee.com/support/?articleId=TS103462&page=shell&shell=article-view') [MISC]('https://www.mcafee.com/en-us/consumer-corporate/mcafee-labs/product-security-bulletins.html')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_xml_graphics_batik[/LEFT][/TD] [TD][LEFT]Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. On version 1.16, a malicious SVG could trigger loading external resources by default, causing resource consumption or in some cases even information disclosure. Users are recommended to upgrade to version 1.17 or later.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44729&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-44729]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44729') [MISC]('https://lists.apache.org/thread/hco2nw1typoorz33qzs0fcdx0ws6d6j2') [MISC]('https://xmlgraphics.apache.org/security.html') [MISC]('http://www.openwall.com/lists/oss-security/2023/08/22/4') [MISC]('http://www.openwall.com/lists/oss-security/2023/08/22/2')[/TD] [/TR] [TR] [TD][LEFT]obsidian -- obsidian[/LEFT][/TD] [TD][LEFT]Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text from a malicious webpage and paste it into Obsidian.[/LEFT][/TD] [TD][CENTER]2023-08-19[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-2110&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-2110]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2110') [MISC]('https://starlabs.sg/advisories/23/23-2110/') [MISC]('https://obsidian.md/changelog/2023-05-03-desktop-v1.2.8/')[/TD] [/TR] [TR] [TD][LEFT]unity -- parsec[/LEFT][/TD] [TD][LEFT]Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This affects Parsec Loader versions through 8. Parsec Loader 9 is a fixed version.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37250&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-37250]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37250') [MISC]('https://www.kb.cert.org/vuls/id/287122') [MISC]('https://unity3d.com') [CONFIRM]('https://support.parsec.app/hc/en-us/articles/18311425588237-CVE-2023-37250')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]phplist -- phplist[/LEFT][/TD] [TD][LEFT]An issue was discovered in phpList 3.6.12. Due to an access error, it was possible to manipulate and edit data of the system's super admin, allowing one to perform an account takeover of the user with super-admin permission.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27576&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-27576]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27576') [MISC]('https://cupc4k3.lol/cve-2023-27576-hacking-phplist-how-i-gained-super-admin-access-44c7c90d82da')[/TD] [/TR] [TR] [TD][LEFT]webassembly -- binaryen[/LEFT][/TD] [TD][LEFT]A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18378&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18378]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18378') [MISC]('https://github.com/WebAssembly/binaryen/issues/1900')[/TD] [/TR] [TR] [TD][LEFT]webassembly -- binaryen[/LEFT][/TD] [TD][LEFT]Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-opt.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18382&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18382]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18382') [MISC]('https://github.com/WebAssembly/binaryen/issues/1900')[/TD] [/TR] [TR] [TD][LEFT]exempi_project -- exempi[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18651&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18651]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18651') [MISC]('https://gitlab.freedesktop.org/libopenraw/exempi/issues/13') [MISC]('https://gitlab.freedesktop.org/libopenraw/exempi/commit/fdd4765a699f9700850098b43b9798b933acb32f')[/TD] [/TR] [TR] [TD][LEFT]exempi_project -- exempi[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18652&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18652]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18652') [MISC]('https://gitlab.freedesktop.org/libopenraw/exempi/commit/acee2894ceb91616543927c2a6e45050c60f98f7') [MISC]('https://gitlab.freedesktop.org/libopenraw/exempi/issues/12')[/TD] [/TR] [TR] [TD][LEFT]freedesktop -- poppler[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18839&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18839]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18839') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/issues/742')[/TD] [/TR] [TR] [TD][LEFT]gnu -- ncurses[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19185&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-19185]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19185') [MISC]('https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc1.md')[/TD] [/TR] [TR] [TD][LEFT]gnu -- ncurses[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19186&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-19186]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19186') [MISC]('https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc2.md')[/TD] [/TR] [TR] [TD][LEFT]gnu -- ncurses[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19187&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-19187]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19187') [MISC]('https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc3.md')[/TD] [/TR] [TR] [TD][LEFT]gnu -- ncurses[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19188&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-19188]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19188') [MISC]('https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc4.md')[/TD] [/TR] [TR] [TD][LEFT]gnu -- ncurses[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19189&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-19189]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19189') [MISC]('https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc5.md')[/TD] [/TR] [TR] [TD][LEFT]gnu -- ncurses[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19190&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-19190]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19190') [MISC]('https://github.com/zjuchenyuan/fuzzpoc/blob/master/infotocap_poc6.md')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in FreeImage_Load function in FreeImage Library 3.19.0(r1828) allows attackers to cuase a denial of service via crafted PFM file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22524&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-22524]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22524') [MISC]('https://sourceforge.net/p/freeimage/bugs/319/')[/TD] [/TR] [TR] [TD][LEFT]libraw -- libraw[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22628&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-22628]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22628') [MISC]('https://github.com/LibRaw/LibRaw/issues/269')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-24294&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-24294]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24294') [MISC]('https://sourceforge.net/p/freeimage/discussion/36111/thread/afb98701eb/')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40262&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-40262]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40262') [MISC]('https://sourceforge.net/p/freeimage/bugs/338/')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40264&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-40264]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40264') [MISC]('https://sourceforge.net/p/freeimage/bugs/335/')[/TD] [/TR] [TR] [TD][LEFT]freeimage_project -- freeimage[/LEFT][/TD] [TD][LEFT]FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40266&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-40266]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40266') [MISC]('https://sourceforge.net/p/freeimage/bugs/334/')[/TD] [/TR] [TR] [TD][LEFT]upx_project -- upx[/LEFT][/TD] [TD][LEFT]Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-46179&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-46179]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-46179') [MISC]('https://github.com/upx/upx/issues/545')[/TD] [/TR] [TR] [TD][LEFT]freedesktop -- poppler[/LEFT][/TD] [TD][LEFT]An issue was discovered in Poppler 22.07.0. There is a reachable abort which leads to denial of service because the main function in pdfunite.cc lacks a stream check before saving an embedded file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37051&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-37051]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37051') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/issues/1276') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/commit/4631115647c1e4f0482ffe0491c2f38d2231337b')[/TD] [/TR] [TR] [TD][LEFT]freedesktop -- poppler[/LEFT][/TD] [TD][LEFT]A reachable Object::getString assertion in Poppler 22.07.0 allows attackers to cause a denial of service due to a failure in markObject.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-37052&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-37052]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37052') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/commit/8677500399fc2548fa816b619580c2c07915a98c') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/issues/1278')[/TD] [/TR] [TR] [TD][LEFT]libtiff -- libtiff[/LEFT][/TD] [TD][LEFT]An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40090&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-40090]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40090') [MISC]('https://gitlab.com/libtiff/libtiff/-/issues/455') [MISC]('https://gitlab.com/libtiff/libtiff/-/merge_requests/386')[/TD] [/TR] [TR] [TD][LEFT]python -- python[/LEFT][/TD] [TD][LEFT]read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and RAM exhaustion when processing malformed Apple Property List files in binary format.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48564&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48564]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48564') [MISC]('https://bugs.python.org/issue42103')[/TD] [/TR] [TR] [TD][LEFT]geomatika -- isigeo_web[/LEFT][/TD] [TD][LEFT]An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to obtain sensitive database content via SQL Injection.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23563&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-23563]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23563') [MISC]('https://www.geomatika.fr/isigeo-web/') [MISC]('https://github.com/Orange-Cyberdefense/CVE-repository') [MISC]('https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md')[/TD] [/TR] [TR] [TD][LEFT]pandorafms -- pandora_fms[/LEFT][/TD] [TD][LEFT]Server-Side Request Forgery (SSRF) vulnerability in API checker of Pandora FMS. Application does not have a check on the URL scheme used while retrieving API URL. Rather than validating the http/https scheme, the application allows other scheme such as file, which could allow a malicious user to fetch internal file content. This issue affects Pandora FMS v767 version and prior versions on all platforms.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-24515&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-24515]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24515') [MISC]('https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/')[/TD] [/TR] [TR] [TD][LEFT]typora -- typora[/LEFT][/TD] [TD][LEFT]Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious webpage and paste it into Typora.[/LEFT][/TD] [TD][CENTER]2023-08-19[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-2971&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-2971]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2971') [MISC]('https://starlabs.sg/advisories/23/23-2971/')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tapo[/LEFT][/TD] [TD][LEFT]An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38906&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38906]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38906') [MISC]('https://arxiv.org/abs/2308.09019') [MISC]('https://www.scitepress.org/PublicationsDetail.aspx?ID=X/auBv7JrSo=&t=1')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tapo[/LEFT][/TD] [TD][LEFT]An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the TSKEP authentication function.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38908&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38908]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38908') [MISC]('https://arxiv.org/pdf/2308.09019.pdf') [MISC]('https://arxiv.org/abs/2308.09019') [MISC]('https://www.scitepress.org/PublicationsDetail.aspx?ID=X/auBv7JrSo=&t=1')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tapo[/LEFT][/TD] [TD][LEFT]An issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38909&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38909]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38909') [MISC]('https://arxiv.org/pdf/2308.09019.pdf') [MISC]('https://arxiv.org/abs/2308.09019') [MISC]('https://www.scitepress.org/PublicationsDetail.aspx?ID=X/auBv7JrSo=&t=1')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_nifi[/LEFT][/TD] [TD][LEFT]Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against crafted inputs. An authenticated and authorized user can bypass connection URL validation using custom input formatting. The resolution enhances connection URL validation and introduces validation for additional related properties. Upgrading to Apache NiFi 1.23.1 is the recommended mitigation.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40037&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-40037]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40037') [MISC]('https://nifi.apache.org/security.html#CVE-2023-40037') [MISC]('https://lists.apache.org/thread/bqbjlrs2p5ghh8sbk5nsxb8xpf9l687q') [MISC]('http://www.openwall.com/lists/oss-security/2023/08/18/2')[/TD] [/TR] [TR] [TD][LEFT]devolutions -- remote_desktop_manager[/LEFT][/TD] [TD][LEFT]Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their personal vault entry with shared vaults via an incorrect vault in the duplication write process.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4417&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4417]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4417') [MISC]('https://devolutions.net/security/advisories/DEVO-2023-0015')[/TD] [/TR] [TR] [TD][LEFT]wallabag -- wallabag[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4455&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-4455]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4455') [MISC]('https://github.com/wallabag/wallabag/commit/ffcc5c9062fcc8cd922d7d6d65edbe5efae96806') [MISC]('https://huntr.dev/bounties/5ab1b206-5fe8-4737-b275-d705e76f193a')[/TD] [/TR] [TR] [TD][LEFT]redhat -- openshift_logging[/LEFT][/TD] [TD][LEFT]A flaw was found in openshift-logging LokiStack. The key used for caching is just the token, which is too broad. This issue allows a user with a token valid for one action to execute other actions as long as the authorization allowing the original action is still cached.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4456&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-4456]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4456') [MISC]('https://access.redhat.com/security/cve/CVE-2023-4456') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2233087')[/TD] [/TR] [TR] [TD][LEFT]samsung -- sww-3400rw_firmware[/LEFT][/TD] [TD][LEFT]A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22181&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2020-22181]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22181') [MISC]('https://github.com/gusrmsdlrh/Vulner/blob/master/Sww-3400rw.md') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb')[/TD] [/TR] [TR] [TD][LEFT]nagios -- nagios_xi[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-23992&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2020-23992]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-23992') [MISC]('https://github.com/EmreOvunc/Nagios-XI-Reflected-XSS')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41444&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-41444]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41444') [MISC]('https://gist.github.com/enferas/9079535112e4f4ff2c1d2ce1c099d4c2')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthenticated remote attackers to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48547&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-48547]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48547') [MISC]('https://github.com/Cacti/cacti/issues/1882')[/TD] [/TR] [TR] [TD][LEFT]pandorafms -- pandora_fms[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) vulnerability in Visual Console Module of Pandora FMS could be used to hijack admin users session cookie values, carry out phishing attacks, etc. This issue affects Pandora FMS v767 version and prior versions on all platforms.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-24514&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-24514]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24514') [MISC]('https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in UX-themes Flatsome plugin td> [TD][CENTER]2023-08-23[/CENTER][/LEFT][/TD][LEFT] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28994&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-28994]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28994') [MISC]('https://patchstack.com/database/vulnerability/flatsome/wordpress-flatsome-theme-3-16-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FolioVision FV Flowplayer Video Player plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30499&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-30499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30499') [MISC]('https://patchstack.com/database/vulnerability/fv-wordpress-flowplayer/wordpress-fv-flowplayer-video-player-plugin-7-5-32-7212-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Lauri Karisola / WP Trio Stock Sync for WooCommerce plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31094&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-31094]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31094') [MISC]('https://patchstack.com/database/vulnerability/stock-sync-for-woocommerce/wordpress-stock-sync-for-woocommerce-plugin-2-4-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) leading to Stored Cross-Site Scripting (XSS) vulnerability in realmag777 WOLF – WordPress Posts Bulk Editor and Manager Professional plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31218&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-31218]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31218') [MISC]('https://patchstack.com/database/vulnerability/bulk-editor/wordpress-wolf-wordpress-posts-bulk-editor-and-manager-professional-plugin-1-0-6-cross-site-scripting-xss-via-csrf-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ollybach WPPizza – A Restaurant Plugin plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32105&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32105]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32105') [MISC]('https://patchstack.com/database/vulnerability/wppizza/wordpress-wppizza-a-restaurant-plugin-plugin-3-17-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Fahad Mahmood WP Docs plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32106&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32106]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32106') [MISC]('https://patchstack.com/database/vulnerability/wp-docs/wordpress-wp-docs-plugin-1-9-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Photo Gallery Team Photo Gallery by Ays – Responsive Image Gallery plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32107&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32107]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32107') [MISC]('https://patchstack.com/database/vulnerability/gallery-photo-gallery/wordpress-photo-gallery-by-ays-responsive-image-gallery-plugin-5-1-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32108&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32108]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32108') [MISC]('https://patchstack.com/database/vulnerability/albo-pretorio-on-line/wordpress-albo-pretorio-on-line-plugin-4-6-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On line plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32109&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32109]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32109') [MISC]('https://patchstack.com/database/vulnerability/albo-pretorio-on-line/wordpress-albo-pretorio-on-line-plugin-4-6-3-reflected-cross-site-scripting-xss-vulnerability-2?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Spiffy Plugins Spiffy Calendar plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32122&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32122]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32122') [MISC]('https://patchstack.com/database/vulnerability/spiffy-calendar/wordpress-spiffy-calendar-plugin-4-9-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]google -- critters[/LEFT][/TD] [TD][LEFT]Critters versions 0.0.17-0.0.19 have an issue when parsing the HTML, which leads to a potential cross-site scripting (XSS) bug. We recommend upgrading to version 0.0.20 of the extension. [/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3481&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-3481]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3481') [MISC]('https://github.com/GoogleChromeLabs/critters/security/advisories/GHSA-cx3j-qqxj-9597')[/TD] [/TR] [TR] [TD][LEFT]cszcms -- csz_cms[/LEFT][/TD] [TD][LEFT]CSZ CMS 1.3.0 is vulnerable to cross-site scripting (XSS), which allows attackers to execute arbitrary web scripts or HTML via a crafted payload entered in the 'Carousel Wiget' section and choosing our carousel widget created above, in 'Photo URL' and 'YouTube URL' plugin.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38910&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38910]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38910') [MISC]('https://github.com/desencrypt/CVE/blob/main/CVE-2023-38910/Readme.md')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3936&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-3936]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3936') [MISC]('https://wpscan.com/vulnerability/6d09a5d3-046d-47ef-86b4-c024ea09dc0f')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.4 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3954&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-3954]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3954') [MISC]('https://wpscan.com/vulnerability/b463ccbb-2dc1-479f-bc88-becd204b2dc0')[/TD] [/TR] [TR] [TD][LEFT]luxsoft -- luxcal_web_calendar[/LEFT][/TD] [TD][LEFT]Cross-site scripting vulnerability in LuxCal Web Calendar prior to 5.2.3M (MySQL version) and LuxCal Web Calendar prior to 5.2.3L (SQLite version) allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is using the product.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39543&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39543]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39543') [MISC]('https://www.luxsoft.eu/') [MISC]('https://jvn.jp/en/jp/JVN04876736/') [MISC]('https://www.luxsoft.eu/?download')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- jenkins[/LEFT][/TD] [TD][LEFT]Jenkins Fortify Plugin 22.1.38 and earlier does not escape the error message for a form validation method, resulting in an HTML injection vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4303&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4303]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4303') [MISC]('https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3140')[/TD] [/TR] [TR] [TD][LEFT]cockpit -- cockpit[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.[/LEFT][/TD] [TD][CENTER]2023-08-19[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4432&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4432]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4432') [MISC]('https://github.com/cockpit-hq/cockpit/commit/2a93d391fbd2dd9e730f65d43b29beb65903d195') [MISC]('https://huntr.dev/bounties/69684663-6822-41ff-aa05-afbdb8f5268f')[/TD] [/TR] [TR] [TD][LEFT]hamza417 -- inure[/LEFT][/TD] [TD][LEFT]Missing Authorization in GitHub repository hamza417/inure prior to build88.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4434&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4434]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4434') [MISC]('https://huntr.dev/bounties/19e68377-e071-4a8e-aa4c-cd84a426602e') [MISC]('https://github.com/hamza417/inure/commit/2176af74ca3a81fd001e6cc8eea5a8306f484fbb')[/TD] [/TR] [TR] [TD][LEFT]cockpit -- cockpit[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4451&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4451]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4451') [MISC]('https://huntr.dev/bounties/4e111c3e-6cf3-4b4c-b3c1-a540bf30f8fa') [MISC]('https://github.com/cockpit-hq/cockpit/commit/30609466c817e39f9de1871559603e93cd4d0d0c')[/TD] [/TR] [TR] [TD][LEFT]wallabag -- wallabag[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) in GitHub repository wallabag/wallabag prior to 2.6.3.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][5.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4454&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-4454]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4454') [MISC]('https://huntr.dev/bounties/4ee0ef74-e4d4-46e7-a05c-076bce522299') [MISC]('https://github.com/wallabag/wallabag/commit/78b0b55c40511e1f22d5bbb4897aa10fca68441c')[/TD] [/TR] [TR] [TD][LEFT]libtiff -- libtiff[/LEFT][/TD] [TD][LEFT]There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18768&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18768]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18768') [MISC]('http://bugzilla.maptools.org/show_bug.cgi?id=2848')[/TD] [/TR] [TR] [TD][LEFT]zziplib_project -- zziplib[/LEFT][/TD] [TD][LEFT]An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18770&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18770]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18770') [MISC]('https://github.com/gdraheim/zziplib/issues/69')[/TD] [/TR] [TR] [TD][LEFT]nasm -- netwide_assembler[/LEFT][/TD] [TD][LEFT]A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18780&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18780]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18780') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392634')[/TD] [/TR] [TR] [TD][LEFT]audiofile -- audiofile[/LEFT][/TD] [TD][LEFT]Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18781&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-18781]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18781') [MISC]('https://github.com/mpruett/audiofile/issues/56')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19724&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-19724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19724') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=25362') [MISC]('https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=805f38bc551de820bcd7b31d3c5731ae27cf853a')[/TD] [/TR] [TR] [TD][LEFT]elfutils_project -- elfutils[/LEFT][/TD] [TD][LEFT]The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21047&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21047]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21047') [MISC]('https://sourceware.org/git/?p=elfutils.git;a=commitdiff;h=99dc63b10b3878616b85df2dfd2e4e7103e414b8') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=25068')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21490&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21490]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21490') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=25249') [MISC]('https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=378fd436405b3051df34ac995b2e03fe1f3d1907')[/TD] [/TR] [TR] [TD][LEFT]nasm -- netwide_assembler[/LEFT][/TD] [TD][LEFT]A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21528&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21528]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21528') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392637')[/TD] [/TR] [TR] [TD][LEFT]graphicsmagick -- graphicsmagick[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21679&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21679]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21679') [MISC]('https://sourceforge.net/p/graphicsmagick/bugs/619/')[/TD] [/TR] [TR] [TD][LEFT]nasm -- netwide_assembler[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21685&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21685]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21685') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392644')[/TD] [/TR] [TR] [TD][LEFT]nasm -- netwide_assembler[/LEFT][/TD] [TD][LEFT]A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21686&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21686]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21686') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392643')[/TD] [/TR] [TR] [TD][LEFT]nasm -- netwide_assembler[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21687&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21687]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21687') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392645')[/TD] [/TR] [TR] [TD][LEFT]artifex -- ghostscript[/LEFT][/TD] [TD][LEFT]A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21710&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21710') [MISC]('https://bugs.ghostscript.com/show_bug.cgi?id=701843') [MISC]('https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=4e713293de84b689c4ab358f3e110ea54aa81925')[/TD] [/TR] [TR] [TD][LEFT]ogg_video_tools_project -- ogg_video_tools[/LEFT][/TD] [TD][LEFT]A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21723&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21723]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21723') [MISC]('https://sourceforge.net/p/oggvideotools/bugs/10/') [MISC]('https://github.com/xiaoxiongwang/security/tree/master/oggvideotools#segv-occurs-in-function-streamserializerextractstreams-in-streamserializercpp')[/TD] [/TR] [TR] [TD][LEFT]artifex -- mupdf[/LEFT][/TD] [TD][LEFT]A Use After Free vulnerability in svg_dev_text_span_as_paths_defs function in source/fitz/svg-device.c in Artifex Software MuPDF 1.16.0 allows remote attackers to cause a denial of service via opening of a crafted PDF file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-21896&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-21896]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21896') [MISC]('https://bugs.ghostscript.com/show_bug.cgi?id=701294')[/TD] [/TR] [TR] [TD][LEFT]tukaani -- xz[/LEFT][/TD] [TD][LEFT]An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of crafted file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22916&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-22916]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22916') [MISC]('https://tukaani.org/xz/') [MISC]('https://github.com/snappyJack/CVE-request-XZ-5.2.5-has-denial-of-service-vulnerability')[/TD] [/TR] [TR] [TD][LEFT]nasm -- netwide_assembler[/LEFT][/TD] [TD][LEFT]Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-29654&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-29654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-29654') [MISC]('https://www.nasm.us/pub/nasm/releasebuilds/2.15.05/') [MISC]('https://gist.github.com/naihsin/b96e2c5c2c81621b46557fd7aacd165f') [MISC]('https://gcc.gnu.org/onlinedocs/gcc/Instrumentation-Options.html')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered function stab_demangle_v3_arg in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47007&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-47007]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47007') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29254')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered function make_tempdir, and make_tempname in bucomm.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47008&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-47008]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47008') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29255%20')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered function pr_function_type in prdbg.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47010&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-47010]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47010') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29262')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]An issue was discovered function parse_stab_struct_fields in stabs.c in Binutils 2.34 thru 2.38, allows attackers to cause a denial of service due to memory leaks.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47011&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-47011]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47011') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29261')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48063&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48063]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48063') [MISC]('https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75393a2d54bcc40053e5262a3de9d70c5ebfbbfd') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29924')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function bfd_dwarf2_find_nearest_line_with_alt at dwarf2.c. The attacker could supply a crafted ELF file and cause a DNS attack.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48064&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48064]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48064') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29922') [MISC]('https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8f2c64de86bc3d7556121fe296dd679000283931')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils[/LEFT][/TD] [TD][LEFT]GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48065&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48065]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48065') [MISC]('https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d28fbc7197ba0e021a43f873eff90b05dcdcff6a') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29925')[/TD] [/TR] [TR] [TD][LEFT]file_project -- file[/LEFT][/TD] [TD][LEFT]File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48554&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48554]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48554') [MISC]('https://bugs.astron.com/view.php?id=310')[/TD] [/TR] [TR] [TD][LEFT]insyde -- insydeh2o[/LEFT][/TD] [TD][LEFT]An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. UEFI implementations do not correctly protect and validate information contained in the 'MeSetup' UEFI variable. On some systems, this variable can be overwritten using operating system APIs. Exploitation of this vulnerability could potentially lead to denial of service for the platform.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27471&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-27471]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27471') [MISC]('https://www.insyde.com/security-pledge/SA-2023036')[/TD] [/TR] [TR] [TD][LEFT]nasm -- netwide_assembler[/LEFT][/TD] [TD][LEFT]Null pointer dereference in ieee_write_file in nasm 2.16rc0 allows attackers to cause a denial of service (crash).[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38665&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38665]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38665') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392818')[/TD] [/TR] [TR] [TD][LEFT]hamza417 -- inure[/LEFT][/TD] [TD][LEFT]Improper Input Validation in GitHub repository hamza417/inure prior to build88.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4435&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4435]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4435') [MISC]('https://huntr.dev/bounties/1875ee85-4b92-4aa4-861e-094137a29276') [MISC]('https://github.com/hamza417/inure/commit/e74062e439f860fd144da4bfc3f35e96c19c3abd')[/TD] [/TR] [TR] [TD][LEFT]linux -- kernel[/LEFT][/TD] [TD][LEFT]A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4459&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4459]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4459') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2219268') [MISC]('https://github.com/torvalds/linux/commit/edf410cb74dc612fd47ef5be319c5a0bcd6e6ccd') [MISC]('https://access.redhat.com/security/cve/CVE-2023-4459')[/TD] [/TR] [TR] [TD][LEFT]pandorafms -- pandora_fms[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) vulnerability in the Pandora FMS Special Days component allows an attacker to use it to steal the session cookie value of admin users easily with little user interaction. This issue affects Pandora FMS v767 version and prior versions on all platforms.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-24516&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-24516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24516') [MISC]('https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/')[/TD] [/TR] [TR] [TD][LEFT]juliencrego -- manager_for_icomoon[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Julien Crego Manager for Icomoon plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-29387&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-29387]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29387') [MISC]('https://patchstack.com/database/vulnerability/manager-for-icomoon/wordpress-manager-for-icommon-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]themepalace -- tp_education[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Theme Palace TP Education plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32103&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32103]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32103') [MISC]('https://patchstack.com/database/vulnerability/tp-education/wordpress-tp-education-plugin-4-4-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]cszcms -- csz_cms[/LEFT][/TD] [TD][LEFT]A Cross-Site Scripting (XSS) vulnerability in CSZ CMS 1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Gallery parameter in the YouTube URL fields.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38911&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38911]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38911') [MISC]('https://github.com/desencrypt/CVE/blob/main/CVE-2023-38911/Readme.md')[/TD] [/TR] [TR] [TD][LEFT]zerowdd -- studentmanager[/LEFT][/TD] [TD][LEFT]Cross Site Scripting vulnerability in ZeroWdd studentmanager v.1.0 allows a remote attacker to execute arbitrary code via the username parameter in the student list function.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39094&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39094]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39094') [MISC]('https://github.com/ZeroWdd/studentmanager/issues/12')[/TD] [/TR] [TR] [TD][LEFT]advancedcustomfields -- advanced_custom_fields[/LEFT][/TD] [TD][LEFT]Cross-site scripting vulnerability in Advanced Custom Fields versions 6.1.0 to 6.1.7 and Advanced Custom Fields Pro versions 6.1.0 to 6.1.7 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product with the administrative privilege.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40068&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40068]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40068') [MISC]('https://wordpress.org/plugins/advanced-custom-fields/') [MISC]('https://www.advancedcustomfields.com/') [MISC]('https://jvn.jp/en/jp/JVN98946408/') [MISC]('https://www.advancedcustomfields.com/blog/acf-6-1-8/')[/TD] [/TR] [TR] [TD][LEFT]dedecms -- dedecms[/LEFT][/TD] [TD][LEFT]DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_add.php via the votename and voteitem1 parameters.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40874&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40874]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40874') [MISC]('https://github.com/DiliLearngent/BugReport/blob/main/php/DedeCMS/xss1.md')[/TD] [/TR] [TR] [TD][LEFT]dedecms -- dedecms[/LEFT][/TD] [TD][LEFT]DedeCMS up to and including 5.7.110 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities at /dede/vote_edit.php via the votename and votenote parameters.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40875&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40875]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40875') [MISC]('https://github.com/DiliLearngent/BugReport/blob/main/php/DedeCMS/xss2.md')[/TD] [/TR] [TR] [TD][LEFT]dedecms -- dedecms[/LEFT][/TD] [TD][LEFT]DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_add.php via the title parameter.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40876&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40876]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40876') [MISC]('https://github.com/DiliLearngent/BugReport/blob/main/php/DedeCMS/xss3.md')[/TD] [/TR] [TR] [TD][LEFT]dedecms -- dedecms[/LEFT][/TD] [TD][LEFT]DedeCMS up to and including 5.7.110 was discovered to contain a cross-site scripting (XSS) vulnerability at /dede/freelist_edit.php via the title parameter.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40877&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40877]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40877') [MISC]('https://github.com/DiliLearngent/BugReport/blob/main/php/DedeCMS/xss4.md')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- jenkins[/LEFT][/TD] [TD][LEFT]A cross-site request forgery (CSRF) vulnerability in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4301&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4301]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4301') [MISC]('https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3115')[/TD] [/TR] [TR] [TD][LEFT]cockpit -- cockpit[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4.[/LEFT][/TD] [TD][CENTER]2023-08-19[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4433&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4433]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4433') [MISC]('https://huntr.dev/bounties/64f3253d-6852-4b9f-b870-85e896007b1a') [MISC]('https://github.com/cockpit-hq/cockpit/commit/36d1d4d256cbbab028342ba10cc493e5c119172c')[/TD] [/TR] [TR] [TD][LEFT]pimcore -- pimcore[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Reflected in GitHub repository pimcore/pimcore prior to 10.6.8.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4453&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4453]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4453') [MISC]('https://huntr.dev/bounties/245a8785-0fc0-4561-b181-fa20f869d993') [MISC]('https://github.com/pimcore/pimcore/commit/234c0c02ea7502071b00ab673fbe4a6ac253080e')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The FV Flowplayer Video Player plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_fv_player_user_video’ parameter saved via the 'save' function hooked via init, and the plugin is also vulnerable to Arbitrary Usermeta Update via the 'save' function in versions up to, and including, 7.5.37.7212 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page, and makes it possible to update the user metas arbitrarily, but the meta value can only be a string.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4520&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4520]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4520') [MISC]('https://plugins.trac.wordpress.org/changeset/2957322/fv-wordpress-flowplayer#file2') [MISC]('https://plugins.trac.wordpress.org/browser/fv-wordpress-flowplayer/tags/7.5.36.7212/models/custom-videos.php#L341') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/c55ca7d4-6bc0-49c9-8ce0-50fff8775a76?source=cve')[/TD] [/TR] [TR] [TD][LEFT]esri -- server [/LEFT][/TD] [TD][LEFT]ArcGIS Enterprise Server versions 11.0 and below have an information disclosure vulnerability where a remote, unauthorized attacker may submit a crafted query that may result in a low severity information disclosure issue. The information disclosed is limited to a single attribute in a database connection string. No business data is disclosed.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25848&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-25848]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25848') [MISC]('https://www.esri.com/arcgis-blog/products/trust-arcgis/announcements/arcgis-server-map-and-feature-service-security-2023-update-1-patch/')[/TD] [/TR] [TR] [TD][LEFT]e-excellence -- u-office_force [/LEFT][/TD] [TD][LEFT]e-Excellence U-Office Force generates an error message in webiste service. An unauthenticated remote attacker can obtain partial sensitive system information from error message by sending a crafted command.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32755&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32755]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32755') [MISC]('https://www.twcert.org.tw/tw/cp-132-7328-d4112-1.html')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36674&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36674') [MISC]('https://phabricator.wikimedia.org/T335612')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 21.0.0 through 21.0.7.1 runtime is vulnerable to information disclosure of script content if the remote REST request computer policy is enabled. IBM X-Force ID: 263470.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40370&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40370]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40370') [MISC]('https://www.ibm.com/support/pages/node/7028218') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/263470')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Stripe Payment Plugin for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh_callback_handler function in versions up to, and including, 3.7.9. This makes it possible for unauthenticated attackers to modify the order status of arbitrary WooCommerce orders.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4040&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4040]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4040') [MISC]('https://plugins.trac.wordpress.org/changeset/2954934/') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/ef543c61-2acc-4b72-81ff-883960d4c7c3?source=cve')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- card_holder_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Minus Value Handler. The manipulation leads to improper validation of specified quantity in input. The attack may be launched remotely. The identifier of this vulnerability is VDB-237560.[/LEFT][/TD] [TD][CENTER]2023-08-20[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4439&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4439]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4439') [MISC]('https://vuldb.com/?ctiid.237560') [MISC]('https://vuldb.com/?id.237560')[/TD] [/TR] [TR] [TD][LEFT]geomatika -- isigeo_web[/LEFT][/TD] [TD][LEFT]An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to retrieve PHP files from the server via Local File Inclusion.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23565&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-23565]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23565') [MISC]('https://www.geomatika.fr/isigeo-web/') [MISC]('https://github.com/Orange-Cyberdefense/CVE-repository') [MISC]('https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_geomatika_isigeoweb.md')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in All My Web Needs Logo Scheduler plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30875&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-30875]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30875') [MISC]('https://patchstack.com/database/vulnerability/logo-scheduler-great-for-holidays-events-and-more/wordpress-logo-scheduler-great-for-holidays-events-and-more-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeMindsSolutions CM On Demand Search And Replace plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31228&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-31228]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31228') [MISC]('https://patchstack.com/database/vulnerability/cm-on-demand-search-and-replace/wordpress-cm-on-demand-search-and-replace-plugin-1-3-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in David Artiss Plugins List plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31232&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-31232]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31232') [MISC]('https://patchstack.com/database/vulnerability/plugins-list/wordpress-plugins-list-plugin-2-5-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Daniel Powney Multi Rating plugin td> [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32130&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32130]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32130') [MISC]('https://patchstack.com/database/vulnerability/multi-rating/wordpress-multi-rating-plugin-5-0-6-cross-site-scripting-xss?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]sourcecodester -- student_study_center_desk_management_system[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in sourcecodester Student Study Center Desk Management System 1.0 allows attackers to run arbitrary code via crafted GET request to web application URL.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36317&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36317]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36317') [MISC]('https://www.sourcecodester.com/php/16298/student-study-center-desk-management-system-using-php-oop-and-mysql-db-free-source-code') [MISC]('https://www.sourcecodester.com') [MISC]('https://github.com/oye-ujjwal/CVE/blob/main/CVE-2023-36317')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Bit Assist WordPress plugin before 1.1.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3667&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-3667]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3667') [MISC]('https://wpscan.com/vulnerability/9f2f3f85-6812-46b5-9175-c56f6852afd7')[/TD] [/TR] [TR] [TD][LEFT]cockpit -- cockpit[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4422&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4422]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4422') [MISC]('https://github.com/cockpit-hq/cockpit/commit/b8dad5e070608bb5e4ec58fabbee101b5af737cf') [MISC]('https://huntr.dev/bounties/2e12b773-b6a2-48da-a4bb-55d5d1307d2e')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The MultiParcels Shipping For WooCommerce WordPress plugin before 1.15.2 does not have CRSF check when deleting a shipment, allowing attackers to make any logged in user, delete arbitrary shipment via a CSRF attack[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3366&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-3366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3366') [MISC]('https://wpscan.com/vulnerability/b2f06223-9352-4227-ae94-32061e2c5611')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 21.0.0 through 21.0.7 server could allow an authenticated user to view sensitive information from application logs. IBM X-Force ID: 262289.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38732&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38732]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38732') [MISC]('https://www.ibm.com/support/pages/node/7028221') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/262289')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 21.0.0 through 21.0.7.1 and 23.0.0 through 23.0.1 server could allow an authenticated user to view sensitive information from installation logs. IBM X-Force Id: 262293.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38733&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38733]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38733') [MISC]('https://www.ibm.com/support/pages/node/7028223') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/262293')[/TD] [/TR] [TR] [TD][LEFT]jenkins -- jenkins[/LEFT][/TD] [TD][LEFT]A missing permission check in Jenkins Fortify Plugin 22.1.38 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4302&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4302]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4302') [MISC]('https://www.jenkins.io/security/advisory/2023-08-16/#SECURITY-3115')[/TD] [/TR][/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/TABLE][/CENTER] [TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT] [Back to top]('https://www.cisa.gov/uscert/ncas/#top') [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT]

Low Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]chamilo -- chamilo[/LEFT][/TD] [TD][LEFT]Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][3.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39061&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39061]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39061') [MISC]('http://chamilo.com') [MISC]('https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-123-2023-07-08-Moderate-impact-Moderate-risk-CSRF-through-admin-account-forum-posts')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- edge_chromium[/LEFT][/TD] [TD][LEFT]Microsoft Edge (Chromium-based) Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER][3.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38158&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38158]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38158') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38158')[/TD] [/TR] [TR] [TD][LEFT]rootkit_hunter_project -- rootkit_hunter[/LEFT][/TD] [TD][LEFT]A vulnerability was found in rkhunter Rootkit Hunter 1.4.4/1.4.6. It has been classified as problematic. Affected is an unknown function of the file /var/log/rkhunter.log. The manipulation leads to sensitive information in log files. An attack has to be approached locally. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-237516.[/LEFT][/TD] [TD][CENTER]2023-08-18[/CENTER][/TD] [TD][CENTER][2.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4413&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4413]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4413') [MISC]('https://gist.github.com/MatheuZSecurity/16ef0219db8f85f49f945a25d5eb42d7') [MISC]('https://vuldb.com/?id.237516') [MISC]('https://youtu.be/etHt1TNAgs8') [MISC]('https://vuldb.com/?ctiid.237516')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Severity Not Yet Assigned

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform arbitrary read/write via a malicious file. (Chromium security severity: Critical)[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2019-13689]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-13689') [MISC]('https://crbug.com/960109') [MISC]('https://bugs.chromium.org/p/chromium/issues/detail?id=960109')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome [/LEFT][/TD] [TD][LEFT]Inappropriate implementation in OS in Google Chrome on ChromeOS prior to 75.0.3770.80 allowed a remote attacker to perform OS-level privilege escalation via a malicious file. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2019-13690]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-13690') [MISC]('https://bugs.chromium.org/p/chromium/issues/detail?id=960111') [MISC]('https://crbug.com/960111')[/TD] [/TR] [TR] [TD][LEFT]stormshield -- stormshield_network_security [/LEFT][/TD] [TD][LEFT]An issue was discovered in Stormshield SNS 3.8.0. Authenticated Stored XSS in the admin login panel leads to SSL VPN credential theft. A malicious disclaimer file can be uploaded from the admin panel. The resulting file is rendered on the authentication interface of the admin panel. It is possible to inject malicious HTML content in order to execute JavaScript inside a victim's browser. This results in a stored XSS on the authentication interface of the admin panel. Moreover, an unsecured authentication form is present on the authentication interface of the SSL VPN captive portal. Users are allowed to save their credentials inside the browser. If an administrator saves his credentials through this unsecured form, these credentials could be stolen via the stored XSS on the admin panel without user interaction. Another possible exploitation would be modification of the authentication form of the admin panel into a malicious form.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-11711]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-11711') [MISC]('https://www.digitemis.com/category/blog/actualite/') [MISC]('https://advisories.stormshield.eu/2020-011/') [MISC]('https://twitter.com/_ACKNAK_')[/TD] [/TR] [TR] [TD][LEFT]hwclock.13-v2.27 -- hwclock.13-v2.27[/LEFT][/TD] [TD][LEFT]An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privileges or execute arbitrary commands via the path parameter when setting the date.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-21583]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21583') [MISC]('https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786804') [MISC]('https://packetstormsecurity.com/files/132061/hwclock-Privilege-Escalation.html')[/TD] [/TR] [TR] [TD][LEFT]tengine -- tengine [/LEFT][/TD] [TD][LEFT]The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to an integer overflow vulnerability in the nginx range filter module, resulting in the leakage of potentially sensitive information triggered by specially crafted requests.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-21699]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-21699') [MISC]('https://github.com/ZxDecide/Nginx-variants/blob/master/%E9%99%84%E4%BB%B6(Tengine).docx')[/TD] [/TR] [TR] [TD][LEFT]yealink -- w60b [/LEFT][/TD] [TD][LEFT]Directory Traversal vulnerability in Contacts File Upload Interface in Yealink W60B version 77.83.0.85, allows attackers to gain sensitive information and cause a denial of service (DoS).[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-24113]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24113') [MISC]('https://fuo.fi/CVE-2020-24113/')[/TD] [/TR] [TR] [TD][LEFT]artifex_software -- mupdf [/LEFT][/TD] [TD][LEFT]A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-26683]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-26683') [MISC]('https://bugs.ghostscript.com/show_bug.cgi?id=702566')[/TD] [/TR] [TR] [TD][LEFT]stormshield -- stormshield_network_security [/LEFT][/TD] [TD][LEFT]Stormshield Network Security (SNS) VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-27932]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-27932') [MISC]('https://advisories.stormshield.eu/2021-004/') [MISC]('https://advisories.stormshield.eu')[/TD] [/TR] [TR] [TD][LEFT]opensc -- opensc [/LEFT][/TD] [TD][LEFT]Stack overflow vulnerability in OpenSC smart card middleware before 0.23 via crafted responses to APDUs.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-34193]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-34193') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28768') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29912') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30800') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28185') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28383') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27719') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=32149') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30112') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31448') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=31540') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28855') [MISC]('https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28843')[/TD] [/TR] [TR] [TD][LEFT]samsung -- syncthru_web_service [/LEFT][/TD] [TD][LEFT]An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-35309]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-35309') [MISC]('https://github.com/mustafa-turgut/cve-subscriptions/tree/main/samsung-stws') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb')[/TD] [/TR] [TR] [TD][LEFT]freeimage -- freeimage [/LEFT][/TD] [TD][LEFT]A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-40263]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40263') [MISC]('https://sourceforge.net/p/freeimage/bugs/336/')[/TD] [/TR] [TR] [TD][LEFT]nervuri -- e_os [/LEFT][/TD] [TD][LEFT]Improper verification of applications' cryptographic signatures in the /e/OS app store client App Lounge before 0.19q allows attackers in control of the application server to install malicious applications on user's systems by altering the server's API response.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-43171]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-43171') [MISC]('https://gitlab.e.foundation/e/os/releases/-/releases/v0.19-q#sparkles-we-embedded-other-improvements') [MISC]('https://nervuri.net/e/apps')[/TD] [/TR] [TR] [TD][LEFT]djvulibre -- djvulibre [/LEFT][/TD] [TD][LEFT]An issue was discovered IW44Image.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-46310]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-46310') [MISC]('https://sourceforge.net/p/djvu/bugs/345/')[/TD] [/TR] [TR] [TD][LEFT]djvulibre-- djvulibre [/LEFT][/TD] [TD][LEFT]An issue was discovered IW44EncodeCodec.cpp in djvulibre 3.5.28 in allows attackers to cause a denial of service via divide by zero.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-46312]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-46312') [MISC]('https://sourceforge.net/p/djvu/bugs/344/')[/TD] [/TR] [TR] [TD][LEFT]etcd -- etcd [/LEFT][/TD] [TD][LEFT]Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-34038]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34038') [MISC]('https://github.com/etcd-io/etcd/pull/14022') [MISC]('https://github.com/etcd-io/etcd/pull/14452')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils [/LEFT][/TD] [TD][LEFT]An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-35205]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35205') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29289')[/TD] [/TR] [TR] [TD][LEFT]gnu -- binutils [/LEFT][/TD] [TD][LEFT]Null pointer dereference vulnerability in Binutils readelf 2.38.50 via function read_and_display_attr_value in file dwarf.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-35206]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35206') [MISC]('https://sourceware.org/bugzilla/show_bug.cgi?id=29290')[/TD] [/TR] [TR] [TD][LEFT]freedesktop -- poppler [/LEFT][/TD] [TD][LEFT]In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-37050]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-37050') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/issues/1274') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/commit/dcd5bd8238ea448addd102ff045badd0aca1b990')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- notebook [/LEFT][/TD] [TD][LEFT]A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-3742]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3742') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-103710')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- notebook [/LEFT][/TD] [TD][LEFT]A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges under certain conditions the ability to enumerate Embedded Controller (EC) commands.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-3743]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3743') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-103710')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- notebook [/LEFT][/TD] [TD][LEFT]A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to unlock UEFI variables due to a hard-coded SMI handler credential.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-3744]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3744') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-103710')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- notebook [/LEFT][/TD] [TD][LEFT]A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to view incoming and returned data from SMI.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-3745]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3745') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-103710')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- notebook [/LEFT][/TD] [TD][LEFT]A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to cause some peripherals to work abnormally due to an exposed Embedded Controller (EC) interface.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-3746]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3746') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-103710')[/TD] [/TR] [TR] [TD][LEFT]freedesktop -- poppler [/LEFT][/TD] [TD][LEFT]An issue was discovered in Poppler 22.08.0. There is a reachable assertion in Object.h, will lead to denial of service because PDFDoc::replacePageDict in PDFDoc.cc lacks a stream check before saving an embedded file.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-38349]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-38349') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/issues/1282') [MISC]('https://gitlab.freedesktop.org/poppler/poppler/-/commit/4564a002bcb6094cc460bc0d5ddff9423fe6dd28')[/TD] [/TR] [TR] [TD][LEFT]oracle -- jdk [/LEFT][/TD] [TD][LEFT]An issue was discovered in function ciMethodBlocks::make_block_at in Oracle JDK (HotSpot VM) 11, 17 and OpenJDK (HotSpot VM) 8, 11, 17, allows attackers to cause a denial of service.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-40433]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40433') [MISC]('https://github.com/openjdk/jdk15u-dev/pull/261') [MISC]('https://github.com/openjdk/jdk13u-dev/pull/394') [MISC]('https://bugs.openjdk.org/browse/JDK-8283441') [MISC]('https://github.com/openjdk/jdk11u-dev/pull/1183')[/TD] [/TR] [TR] [TD][LEFT]libsass -- libsass [/LEFT][/TD] [TD][LEFT]Stack overflow vulnerability in ast_selectors.cpp in function Sass::CompoundSelector::has_real_parent_ref in libsass:3.6.5-8-g210218, which can be exploited by attackers to causea denial of service (DoS). Also affects the command line driver for libsass, sassc 3.6.2.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-43357]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43357') [MISC]('https://github.com/sass/libsass/issues/3177') [MISC]('https://github.com/sass/libsass') [MISC]('https://drive.google.com/file/d/1aC5q3czen0atI91fuBIoCBFkS30_OSWX/')[/TD] [/TR] [TR] [TD][LEFT]sass-lang -- libsass [/LEFT][/TD] [TD][LEFT]Stack overflow vulnerability in ast_selectors.cpp: in function Sass::ComplexSelector::has_placeholder in libsass:3.6.5-8-g210218, which can be exploited by attackers to cause a denial of service (DoS).[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-43358]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43358') [MISC]('https://github.com/sass/libsass/issues/3178') [MISC]('https://github.com/sass/libsass') [MISC]('https://drive.google.com/file/d/1j5fkPjWH9zQeTdO_4dMcZ-FpOBzP0MaI/')[/TD] [/TR] [TR] [TD][LEFT]south_river_technologie -- titan_ftp [/LEFT][/TD] [TD][LEFT]There is an open redirect vulnerability in Titan FTP server 19.0 and below. Users are redirected to any target URL.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-44215]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44215') [MISC]('https://github.com/JBalanza/CVE-2022-44215') [MISC]('https://drive.google.com/file/d/1oLJaqs5RRNQLT1Hyy-tgEzzhGLB0506J/view?usp=sharing')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome [/LEFT][/TD] [TD][LEFT]Insufficient data validation in crosvm in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-4452]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4452') [MISC]('https://crbug.com/1372457') [MISC]('https://bugs.chromium.org/p/chromium/issues/detail?id=1372457')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_xml_graphics_batik [/LEFT][/TD] [TD][LEFT]Server-Side Request Forgery (SSRF) vulnerability in Apache Software Foundation Apache XML Graphics Batik.This issue affects Apache XML Graphics Batik: 1.16. A malicious SVG can probe user profile / data and send it directly as parameter to a URL.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-44730]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44730') [MISC]('https://lists.apache.org/thread/58m5817jr059f4v1zogh0fngj9pwjyj0') [MISC]('https://xmlgraphics.apache.org/security.html') [MISC]('http://www.openwall.com/lists/oss-security/2023/08/22/3') [MISC]('http://www.openwall.com/lists/oss-security/2023/08/22/5')[/TD] [/TR] [TR] [TD][LEFT]openmns -- horizon [/LEFT][/TD] [TD][LEFT]Open Redirect vulnerability in Horizon Web Dashboard 19.4.0 thru 20.1.4 via the success_url parameter.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-45582]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45582') [MISC]('https://bugs.launchpad.net/horizon/+bug/1982676') [MISC]('https://github.com/openstack/horizon/blob/master/horizon/workflows/views.py#L96-L102')[/TD] [/TR] [TR] [TD][LEFT]fresenius_kabi -- pharmahelp [/LEFT][/TD] [TD][LEFT]An issue was discovered in Fresenius Kabi PharmaHelp 5.1.759.0 allows attackers to gain escalated privileges via via capture of user login information.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-45611]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-45611') [MISC]('https://www.fresenius-kabi.com/de-at/produkte/pharmahelp-compounder')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_ivy/apache_maven [/LEFT][/TD] [TD][LEFT]Improper Restriction of XML External Entity Reference, XML Injection (aka Blind XPath Injection) vulnerability in Apache Software Foundation Apache Ivy.This issue affects any version of Apache Ivy prior to 2.5.2. When Apache Ivy prior to 2.5.2 parses XML files - either its own configuration, Ivy files or Apache Maven POMs - it will allow downloading external document type definitions and expand any entity references contained therein when used. This can be used to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy in different ways. Starting with Ivy 2.5.2 DTD processing is disabled by default except when parsing Maven POMs where the default is to allow DTD processing but only to include a DTD snippet shipping with Ivy that is needed to deal with existing Maven POMs that are not valid XML files but are nevertheless accepted by Maven. Access can be be made more lenient via newly introduced system properties where needed. Users of Ivy prior to version 2.5.2 can use Java system properties to restrict processing of external DTDs, see the section about "JAXP Properties for External Access restrictions" inside Oracle's "Java API for XML Processing (JAXP) Security Guide".[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-46751]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46751') [MISC]('https://docs.oracle.com/en/java/javase/13/security/java-api-xml-processing-jaxp-security-guide.html#GUID-94ABC0EE-9DC8-44F0-84AD-47ADD5340477') [MISC]('https://lists.apache.org/thread/1dj60hg5nr36kjr4p1100dwjrqookps8') [MISC]('https://gitbox.apache.org/repos/asf?p=ant-ivy.git;a=commit;h=2be17bc18b0e1d4123007d579e43ba1a4b6fab3d') [MISC]('https://lists.apache.org/thread/9gcz4xrsn8c7o9gb377xfzvkb8jltffr')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- firefox[/LEFT][/TD] [TD][LEFT]A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash. [I]Note[/I]: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-46884]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46884') [MISC]('https://www.mozilla.org/security/advisories/mfsa2022-44/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1786818')[/TD] [/TR] [TR] [TD][LEFT]open-mpi -- open-mpi [/LEFT][/TD] [TD][LEFT]An issue was discovered in open-mpi hwloc 2.1.0 allows attackers to cause a denial of service or other unspecified impacts via glibc-cpuset in topology-linux.c.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-47022]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47022') [MISC]('https://github.com/open-mpi/hwloc/issues/544')[/TD] [/TR] [TR] [TD][LEFT]busybox -- busybox [/LEFT][/TD] [TD][LEFT]There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be executed from command to arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-48174]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48174') [MISC]('https://bugs.busybox.net/show_bug.cgi?id=15216')[/TD] [/TR] [TR] [TD][LEFT]perl -- perl [/LEFT][/TD] [TD][LEFT]In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-48522]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48522') [MISC]('https://github.com/Perl/perl5/blob/79a7b254d85a10b65126ad99bf10e70480569d68/sv.c#L16336-L16345')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti [/LEFT][/TD] [TD][LEFT]In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of improper validation in the PHP code: cacti_ldap_auth() allows a zero as the password.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-48538]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48538') [MISC]('https://github.com/Cacti/cacti/issues/5189') [MISC]('https://docs.cacti.net/Settings-Auth-LDAP.md')[/TD] [/TR] [TR] [TD][LEFT]xpdf -- xpdf [/LEFT][/TD] [TD][LEFT]An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-48545]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48545') [MISC]('https://forum.xpdfreader.com/viewtopic.php?f=3&t=42092')[/TD] [/TR] [TR] [TD][LEFT]python -- python [/LEFT][/TD] [TD][LEFT]An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no longer accepts entity declarations in XML plist files to avoid XML vulnerabilities.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-48565]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48565') [MISC]('https://bugs.python.org/issue42051')[/TD] [/TR] [TR] [TD][LEFT]python -- python [/LEFT][/TD] [TD][LEFT]An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defeating optimisations were possible in the accumulator variable in hmac.compare_digest.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-48566]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48566') [MISC]('https://bugs.python.org/issue40791')[/TD] [/TR] [TR] [TD][LEFT]mongodb_inc -- mongodb_server [/LEFT][/TD] [TD][LEFT]If the MongoDB Server running on Windows or macOS is configured to use TLS with a specific set of configuration options that are already known to work securely in other platforms (e.g. Linux), it is possible that client certificate validation may not be in effect, potentially allowing client to establish a TLS connection with the server that supplies any certificate. This issue affect all MongoDB Server v6.3 versions, MongoDB Server v5.0 versions v5.0.0 to v5.0.14 and all MongoDB Server v4.4 versions.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-1409]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1409') [MISC]('https://jira.mongodb.org/browse/SERVER-77028') [MISC]('https://jira.mongodb.org/browse/SERVER-73662')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_nx-os_software [/LEFT][/TD] [TD][LEFT]A vulnerability in the SFTP server implementation for Cisco Nexus 3000 Series Switches and 9000 Series Switches in standalone NX-OS mode could allow an authenticated, remote attacker to download or overwrite files from the underlying operating system of an affected device. This vulnerability is due to a logic error when verifying the user role when an SFTP connection is opened to an affected device. An attacker could exploit this vulnerability by connecting and authenticating via SFTP as a valid, non-administrator user. A successful exploit could allow the attacker to read or overwrite files from the underlying operating system with the privileges of the authenticated user. There are workarounds that address this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20115]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20115') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-sftp-xVAp5Hfd')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_nx-os_software [/LEFT][/TD] [TD][LEFT]A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local attacker to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication attempt if the directed request option is enabled for TACACS+ or RADIUS. An attacker could exploit this vulnerability by entering a crafted string at the login prompt of an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a denial of service (DoS) condition.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20168]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20168') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-remoteauth-dos-XB6pv74m')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_nx-os_software [/LEFT][/TD] [TD][LEFT]A vulnerability in the Intermediate System-to-Intermediate System (IS-IS) protocol of Cisco NX-OS Software for the Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an unauthenticated, adjacent attacker to cause the IS-IS process to unexpectedly restart, which could cause an affected device to reload. This vulnerability is due to insufficient input validation when parsing an ingress IS-IS packet. An attacker could exploit this vulnerability by sending a crafted IS-IS packet to an affected device. A successful exploit could allow the attacker to cause a denial of service (DoS) condition due to the unexpected restart of the IS-IS process, which could cause the affected device to reload. Note: The IS-IS protocol is a routing protocol. To exploit this vulnerability, an attacker must be Layer 2 adjacent to the affected device.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20169]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20169') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-nxos-n3_9k-isis-dos-FTCXB4Vb')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_unified_computing_system [/LEFT][/TD] [TD][LEFT]A vulnerability in the Simple Network Management Protocol (SNMP) service of Cisco FXOS Software for Firepower 4100 Series and Firepower 9300 Security Appliances and of Cisco UCS 6300 Series Fabric Interconnects could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to the improper handling of specific SNMP requests. An attacker could exploit this vulnerability by sending a crafted SNMP request to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. Note: This vulnerability affects all supported SNMP versions. To exploit this vulnerability through SNMPv2c or earlier, an attacker must know the SNMP community string that is configured on an affected device. To exploit this vulnerability through SNMPv3, the attacker must have valid credentials for an SNMP user who is configured on the affected device.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20200]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20200') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fp-ucsfi-snmp-dos-qtv69NAO')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_application_policy_infrastructure_controller [/LEFT][/TD] [TD][LEFT]A vulnerability in the restricted security domain implementation of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to read, modify, or delete non-tenant policies (for example, access policies) created by users associated with a different security domain on an affected system. This vulnerability is due to improper access control when restricted security domains are used to implement multi-tenancy for policies outside the tenant boundaries. An attacker with a valid user account associated with a restricted security domain could exploit this vulnerability. A successful exploit could allow the attacker to read, modify, or delete policies created by users associated with a different security domain. Exploitation is not possible for policies under tenants that an attacker has no authorization to access.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20230]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20230') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-apic-uapa-F4TAShk')[/TD] [/TR] [TR] [TD][LEFT]cisco -- multiple_products [/LEFT][/TD] [TD][LEFT]A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to create a file or overwrite any file on the filesystem of an affected device, including system files. The vulnerability occurs because there is no validation of parameters when a specific CLI command is used. An attacker could exploit this vulnerability by authenticating to an affected device and using the command at the CLI. A successful exploit could allow the attacker to overwrite any file on the disk of the affected device, including system files. The attacker must have valid administrative credentials on the affected device to exploit this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20234]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20234') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fxos-arbitrary-file-BLk6YupL')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy iframe popup plugin td> [TD][CENTER]2023-08-25[/CENTER][/LEFT][/TD][LEFT] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-24394]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24394') [MISC]('https://patchstack.com/database/vulnerability/iframe-popup/wordpress-iframe-popup-plugin-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]esoteric_software -- yamlbeans [/LEFT][/TD] [TD][LEFT]An issue was discovered in Esoteric YamlBeans through 1.15. A crafted YAML document is able perform am XML Entity Expansion attack against YamlBeans YamlReader. By exploiting the Anchor feature in YAML, it is possible to generate a small YAML document that, when read, is expanded to a large size, causing CPU and memory consumption, such as a Java Out-of-Memory exception.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-24620]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24620') [MISC]('https://github.com/Contrast-Security-OSS/yamlbeans/blob/main/SECURITY.md') [MISC]('https://github.com/EsotericSoftware') [MISC]('https://contrastsecurity.com')[/TD] [/TR] [TR] [TD][LEFT]esoteric_software -- yamlbeans [/LEFT][/TD] [TD][LEFT]An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-24621]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24621') [MISC]('https://github.com/Contrast-Security-OSS/yamlbeans/blob/main/SECURITY.md') [MISC]('https://github.com/EsotericSoftware') [MISC]('https://contrastsecurity.com')[/TD] [/TR] [TR] [TD][LEFT]zte -- mf286r [/LEFT][/TD] [TD][LEFT]There is a command injection vulnerability in a mobile internet product of ZTE. Due to insufficient validation of SET_DEVICE_LED interface parameter, an authenticated attacker could use the vulnerability to execute arbitrary commands.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-25649]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25649') [MISC]('https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1032544')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ThemeKraft Post Form plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-25981]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25981') [MISC]('https://patchstack.com/database/vulnerability/buddyforms/wordpress-buddyforms-plugin-2-8-1-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wireshark -- wireshark [/LEFT][/TD] [TD][LEFT]Due to a failure in validating the length provided by an attacker-crafted CP2179 packet, Wireshark versions 2.0.0 through 4.0.7 is susceptible to a divide by zero allowing for a denial of service attack.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-2906]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2906') [MISC]('https://takeonme.org/cves/CVE-2023-2906.html') [MISC]('https://gitlab.com/wireshark/wireshark/-/issues/19229')[/TD] [/TR] [TR] [TD][LEFT]sick_ag -- lms5xx [/LEFT][/TD] [TD][LEFT]The LMS5xx uses weak hash generation methods, resulting in the creation of insecure hashs. If an attacker manages to retrieve the hash, it could lead to collision attacks and the potential retrieval of the password.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-31412]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31412') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf')[/TD] [/TR] [TR] [TD][LEFT]draytek -- vigor2620 [/LEFT][/TD] [TD][LEFT]user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shellcode, and execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-31447]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31447') [MISC]('https://gist.github.com/rrrrrrri/013c9eef64b265af4163478bfcf29ff4') [MISC]('https://draytek.com')[/TD] [/TR] [TR] [TD][LEFT]gravitl -- netmaker [/LEFT][/TD] [TD][LEFT]Netmaker makes networks with WireGuard. Prior to versions 0.17.1 and 0.18.6, hardcoded DNS key usage has been found in Netmaker allowing unauth users to interact with DNS API endpoints. The issue is patched in 0.17.1 and fixed in 0.18.6. If users are using 0.17.1, they should run [ICODE]docker pull gravitl/netmaker:v0.17.1[/ICODE] and [ICODE]docker-compose up -d[/ICODE]. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone who is using version 0.17.1 can pull the latest docker image of the backend and restart the server.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32077]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32077') [MISC]('https://github.com/gravitl/netmaker/pull/2170') [MISC]('https://github.com/gravitl/netmaker/commit/1621c27c1d176b639e9768b2acad7693e387fd51') [MISC]('https://github.com/gravitl/netmaker/commit/9362c39a9a822f0e07361aa7c77af2610597e657') [MISC]('https://github.com/gravitl/netmaker/security/advisories/GHSA-8x8h-hcq8-jwwx')[/TD] [/TR] [TR] [TD][LEFT]gravitl -- netmaker [/LEFT][/TD] [TD][LEFT]Netmaker makes networks with WireGuard. An Insecure Direct Object Reference (IDOR) vulnerability was found in versions prior to 0.17.1 and 0.18.6 in the user update function. By specifying another user's username, it was possible to update the other user's password. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run [ICODE]docker pull gravitl/netmaker:v0.17.1[/ICODE] and [ICODE]docker-compose up -d[/ICODE]. This will switch them to the patched users. If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone using version 0.17.1 can pull the latest docker image of the backend and restart the server.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32078]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32078') [MISC]('https://github.com/gravitl/netmaker/security/advisories/GHSA-256m-j5qw-38f4') [MISC]('https://github.com/gravitl/netmaker/pull/2158') [MISC]('https://github.com/gravitl/netmaker/commit/b3be57c65bf0bbfab43b66853c8e3637a43e2839')[/TD] [/TR] [TR] [TD][LEFT]gravitl -- netmaker [/LEFT][/TD] [TD][LEFT]Netmaker makes networks with WireGuard. A Mass assignment vulnerability was found in versions prior to 0.17.1 and 0.18.6 that allows a non-admin user to escalate privileges to those of an admin user. The issue is patched in 0.17.1 and fixed in 0.18.6. If Users are using 0.17.1, they should run [ICODE]docker pull gravitl/netmaker:v0.17.1[/ICODE] and [ICODE]docker-compose up -d[/ICODE]. This will switch them to the patched users If users are using v0.18.0-0.18.5, they should upgrade to v0.18.6 or later. As a workaround, someone using version 0.17.1 can pull the latest docker image of the backend and restart the server.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32079]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32079') [MISC]('https://github.com/gravitl/netmaker/security/advisories/GHSA-826j-8wp2-4x6q')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WPO365 | Mail Integration for Office 365 / Outlook plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32119]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32119') [MISC]('https://patchstack.com/database/vulnerability/mail-integration-365/wordpress-wpo365-mail-integration-for-office-365-outlook-plugin-1-9-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]walchem -- intuition_9 [/LEFT][/TD] [TD][LEFT]Walchem Intuition 9 firmware versions prior to v4.21 are vulnerable to improper authentication. Login credentials are stored in a format that could allow an attacker to use them as-is to login and gain access to the device.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32202]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32202') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32236]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32236') [MISC]('https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-appointments-booking-calendar-plugin-plugin-1-1-4-cross-site-scripting-xss?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Yoast Yoast SEO: Local plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32300]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32300') [MISC]('https://patchstack.com/database/vulnerability/wpseo-local/wordpress-yoast-seo-local-plugin-14-8-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Bill Minozzi Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32496]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32496') [MISC]('https://patchstack.com/database/vulnerability/stopbadbots/wordpress-block-bad-bots-and-stop-bad-bots-crawlers-and-spiders-and-anti-spam-protection-plugin-7-31-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Supersoju Block Referer Spam plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32497]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32497') [MISC]('https://patchstack.com/database/vulnerability/block-referer-spam/wordpress-block-referer-spam-plugin-1-1-9-4-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Easy Form team Easy Form by AYS plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32498]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32498') [MISC]('https://patchstack.com/database/vulnerability/easy-form/wordpress-easy-form-by-ays-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Tony Zeoli, Tony Hayes Radio Station by netmix® – Manage and play your Show Schedule in WordPress! plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32499') [MISC]('https://patchstack.com/database/vulnerability/radio-station/wordpress-radio-station-plugin-2-4-0-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Arshid Easy Hide Login plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32505]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32505') [MISC]('https://patchstack.com/database/vulnerability/easy-hide-login/wordpress-easy-hide-login-plugin-1-0-7-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin td> [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32509]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32509') [MISC]('https://patchstack.com/database/vulnerability/order-your-posts-manually/wordpress-order-your-posts-manually-plugin-2-2-5-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rolf van Gelder Order Your Posts Manually plugin td> [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32510]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32510') [MISC]('https://patchstack.com/database/vulnerability/order-your-posts-manually/wordpress-order-your-posts-manually-plugin-2-2-5-reflected-cross-site-scripting-xss-vulnerability-2?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Booking Ultra Pro Booking Ultra Pro Appointments Booking Calendar Plugin plugin td> [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32511]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32511') [MISC]('https://patchstack.com/database/vulnerability/booking-ultra-pro/wordpress-booking-ultra-pro-appointments-booking-calendar-plugin-plugin-1-1-4-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GloriaFood Restaurant Menu – Food Ordering System – Table Reservation plugin td> [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32516') [MISC]('https://patchstack.com/database/vulnerability/menu-ordering-reservations/wordpress-restaurant-menu-food-ordering-system-table-reservation-plugin-2-3-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ono Oogami WP Chinese Conversion plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32518]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32518') [MISC]('https://patchstack.com/database/vulnerability/wp-chinese-conversion/wordpress-wp-chinese-conversion-plugin-1-1-16-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]node.js -- node.js [/LEFT][/TD] [TD][LEFT]A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API [ICODE]process.binding()[/ICODE] can bypass the policy mechanism by requiring internal modules and eventually take advantage of [ICODE]process.binding('spawn_sync')[/ICODE] run arbitrary code, outside of the limits defined in a [ICODE]policy.json[/ICODE] file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32559]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32559') [MISC]('https://hackerone.com/reports/1946470')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32575]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32575') [MISC]('https://patchstack.com/database/vulnerability/product-page-shipping-calculator-for-woocommerce/wordpress-product-page-shipping-calculator-for-woocommerce-plugin-1-3-25-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (subscriber+) Stored Cross-Site Scripting') vulnerability in Plainware Locatoraid Store Locator plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32576]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32576') [MISC]('https://patchstack.com/database/vulnerability/locatoraid/wordpress-locatoraid-store-locator-plugin-3-9-18-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eji Osigwe DevBuddy Twitter Feed plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32577]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32577') [MISC]('https://patchstack.com/database/vulnerability/devbuddy-twitter-feed/wordpress-devbuddy-twitter-feed-plugin-4-0-0-cross-site-scripting-xss?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in John Newcombe eBecas plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32584]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32584') [MISC]('https://patchstack.com/database/vulnerability/ebecas/wordpress-ebecas-plugin-3-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Cloud Primero B.V DBargain plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32591]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32591') [MISC]('https://patchstack.com/database/vulnerability/d-bargain/wordpress-dbargain-plugin-3-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Palasthotel by Edward Bock, Katharina Rompf Sunny Search plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32595]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32595') [MISC]('https://patchstack.com/database/vulnerability/fast-search-powered-by-solr/wordpress-sunny-search-plugin-1-0-2-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Wolfgang Ertl weebotLite plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32596]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32596') [MISC]('https://patchstack.com/database/vulnerability/weebotlite/wordpress-weebotlite-plugin-1-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in A. R. Jones Featured Image Pro Post Grid plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32598]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32598') [MISC]('https://patchstack.com/database/vulnerability/featured-image-pro/wordpress-featured-image-pro-post-grid-plugin-5-14-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in RedNao Donations Made Easy – Smart Donations plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32603]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32603') [MISC]('https://patchstack.com/database/vulnerability/smart-donations/wordpress-donations-made-easy-smart-donations-plugin-4-0-12-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]zulip -- zulip [/LEFT][/TD] [TD][LEFT]Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that they used to have access to, if other relevant organization permissions allow these actions. For example, a user may be able to edit or delete their old messages they posted in such a private stream. An administrator will be able to delete old messages (that they had access to) from the private stream. This issue was fixed in Zulip Server version 7.3.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32678]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32678') [MISC]('https://github.com/zulip/zulip/security/advisories/GHSA-q3wg-jm9p-35fj') [MISC]('https://zulip.readthedocs.io/en/latest/overview/changelog.html#zulip-server-7-3')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution video carousel slider with lightbox plugin td> [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32797]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32797') [MISC]('https://patchstack.com/database/vulnerability/wp-responsive-video-gallery-with-lightbox/wordpress-video-carousel-slider-with-lightbox-plugin-1-0-22-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]ibm -- txseries_for_multiplatforms [/LEFT][/TD] [TD][LEFT]IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 257132.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-33850]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33850') [MISC]('https://www.ibm.com/support/pages/node/7022413') [MISC]('https://www.ibm.com/support/pages/node/7022414') [MISC]('https://www.ibm.com/support/pages/node/7010369') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/257132')[/TD] [/TR] [TR] [TD][LEFT]spring -- spring_for_apache_kafka [/LEFT][/TD] [TD][LEFT]In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and earlier, a possible deserialization attack vector existed, but only if unusual configuration was applied. An attacker would have to construct a malicious serialized object in one of the deserialization exception record headers. Specifically, an application is vulnerable when all of the following are true: * The user does not configure an ErrorHandlingDeserializer for the key and/or value of the record * The user explicitly sets container properties checkDeserExWhenKeyNull and/or checkDeserExWhenValueNull container properties to true. * The user allows untrusted sources to publish to a Kafka topic By default, these properties are false, and the container only attempts to deserialize the headers if an ErrorHandlingDeserializer is configured. The ErrorHandlingDeserializer prevents the vulnerability by removing any such malicious headers before processing the record.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34040]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34040') [MISC]('https://spring.io/security/cve-2023-34040')[/TD] [/TR] [TR] [TD][LEFT]m-files -- m-files_web [/LEFT][/TD] [TD][LEFT]Path Traversal issue in M-Files Classic Web versions below 23.6.12695.3 and LTS Service Release Versions before 23.2 LTS SR3 allows authenticated user to read some restricted files on the web server[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3406]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3406') [MISC]('https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3406')[/TD] [/TR] [TR] [TD][LEFT]m-files -- m-files_server [/LEFT][/TD] [TD][LEFT]Out-of-bounds read issue in M-Files Server versions below 23.8.12892.6 and LTS Service Release Versions before 23.2 LTS SR3 allows unauthenticated user to read restricted amount of bytes from memory.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3425]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3425') [MISC]('https://www.m-files.com/about/trust-center/security-advisories/cve-2023-3425')[/TD] [/TR] [TR] [TD][LEFT]etic_telecom -- remote_access_server [/LEFT][/TD] [TD][LEFT]ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3453]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3453') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-01')[/TD] [/TR] [TR] [TD][LEFT]techview -- la-5570 [/LEFT][/TD] [TD][LEFT]An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows attackers to gain sensitive information via /config/system.conf.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34723]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34723') [MISC]('https://www.jaycar.com.au/wireless-gateway-home-automation-controller/p/LA5570') [MISC]('https://www.exploitsecurity.io/post/cve-2023-34723-cve-2023-34724-cve-2023-34725')[/TD] [/TR] [TR] [TD][LEFT]supermicro -- x12dpg-qr [/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34853]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34853') [MISC]('https://www.supermicro.com/en/support/security_BIOS_Aug_2023') [MISC]('https://www.supermicro.com/Bios/softfiles/17136/X12DPG-QR_1.4b_X1.02.61_SUM2.10.0.zip.')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- qts [/LEFT][/TD] [TD][LEFT]An inadequate encryption strength vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to decrypt the data using brute force attacks via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34971]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34971') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-60')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- qts [/LEFT][/TD] [TD][LEFT]A cleartext transmission of sensitive information vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows local network clients to read the contents of unexpected sensitive data via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34972]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34972') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-58')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- qts [/LEFT][/TD] [TD][LEFT]An insufficient entropy vulnerability has been reported to affect QNAP operating systems. If exploited, the vulnerability possibly allows remote users to predict secret via unspecified vectors. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34973]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34973') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-59')[/TD] [/TR] [TR] [TD][LEFT]skale_network_sgxwallet -- skale_network_sgxwallet [/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36198]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36198') [MISC]('https://github.com/skalenetwork/sgxwallet/issues/419')[/TD] [/TR] [TR] [TD][LEFT]skale_network_sgxwallet -- skale_network_sgxwallet [/LEFT][/TD] [TD][LEFT]An issue in skalenetwork sgxwallet v.1.9.0 and below allows an attacker to cause a denial of service via the trustedGenerateEcdsaKey component.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36199]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36199') [MISC]('https://github.com/skalenetwork/sgxwallet/issues/419')[/TD] [/TR] [TR] [TD][LEFT]asustor -- adm [/LEFT][/TD] [TD][LEFT]An Improper Privilege Management vulnerability was found in ASUSTOR Data Master (ADM) allows an unprivileged local users to modify the storage devices configuration. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3699]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3699') [MISC]('https://www.asustor.com/security/security_advisory_detail?id=29')[/TD] [/TR] [TR] [TD][LEFT]aditya_infotech_limited -- cp-plus_dvr [/LEFT][/TD] [TD][LEFT]The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerability could allow the remote attacker to change system time of the targeted device.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3704]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3704') [MISC]('https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0240')[/TD] [/TR] [TR] [TD][LEFT]aditya_infotech_limited -- cp-plus_nvr [/LEFT][/TD] [TD][LEFT]The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based management interface of the affected product. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device. Successful exploitation of this vulnerability could allow the remote attacker to obtain sensitive information on the targeted device.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3705]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3705') [MISC]('https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2023-0239')[/TD] [/TR] [TR] [TD][LEFT]infoblox -- nios [/LEFT][/TD] [TD][LEFT]Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37249]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37249') [CONFIRM]('https://community.infoblox.com/t5/trending-kb-articles/nios-is-vulnerable-to-cve-2023-37249/ba-p/32190') [MISC]('https://infoblox.com')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_airflow [/LEFT][/TD] [TD][LEFT]Apache Airflow, in versions prior to 2.7.0, contains a security vulnerability that can be exploited by an authenticated user possessing Connection edit privileges. This vulnerability allows the user to access connection information and exploit the test connection feature by sending many requests, leading to a denial of service (DoS) condition on the server. Furthermore, malicious actors can leverage this vulnerability to establish harmful connections with the server. Users of Apache Airflow are strongly advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability. Additionally, administrators are encouraged to review and adjust user permissions to restrict access to sensitive functionalities, reducing the attack surface.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37379]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37379') [MISC]('https://github.com/apache/airflow/pull/32052') [MISC]('https://lists.apache.org/thread/g5c9vcn27lr14go48thrjpo6f4vw571r') [MISC]('http://www.openwall.com/lists/oss-security/2023/08/23/4')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37421]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37421') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37422]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37422') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37423]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37423') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host if certain preconditions outside of the attacker's control are met. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the underlying operating system leading to complete system compromise.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37424]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37424') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a stored cross-site scripting (XSS) attack against an administrative user of the interface. A successful exploit allows an attacker to execute arbitrary script code in a victim's browser in the context of the affected interface.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37425]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37425') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]EdgeConnect SD-WAN Orchestrator instances prior to the versions resolved in this advisory were found to have shared static SSH host keys for all installations. This vulnerability could allow an attacker to spoof the SSH host signature and thereby masquerade as a legitimate Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37426]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37426') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability allows an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37427]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37427') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]A vulnerability in the EdgeConnect SD-WAN Orchestrator web-based management interface allows remote authenticated users to run arbitrary commands on the underlying host. A successful exploit could allow an attacker to execute arbitrary commands as root on the underlying operating system leading to complete system compromise.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37428]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37428') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37429]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37429') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37430]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37430') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37431]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37431') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37432]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37432') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37433]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37433') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37434]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37434') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37435]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37435') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37436]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37436') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37437]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37437') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator[/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37438]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37438') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]Multiple vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to conduct SQL injection attacks against the EdgeConnect SD-WAN Orchestrator instance. An attacker could exploit these vulnerabilities to obtain and modify sensitive information in the underlying database potentially leading to the exposure and corruption of sensitive data controlled by the EdgeConnect SD-WAN Orchestrator host.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37439]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37439') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- edgeconnect_sd-wan_orchestrator [/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an unauthenticated remote attacker to conduct a server-side request forgery (SSRF) attack. A successful exploit allows an attacker to enumerate information about the internal structure of the EdgeConnect SD-WAN Orchestrator host leading to potential disclosure of sensitive information.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37440]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37440') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-012.txt')[/TD] [/TR] [TR] [TD][LEFT]icewhaletech -- casaos [/LEFT][/TD] [TD][LEFT]CasaOS is an open-source personal cloud system. Prior to version 0.4.4, if an authenticated user using CasaOS is able to successfully connect to a controlled SMB server, they are able to execute arbitrary commands. Version 0.4.4 contains a patch for the issue.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37469]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37469') [MISC]('https://github.com/IceWhaleTech/CasaOS/blob/96e92842357230098c771bc41fd3baf46189b859/service/connections.go#L58') [MISC]('https://github.com/IceWhaleTech/CasaOS/blob/96e92842357230098c771bc41fd3baf46189b859/route/v1/samba.go#L121') [MISC]('https://github.com/IceWhaleTech/CasaOS/releases/tag/v0.4.4') [MISC]('https://github.com/IceWhaleTech/CasaOS/commit/af440eac5563644854ff33f72041e52d3fd1f47c') [MISC]('https://securitylab.github.com/advisories/GHSL-2022-119_CasaOS/')[/TD] [/TR] [TR] [TD][LEFT]keylime -- keylime [/LEFT][/TD] [TD][LEFT]A flaw was found in the Keylime registrar that could allow a bypass of the challenge-response protocol during agent registration. This issue may allow an attacker to impersonate an agent and hide the true status of a monitored machine if the fake agent is added to the verifier list by a legitimate user, resulting in a breach of the integrity of the registrar database.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38201]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38201') [MISC]('https://access.redhat.com/security/cve/CVE-2023-38201') [MISC]('https://github.com/keylime/keylime/security/advisories/GHSA-f4r5-q63f-gcww') [MISC]('https://github.com/keylime/keylime/commit/9e5ac9f25cd400b16d5969f531cee28290543f2a') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2222693')[/TD] [/TR] [TR] [TD][LEFT]walchem -- intuition_9 [/LEFT][/TD] [TD][LEFT]Walchem Intuition 9 firmware versions prior to v4.21 are missing authentication for some of the API routes of the management web server. This could allow an attacker to download and export sensitive data.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38422]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38422') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-229-04')[/TD] [/TR] [TR] [TD][LEFT]tuleap -- tuleap [/LEFT][/TD] [TD][LEFT]Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 14.11.99.28 and Tuleap Enterprise Edition prior to versions 14.10-6 and 14.11-3, the preview of an artifact link with a type does not respect the project, tracker and artifact level permissions. The issue occurs on the artifact view (not reproducible on the artifact modal). Users might get access to information they should not have access to. Only the title, status, assigned to and last update date fields as defined by the semantics are impacted. If those fields have strict permissions (e.g. the title is only visible to a specific user group) those permissions are still enforced. Tuleap Community Edition 14.11.99.28, Tuleap Enterprise Edition 14.10-6, and Tuleap Enterprise Edition 14.11-3 contain a fix for this issue.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38508]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38508') [MISC]('https://tuleap.net/plugins/tracker/?aid=33608') [MISC]('https://github.com/Enalean/tuleap/security/advisories/GHSA-h637-g4xp-2992') [MISC]('https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=307c1c8044522a2dcc711062b18a3b3f9059a6c3') [MISC]('https://github.com/Enalean/tuleap/commit/307c1c8044522a2dcc711062b18a3b3f9059a6c3')[/TD] [/TR] [TR] [TD][LEFT]cbc_co._ltd. -- multiple_products [/LEFT][/TD] [TD][LEFT]Improper authentication vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38585]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38585') [MISC]('https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice') [MISC]('https://jvn.jp/en/vu/JVNVU92545432/') [MISC]('https://download.ganzsecurity.pl/')[/TD] [/TR] [TR] [TD][LEFT]bento4 -- bento4 [/LEFT][/TD] [TD][LEFT]Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38666]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38666') [MISC]('https://github.com/axiomatic-systems/Bento4/issues/784')[/TD] [/TR] [TR] [TD][LEFT]nasm -- nasm [/LEFT][/TD] [TD][LEFT]Stack-based buffer over-read in function disasm in nasm 2.16 allows attackers to cause a denial of service.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38667]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38667') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392812')[/TD] [/TR] [TR] [TD][LEFT]nasm -- nasm [/LEFT][/TD] [TD][LEFT]Stack-based buffer over-read in disasm in nasm 2.16 allows attackers to cause a denial of service (crash).[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38668]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38668') [MISC]('https://bugzilla.nasm.us/show_bug.cgi?id=3392811')[/TD] [/TR] [TR] [TD][LEFT]libreswan -- libreswan [/LEFT][/TD] [TD][LEFT]An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38710') [MISC]('https://github.com/libreswan/libreswan/tags') [MISC]('https://libreswan.org/security/CVE-2023-38710/')[/TD] [/TR] [TR] [TD][LEFT]libreswan -- libreswan [/LEFT][/TD] [TD][LEFT]An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference causes a crash and restart of the pluto daemon. NOTE: the earliest affected version is 4.6.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38711]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38711') [MISC]('https://github.com/libreswan/libreswan/tags') [MISC]('https://libreswan.org/security/CVE-2023-38711/')[/TD] [/TR] [TR] [TD][LEFT]libreswan -- libreswan [/LEFT][/TD] [TD][LEFT]An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38712]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38712') [MISC]('https://github.com/libreswan/libreswan/tags') [MISC]('https://libreswan.org/security/CVE-2023-38712/')[/TD] [/TR] [TR] [TD][LEFT]rarlabs -- winrar [/LEFT][/TD] [TD][LEFT]RARLabs WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through August 2023.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38831]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38831') [MISC]('https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/') [MISC]('https://www.bleepingcomputer.com/news/security/winrar-zero-day-exploited-since-april-to-hack-trading-accounts/') [MISC]('https://news.ycombinator.com/item?id=37236100')[/TD] [/TR] [TR] [TD][LEFT]uasoft -- badaso [/LEFT][/TD] [TD][LEFT]A stored cross-site scripting (XSS) vulnerability in the Add Tag function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38973]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38973') [MISC]('https://github.com/anh91/uasoft-indonesia--badaso/blob/main/xss5.md')[/TD] [/TR] [TR] [TD][LEFT]uasoft -- badaso [/LEFT][/TD] [TD][LEFT]A stored cross-site scripting (XSS) vulnerability in the Edit Category function of Badaso v2.9.7 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title parameter.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38974]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38974') [MISC]('https://github.com/anh91/uasoft-indonesia--badaso/blob/main/XSS4.md')[/TD] [/TR] [TR] [TD][LEFT]subscription-manager -- subscription-manager [/LEFT][/TD] [TD][LEFT]A vulnerability was found in subscription-manager that allows local privilege escalation due to inadequate authorization. The D-Bus interface com.redhat.RHSM1 exposes a significant number of methods to all users that could change the state of the registration. By using the com.redhat.RHSM1.Config.SetAll() method, a low-privileged local user could tamper with the state of the registration, by unregistering the system or by changing the current entitlements. This flaw allows an attacker to set arbitrary configuration directives for /etc/rhsm/rhsm.conf, which can be abused to cause a local privilege escalation to an unconfined root.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3899]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3899') [MISC]('https://access.redhat.com/errata/RHSA-2023:4705') [MISC]('https://access.redhat.com/errata/RHSA-2023:4706') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2225407') [MISC]('https://access.redhat.com/errata/RHSA-2023:4707') [MISC]('https://access.redhat.com/errata/RHSA-2023:4708') [MISC]('https://access.redhat.com/errata/RHSA-2023:4701') [MISC]('https://access.redhat.com/errata/RHSA-2023:4702') [MISC]('https://access.redhat.com/errata/RHSA-2023:4703') [MISC]('https://access.redhat.com/errata/RHSA-2023:4704') [MISC]('https://access.redhat.com/security/cve/CVE-2023-3899')[/TD] [/TR] [TR] [TD][LEFT]douran -- dsgate [/LEFT][/TD] [TD][LEFT]An issue in all versions of Douran DSGate allows a local authenticated privileged attacker to execute arbitrary code via the debug command.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38996]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38996') [MISC]('https://douran.com/en-US/Dourtal/4797/page/DSGate') [MISC]('https://douran.com/fa-IR/Dourtal/4797/page/DSGate') [MISC]('https://gist.github.com/RNPG/53b579da330ba896aa8dc2d901e5e400')[/TD] [/TR] [TR] [TD][LEFT]filemage -- filemage_gateway [/LEFT][/TD] [TD][LEFT]Directory Traversal vulnerability in FileMage Gateway Windows Deployments v.1.10.8 and before allows a remote attacker to obtain sensitive information via a crafted request to the /mgmt/ component.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39026]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39026') [MISC]('https://raindayzz.com/technicalblog/2023/08/20/FileMage-Vulnerability.html') [MISC]('https://www.filemage.io/docs/updates.html#change-log')[/TD] [/TR] [TR] [TD][LEFT]nacos_group -- nacos_spring_project [/LEFT][/TD] [TD][LEFT]An issue in Nacos Group Nacos Spring Project v.1.1.1 and before allows a remote attacker to execute arbitrary code via the SnakeYamls Constructor() component.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39106]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39106') [MISC]('https://github.com/nacos-group/nacos-spring-project/issues/314')[/TD] [/TR] [TR] [TD][LEFT]webui-aria2 -- webui-aria2 [/LEFT][/TD] [TD][LEFT]webui-aria2 commit 4fe2e was discovered to contain a path traversal vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39141]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39141') [MISC]('https://gist.github.com/JafarAkhondali/528fe6c548b78f454911fb866b23f66e') [MISC]('https://github.com/ziahamza/webui-aria2/blob/109903f0e2774cf948698cd95a01f77f33d7dd2c/node-server.js#L10')[/TD] [/TR] [TR] [TD][LEFT]mitel_networks_corp. -- mivoice_connect [/LEFT][/TD] [TD][LEFT]A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39287]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39287') [MISC]('https://www.mitel.com/support/security-advisories') [MISC]('https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0010')[/TD] [/TR] [TR] [TD][LEFT]mitel_networks_corp. -- mivoice_connect [/LEFT][/TD] [TD][LEFT]A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges and internal network access to conduct a command argument injection due to insufficient parameter sanitization. A successful exploit could allow an attacker to access network information and to generate excessive network traffic.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39288]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39288') [MISC]('https://www.mitel.com/support/security-advisories') [MISC]('https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0011')[/TD] [/TR] [TR] [TD][LEFT]mitel_networks_corp. -- mivoice_connect [/LEFT][/TD] [TD][LEFT]A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39289]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39289') [MISC]('https://www.mitel.com/support/security-advisories') [MISC]('https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0011')[/TD] [/TR] [TR] [TD][LEFT]mitel_networks_corp. -- mivoice_connect [/LEFT][/TD] [TD][LEFT]A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through R19.3 SP3 (22.24.5800.0) could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39290]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39290') [MISC]('https://www.mitel.com/support/security-advisories') [MISC]('https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0012')[/TD] [/TR] [TR] [TD][LEFT]mitel_networks_corp. -- mivoice_connect [/LEFT][/TD] [TD][LEFT]A vulnerability in the Connect Mobility Router component of MiVoice Connect through 9.6.2304.102 could allow an authenticated attacker with elevated privileges to conduct an information disclosure attack due to improper configuration. A successful exploit could allow an attacker to view system information.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39291]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39291') [MISC]('https://www.mitel.com/support/security-advisories') [MISC]('https://www.mitel.com/support/security-advisories/mitel-product-security-advisory-23-0013')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_airflow [/LEFT][/TD] [TD][LEFT]Apache Airflow SMTP Provider before 1.3.0, Apache Airflow IMAP Provider before 3.3.0, and Apache Airflow before 2.7.0 are affected by the Validation of OpenSSL Certificate vulnerability. The default SSL context with SSL library did not check a server's X.509 certificate. Instead, the code accepted any certificate, which could result in the disclosure of mail server credentials or mail contents when the client connects to an attacker in a MITM position. Users are strongly advised to upgrade to Apache Airflow version 2.7.0 or newer, Apache Airflow IMAP Provider version 3.3.0 or newer, and Apache Airflow SMTP Provider version 1.3.0 or newer to mitigate the risk associated with this vulnerability[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39441]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39441') [MISC]('https://github.com/apache/airflow/pull/33075') [MISC]('https://github.com/apache/airflow/pull/33108') [MISC]('https://github.com/apache/airflow/pull/33070') [MISC]('https://lists.apache.org/thread/xzp4wgjg2b1o6ylk2595df8bstlbo1lb') [MISC]('http://www.openwall.com/lists/oss-security/2023/08/23/2')[/TD] [/TR] [TR] [TD][LEFT]fit2cloud -- cloudexplorer_lite [/LEFT][/TD] [TD][LEFT]Cloud Explorer Lite is an open source cloud management platform. Prior to version 1.4.0, there is a risk of sensitive information leakage in the user information acquisition of CloudExplorer Lite. The vulnerability has been fixed in version 1.4.0.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39519]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39519') [MISC]('https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-hh2g-77xq-x4vq') [MISC]('https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.4.0')[/TD] [/TR] [TR] [TD][LEFT]tuleap -- tuleap [/LEFT][/TD] [TD][LEFT]Tuleap is an open source suite to improve management of software developments and collaboration. In Tuleap Community Edition prior to version 14.11.99.28 and Tuleap Enterprise Edition prior to versions 14.10-6 and 14.11-3, content displayed in the "card fields" (visible in the kanban and PV2 apps) is not properly escaped. An agile dashboard administrator deleting a kanban with a malicious label can be forced to execute uncontrolled code. Tuleap Community Edition 14.11.99.28, Tuleap Enterprise Edition 14.10-6, and Tuleap Enterprise Edition 14.11-3 contain a fix for this issue.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39521]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39521') [MISC]('https://github.com/Enalean/tuleap/commit/93d10654b1d95c5bf500204666310418b01b8a8d') [MISC]('https://tuleap.net/plugins/git/tuleap/tuleap/stable?a=commit&h=93d10654b1d95c5bf500204666310418b01b8a8d') [MISC]('https://github.com/Enalean/tuleap/security/advisories/GHSA-h9xc-w7qq-vpfc') [MISC]('https://tuleap.net/plugins/tracker/?aid=33656')[/TD] [/TR] [TR] [TD][LEFT]csz_cms -- csz_cms [/LEFT][/TD] [TD][LEFT]Cross-Site Scripting (XSS) vulnerability in CSZ CMS v.1.3.0 allows attackers to execute arbitrary code via a crafted payload to the Social Settings parameter.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39599]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39599') [MISC]('https://github.com/desencrypt/CVE/blob/main/CVE-2023-39599/Readme.md') [MISC]('https://github.com/desencrypt/CVE/tree/main/CVE-2023-2')[/TD] [/TR] [TR] [TD][LEFT]icewarp_inc. -- icewarp [/LEFT][/TD] [TD][LEFT]IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39600]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39600') [MISC]('http://icewrap.com') [MISC]('https://medium.com/@katikitala.sushmitha078/cross-site-scripting-reflected-xss-in-icewarp-server-cve-2023-39600-310a7e1c8817')[/TD] [/TR] [TR] [TD][LEFT]icewarp_inc. -- icewarp_mail_server [/LEFT][/TD] [TD][LEFT]IceWarp Mail Server v10.4.5 was discovered to contain a local file inclusion (LFI) vulnerability via the component /calendar/minimizer/index.php. This vulnerability allows attackers to include or execute files from the local file system of the targeted server.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39699]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39699') [MISC]('https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion') [MISC]('https://cwe.mitre.org/data/definitions/98.html') [MISC]('https://drive.google.com/file/d/1NkqL4ySJApyPy8B-zDC7vE-QMBQAu8OU')[/TD] [/TR] [TR] [TD][LEFT]icewarp_inc. -- icewarp_mail_server [/LEFT][/TD] [TD][LEFT]IceWarp Mail Server v10.4.5 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the color parameter.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39700]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39700') [MISC]('https://owasp.org/www-project-top-ten/2017/A7_2017-Cross-Site_Scripting_(XSS)') [MISC]('https://drive.google.com/file/d/1QL_517UbTFJox4CXKQpP9fehR1yXRJ-y') [MISC]('https://cwe.mitre.org/data/definitions/79.html')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_and_open_source_inventory_management_system [/LEFT][/TD] [TD][LEFT]A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39707]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39707') [MISC]('https://www.sourcecodester.com/') [MISC]('https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html') [MISC]('https://gist.github.com/Arajawat007/b94d7ce74fcf16014e282a9b525f4555#file-cve-2023-39707')[/TD] [/TR] [TR] [TD][LEFT]giflib-- giflib [/LEFT][/TD] [TD][LEFT]giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39742]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39742') [MISC]('https://gist.github.com/huanglei3/ec9090096aa92445cf0a8baa8e929084') [MISC]('https://sourceforge.net/p/giflib/bugs/166/')[/TD] [/TR] [TR] [TD][LEFT]renault -- easy_link_multimedia_system [/LEFT][/TD] [TD][LEFT]A lack of exception handling in the Renault Easy Link Multimedia System Software Version 283C35519R allows attackers to cause a Denial of Service (DoS) via supplying crafted WMA files when connecting a device to the vehicle's USB plug and play feature.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39801]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39801') [MISC]('https://github.com/zj3t/Automotive-vulnerabilities/blob/main/RENAULT/ZOE_EV_2021/Vuln%232/README.md')[/TD] [/TR] [TR] [TD][LEFT]pbootcms -- pbootcms [/LEFT][/TD] [TD][LEFT]PbootCMS below v3.2.0 was discovered to contain a command injection vulnerability via create_function.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39834]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39834') [MISC]('https://github.com/Pbootcms/Pbootcms/issues/8')[/TD] [/TR] [TR] [TD][LEFT]geonode -- geonode [/LEFT][/TD] [TD][LEFT]GeoNode is an open source platform that facilitates the creation, sharing, and collaborative use of geospatial data. In versions 3.2.0 through 4.1.2, the endpoint [ICODE]/proxy/?url=[/ICODE] does not properly protect against server-side request forgery. This allows an attacker to port scan internal hosts and request information from internal hosts. A patch is available at commit a9eebae80cb362009660a1fd49e105e7cdb499b9.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40017]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40017') [MISC]('https://github.com/GeoNode/geonode/security/advisories/GHSA-rmxg-6qqf-x8mr') [MISC]('https://github.com/GeoNode/geonode/commit/a9eebae80cb362009660a1fd49e105e7cdb499b9')[/TD] [/TR] [TR] [TD][LEFT]rizin -- rizin [/LEFT][/TD] [TD][LEFT]Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.6.0 and prior are vulnerable to integer overflow in [ICODE]consume_count[/ICODE] of [ICODE]src/gnu_v2/cplus-dem.c[/ICODE]. The overflow check is valid logic but, is missing the modulus if the block once compiled. The compiler sees this block as unreachable code since the prior statement is multiplication by 10 and fails to consider overflow assuming the count will always be a multiple of 10. Rizin version 0.6.1 contains a fix for the issue. A temporary workaround would be disabling C++ demangling using the configuration option [ICODE]bin.demangle=false[/ICODE].[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40022]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40022') [MISC]('https://github.com/rizinorg/rz-libdemangle/commit/51d016750e704b27ab8ace23c0f72acabca67018') [MISC]('https://github.com/rizinorg/rz-libdemangle/blob/main/src/gnu_v2/cplus-dem.c#L419') [MISC]('https://github.com/rizinorg/rizin/pull/3753') [MISC]('https://github.com/rizinorg/rizin/security/advisories/GHSA-92h6-wwc2-53cq') [MISC]('https://github.com/rizinorg/rz-libdemangle/pull/54')[/TD] [/TR] [TR] [TD][LEFT]argo_cd -- argo_cd [/LEFT][/TD] [TD][LEFT]Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. All versions of Argo CD starting from version 2.6.0 have a bug where open web terminal sessions do not expire. This bug allows users to send any websocket messages even if the token has already expired. The most straightforward scenario is when a user opens the terminal view and leaves it open for an extended period. This allows the user to view sensitive information even when they should have been logged out already. A patch for this vulnerability has been released in the following Argo CD versions: 2.6.14, 2.7.12 and 2.8.1.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40025]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40025') [MISC]('https://github.com/argoproj/argo-cd/security/advisories/GHSA-c8xw-vjgf-94hr') [MISC]('https://github.com/argoproj/argo-cd/commit/e047efa8f9518c54d00d2e4493b64bc4dba98478')[/TD] [/TR] [TR] [TD][LEFT]rust-lang -- cargo [/LEFT][/TD] [TD][LEFT]Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by [ICODE]cargo build --timings[/ICODE]. A malicious package included as a dependency may inject nearly arbitrary HTML here, potentially leading to cross-site scripting if the report is subsequently uploaded somewhere. The vulnerability affects users relying on dependencies from git, local paths, or alternative registries. Users who solely depend on crates.io are unaffected. Rust 1.60.0 introduced [ICODE]cargo build --timings[/ICODE], which produces a report of how long the different steps of the build process took. It includes lists of Cargo features for each crate. Prior to Rust 1.72, Cargo feature names were allowed to contain almost any characters (with some exceptions as used by the feature syntax), but it would produce a future incompatibility warning about them since Rust 1.49. crates.io is far more stringent about what it considers a valid feature name and has not allowed such feature names. As the feature names were included unescaped in the timings report, they could be used to inject Javascript into the page, for example with a feature name like `features = ["td> [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40030]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40030') [MISC]('https://github.com/rust-lang/cargo/security/advisories/GHSA-wrrj-h57r-vx9p') [MISC]('https://github.com/rust-lang/cargo/commit/9835622853f08be9a4b58ebe29dcec8f43b64b33') [MISC]('https://github.com/rust-lang/cargo/commit/f975722a0eac934c0722f111f107c4ea2f5c4365') [MISC]('https://github.com/rust-lang/cargo/pull/12291')[/TD] [/LEFT][/TD] [/TR] [TD][LEFT][TR] [TD][LEFT]notepad-plus-plus -- notepad-plus-plus [/LEFT][/TD] [TD][LEFT]Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer write overflow in [ICODE]Utf8_16_Read::convert[/ICODE]. This issue may lead to arbitrary code execution. As of time of publication, no known patches are available in existing versions of Notepad++.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40031]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40031') [MISC]('https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/')[/TD] [/TR] [TR] [TD][LEFT]craft_cms -- craft_cms [/LEFT][/TD] [TD][LEFT]Craft is a CMS for creating custom digital experiences on the web and beyond. Bypassing the validatePath function can lead to potential remote code execution. This vulnerability can lead to malicious control of vulnerable systems and data exfiltrations. Although the vulnerability is exploitable only in the authenticated users, configuration with ALLOW_ADMIN_CHANGES=true, there is still a potential security threat (Remote Code Execution). This issue has been patched in version 4.4.15 and version 3.8.15.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40035]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40035') [MISC]('https://github.com/craftcms/cms/security/advisories/GHSA-44wr-rmwq-3phw') [MISC]('https://github.com/craftcms/cms/commit/0bd33861abdc60c93209cff03eeee54504d3d3b5') [MISC]('https://github.com/craftcms/cms/releases/tag/4.4.15') [MISC]('https://github.com/craftcms/cms/releases/tag/3.8.15')[/TD] [/TR] [TR] [TD][LEFT]notepad-plus-plus -- notepad-plus-plus [/LEFT][/TD] [TD][LEFT]Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in [ICODE]CharDistributionAnalysis::HandleOneChar[/ICODE]. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40036]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40036') [MISC]('https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/')[/TD] [/TR] [TR] [TD][LEFT]cbc_co._ltd. -- multiple_products [/LEFT][/TD] [TD][LEFT]OS command injection vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40144]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40144') [MISC]('https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice') [MISC]('https://jvn.jp/en/vu/JVNVU92545432/') [MISC]('https://download.ganzsecurity.pl/')[/TD] [/TR] [TR] [TD][LEFT]cbc_co._ltd. -- multiple_products [/LEFT][/TD] [TD][LEFT]Hidden functionality vulnerability in the CBC products allows a remote authenticated attacker to execute an arbitrary OS command on the device or alter its settings. As for the affected products/versions, see the detailed information provided by the vendor. Note that NR4H, NR8H, NR16H series and DR-16F, DR-8F, DR-4F, DR-16H, DR-8H, DR-4H, DR-4M41 series are no longer supported, therefore updates for those products are not provided.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40158]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40158') [MISC]('https://ganzsecurity.com/release/1578/digimasterpixelmaster-security-notice') [MISC]('https://jvn.jp/en/vu/JVNVU92545432/') [MISC]('https://download.ganzsecurity.pl/')[/TD] [/TR] [TR] [TD][LEFT]notepad-plus-plus -- notepad-plus-plus [/LEFT][/TD] [TD][LEFT]Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in [ICODE]nsCodingStateMachine::NextStater[/ICODE]. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40164]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40164') [MISC]('https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/')[/TD] [/TR] [TR] [TD][LEFT]notepad-plus-plus -- notepad-plus-plus [/LEFT][/TD] [TD][LEFT]Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to heap buffer read overflow in [ICODE]FileManager::detectLanguageFromTextBegining [/ICODE]. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40166]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40166') [MISC]('https://securitylab.github.com/advisories/GHSL-2023-092_Notepad__/')[/TD] [/TR] [TR] [TD][LEFT]xwiki -- xwiki-platform [/LEFT][/TD] [TD][LEFT]XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any registered user can exploit a stored XSS through their user profile by setting the payload as the value of the time zone user preference. Even though the time zone is selected from a drop down (no free text value) it can still be set from JavaScript (using the browser developer tools) or by calling the save URL on the user profile with the right query string. Once the time zone is set it is displayed without escaping which means the payload gets executed for any user that visits the malicious user profile, allowing the attacker to steal information and even gain more access rights (escalation to programming rights). This issue is present since version 4.1M2 when the time zone user preference was introduced. The issue has been fixed in XWiki 14.10.5 and 15.1RC1.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40176]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40176') [MISC]('https://jira.xwiki.org/browse/XWIKI-7847') [MISC]('https://github.com/xwiki/xwiki-platform/commit/d11ca5d781f8a42a85bc98eb82306c1431e764d4') [MISC]('https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-h8cm-3v5f-rgp6')[/TD] [/TR] [TR] [TD][LEFT]xwiki -- xwiki-platform [/LEFT][/TD] [TD][LEFT]XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any registered user can use the content field of their user profile page to execute arbitrary scripts with programming rights, thus effectively performing rights escalation. This issue is present since version 4.3M2 when AppWithinMinutes Application added support for the Content field, allowing any wiki page (including the user profile page) to use its content as an AWM Content field, which has a custom displayer that executes the content with the rights of the [ICODE]AppWithinMinutes.Content[/ICODE] author, rather than the rights of the content author. The vulnerability has been fixed in XWiki 14.10.5 and 15.1RC1. The fix is in the content of the AppWithinMinutes.Content page that defines the custom displayer. By using the [ICODE]display[/ICODE] script service to render the content we make sure that the proper author is used for access rights checks.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40177]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40177') [MISC]('https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-5mf8-v43w-mfxp') [MISC]('https://jira.xwiki.org/browse/XWIKI-7369') [MISC]('https://github.com/xwiki/xwiki-platform/commit/dfb1cde173e363ca5c12eb3654869f9719820262')[/TD] [/TR] [TR] [TD][LEFT]node-saml -- node-saml [/LEFT][/TD] [TD][LEFT]Node-SAML is a SAML library not dependent on any frameworks that runs in Node. The lack of checking of current timestamp allows a LogoutRequest XML to be reused multiple times even when the current time is past the NotOnOrAfter. This could impact the user where they would be logged out from an expired LogoutRequest. In bigger contexts, if LogoutRequests are sent out in mass to different SPs, this could impact many users on a large scale. This issue was patched in version 4.0.5.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40178]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40178') [MISC]('https://github.com/node-saml/node-saml/releases/tag/v4.0.5') [MISC]('https://github.com/node-saml/node-saml/commit/045e3b9c54211fdb95f96edf363679845b195cec') [MISC]('https://github.com/node-saml/node-saml/security/advisories/GHSA-vx8m-6fhw-pccw')[/TD] [/TR] [TR] [TD][LEFT]silverware_games_inc. -- silverware_games [/LEFT][/TD] [TD][LEFT]Silverware Games is a premium social network where people can play games online. Prior to version 1.3.6, the Password Recovery form would throw an error if the specified email was not found in our database. It would only display the "Enter the code" form if the email is associated with a member of the site. Since version 1.3.6, the "Enter the code" form is always returned, showing the message "If the entered email is associated with an account, a code will be sent now". This change prevents potential violators from determining if our site has a user with the specified email.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40179]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40179') [MISC]('https://github.com/mesosoi/silverwaregames-io-issue-tracker/security/advisories/GHSA-789j-chfj-58hr')[/TD] [/TR] [TR] [TD][LEFT]silverware_games_inc. -- silverware_games [/LEFT][/TD] [TD][LEFT]Silverware Games is a premium social network where people can play games online. When using the Recovery form, a noticeably different amount of time passes depending of whether the specified email address presents in our database or not. This has been fixed in version 1.3.7.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40182]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40182') [MISC]('https://github.com/mesosoi/silverwaregames-io-issue-tracker/security/advisories/GHSA-9684-6j5x-ccx9')[/TD] [/TR] [TR] [TD][LEFT]shescape -- shescape [/LEFT][/TD] [TD][LEFT]shescape is simple shell escape library for JavaScript. This may impact users that use Shescape on Windows in a threaded context. The vulnerability can result in Shescape escaping (or quoting) for the wrong shell, thus allowing attackers to bypass protections depending on the combination of expected and used shell. This bug has been patched in version 1.7.4.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40185]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40185') [MISC]('https://github.com/ericcornelissen/shescape/pull/1142') [MISC]('https://github.com/ericcornelissen/shescape/security/advisories/GHSA-j55r-787p-m549') [MISC]('https://github.com/ericcornelissen/shescape/commit/0b976dab645abf45ffd85e74a8c6e51ee2f42d63') [MISC]('https://github.com/ericcornelissen/shescape/releases/tag/v1.7.4')[/TD] [/TR] [TR] [TD][LEFT]python -- python [/LEFT][/TD] [TD][LEFT]An issue was discovered in Python before 3.8.18, 3.9.x before 3.9.18, 3.10.x before 3.10.13, and 3.11.x before 3.11.5. It primarily affects servers (such as HTTP servers) that use TLS client authentication. If a TLS server-side socket is created, receives data into the socket buffer, and then is closed quickly, there is a brief window where the SSLSocket instance will detect the socket as "not connected" and won't initiate a handshake, but buffered data will still be readable from the socket buffer. This data will not be authenticated if the server-side TLS peer is expecting client certificate authentication, and is indistinguishable from valid TLS stream data. Data is limited in size to the amount that will fit in the buffer. (The TLS connection cannot directly be used for data exfiltration because the vulnerable code path requires that the connection be closed on initialization of the SSLSocket.)[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40217]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40217') [CONFIRM]('https://mail.python.org/archives/list/[email protected]/thread/PEPLII27KYHLF4AK3ZQGKYNCRERG4YXY/') [MISC]('https://www.python.org/dev/security/')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_airflow [/LEFT][/TD] [TD][LEFT]The session fixation vulnerability allowed the authenticated user to continue accessing Airflow webserver even after the password of the user has been reset by the admin - up until the expiry of the session of the user. Other than manually cleaning the session database (for database session backend), or changing the secure_key and restarting the webserver, there were no mechanisms to force-logout the user (and all other users with that). With this fix implemented, when using the database session backend, the existing sessions of the user are invalidated when the password of the user is reset. When using the securecookie session backend, the sessions are NOT invalidated and still require changing the secure key and restarting the webserver (and logging out all other users), but the user resetting the password is informed about it with a flash message warning displayed in the UI. Documentation is also updated explaining this behaviour. Users of Apache Airflow are advised to upgrade to version 2.7.0 or newer to mitigate the risk associated with this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40273]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40273') [MISC]('https://github.com/apache/airflow/pull/33347') [MISC]('https://lists.apache.org/thread/9rdmv8ln4y4ncbyrlmjrsj903x4l80nj') [MISC]('https://www.openwall.com/lists/oss-security/2023/08/23/1')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aix [/LEFT][/TD] [TD][LEFT]IBM AIX 7.2, 7.3, VIOS 3.1's OpenSSH implementation could allow a non-privileged local user to access files outside of those allowed due to improper access controls. IBM X-Force ID: 263476.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40371]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40371') [MISC]('https://www.ibm.com/support/pages/node/7028420') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/263476')[/TD] [/TR] [TR] [TD][LEFT]silicon_labs -- arm [/LEFT][/TD] [TD][LEFT]Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Out-of-bounds Write, Download of Code Without Integrity Check vulnerability in Silicon Labs Gecko Bootloader on ARM (Firmware Update File Parser modules) allows Code Injection, Authentication Bypass.This issue affects "Standalone" and "Application" versions of Gecko Bootloader.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4041]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4041') [MISC]('https://siliconlabs.lightning.force.com/sfc/servlet.shepherd/document/download/0698Y00000XT8GsQAL?operationContext=S1')[/TD] [/TR] [TR] [TD][LEFT]ghostscript -- ghostscript [/LEFT][/TD] [TD][LEFT]A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4042]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4042') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2228151') [MISC]('https://access.redhat.com/security/cve/CVE-2023-4042') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=1870257')[/TD] [/TR] [TR] [TD][LEFT]skylark_app_for_android -- skylark_app_for_android [/LEFT][/TD] [TD][LEFT]Improper authorization in handler for custom URL scheme issue in 'Skylark' App for Android 6.2.13 and earlier and 'Skylark' App for iOS 6.2.13 and earlier allows an attacker to lead a user to access an arbitrary website via another application installed on the user's device.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40530]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40530') [MISC]('https://play.google.com/store/apps/details?id=jp.co.skylark.app.gusto') [MISC]('https://apps.apple.com/jp/app/%E3%81%99%E3%81%8B%E3%81%84%E3%82%89%E3%83%BC%E3%81%8F%E3%82%A2%E3%83%97%E3%83%AA/id906930478') [MISC]('https://jvn.jp/en/jp/JVN03447226/')[/TD] [/TR] [TR] [TD][LEFT]datasette -- datasette [/LEFT][/TD] [TD][LEFT]Datasette is an open source multi-tool for exploring and publishing data. This bug affects Datasette instances running a Datasette 1.0 alpha - 1.0a0, 1.0a1, 1.0a2 or 1.0a3 - in an online accessible location but with authentication enabled using a plugin such as datasette-auth-passwords. The [ICODE]/-/api[/ICODE] API explorer endpoint could reveal the names of both databases and tables - but not their contents - to an unauthenticated user. Datasette 1.0a4 has a fix for this issue. This will block access to the API explorer but will still allow access to the Datasette read or write JSON APIs, as those use different URL patterns within the Datasette [ICODE]/database[/ICODE] hierarchy. This issue is patched in version 1.0a4.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40570]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40570') [MISC]('https://github.com/simonw/datasette/security/advisories/GHSA-7ch3-7pp7-7cpq') [MISC]('https://github.com/simonw/datasette/commit/01e0558825b8f7ec17d3b691aa072daf122fcc74')[/TD] [/TR] [TR] [TD][LEFT]weblogic-framework -- weblogic-framework [/LEFT][/TD] [TD][LEFT]weblogic-framework is a tool for detecting weblogic vulnerabilities. Versions 0.2.3 and prior do not verify the returned data packets, and there is a deserialization vulnerability which may lead to remote code execution. When weblogic-framework gets the command echo, it directly deserializes the data returned by the server without verifying it. At the same time, the classloader loads a lot of deserialization calls. In this case, the malicious serialized data returned by the server will cause remote code execution. Version 0.2.4 contains a patch for this issue.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40571]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40571') [MISC]('https://github.com/dream0x01/weblogic-framework/security/advisories/GHSA-hjwj-4f3q-44h3') [MISC]('https://github.com/dream0x01/weblogic-framework/releases/tag/v0.2.4')[/TD] [/TR] [TR] [TD][LEFT]xwiki -- xwiki-platform [/LEFT][/TD] [TD][LEFT]XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The create action is vulnerable to a CSRF attack, allowing script and thus remote code execution when targeting a user with script/programming right, thus compromising the confidentiality, integrity and availability of the whole XWiki installation. When a user with script right views this image and a log message [ICODE]ERROR foo - Script executed![/ICODE] appears in the log, the XWiki installation is vulnerable. This has been patched in XWiki 14.10.9 and 15.4RC1 by requiring a CSRF token for the actual page creation.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40572]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40572') [MISC]('https://github.com/xwiki/xwiki-platform/commit/4b20528808d0c311290b0d9ab2cfc44063380ef7') [MISC]('https://jira.xwiki.org/browse/XWIKI-20849') [MISC]('https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4f8m-7h83-9f6m')[/TD] [/TR] [TR] [TD][LEFT]xwiki -- xwiki-platform [/LEFT][/TD] [TD][LEFT]XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki supports scheduled jobs that contain Groovy scripts. Currently, the job checks the content author of the job for programming right. However, modifying or adding a job script to a document doesn't modify the content author. Together with a CSRF vulnerability in the job scheduler, this can be exploited for remote code execution by an attacker with edit right on the wiki. If the attack is successful, an error log entry with "Job content executed" will be produced. This vulnerability has been patched in XWiki 14.10.9 and 15.4RC1.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40573]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40573') [MISC]('https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-8xhr-x3v8-rghj') [MISC]('https://jira.xwiki.org/browse/XWIKI-20852') [MISC]('https://github.com/xwiki/xwiki-platform/commit/fcdcfed3fe2e8a3cad66ae0610795a2d58ab9662')[/TD] [/TR] [TR] [TD][LEFT]alertmanager -- alertmanager [/LEFT][/TD] [TD][LEFT]Alertmanager handles alerts sent by client applications such as the Prometheus server. An attacker with the permission to perform POST requests on the /api/v1/alerts endpoint could be able to execute arbitrary JavaScript code on the users of Prometheus Alertmanager. This issue has been fixed in Alertmanager version 0.2.51.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40577]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40577') [MISC]('https://github.com/prometheus/alertmanager/security/advisories/GHSA-v86x-5fm3-5p7j')[/TD] [/TR] [TR] [TD][LEFT]openfga -- openfga [/LEFT][/TD] [TD][LEFT]OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. Some end users of OpenFGA v1.3.0 or earlier are vulnerable to authorization bypass when calling the ListObjects API. The vulnerability affects customers using [ICODE]ListObjects[/ICODE] with specific models. The affected models contain expressions of type [ICODE]rel1 from type1[/ICODE]. This issue has been patched in version 1.3.1.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40579]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40579') [MISC]('https://github.com/openfga/openfga/security/advisories/GHSA-jcf2-mxr2-gmqp') [MISC]('https://github.com/openfga/openfga/releases/tag/v1.3.1')[/TD] [/TR] [TR] [TD][LEFT]freighter -- freighter [/LEFT][/TD] [TD][LEFT]Freighter is a Stellar chrome extension. It may be possible for a malicious website to access the recovery mnemonic phrase when the Freighter wallet is unlocked. This vulnerability impacts access control to the mnemonic recovery phrase. This issue was patched in version 5.3.1.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40580]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40580') [MISC]('https://github.com/stellar/freighter/security/advisories/GHSA-vqr6-hwg2-775w') [MISC]('https://github.com/stellar/freighter/commit/81f78ba008c41ce631a3d0f9e4449f4bbd90baee') [MISC]('https://github.com/stellar/freighter/pull/948')[/TD] [/TR] [TR] [TD][LEFT]libp2p -- libp2p [/LEFT][/TD] [TD][LEFT]libp2p is a networking stack and library modularized out of The IPFS Project, and bundled separately for other tools to use. In go-libp2p, by using signed peer records a malicious actor can store an arbitrary amount of data in a remote node’s memory. This memory does not get garbage collected and so the victim can run out of memory and crash. If users of go-libp2p in production are not monitoring memory consumption over time, it could be a silent attack i.e. the attacker could bring down nodes over a period of time (how long depends on the node resources i.e. a go-libp2p node on a virtual server with 4 gb of memory takes about 90 sec to bring down; on a larger server, it might take a bit longer.) This issue was patched in version 0.27.4.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40583]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40583') [MISC]('https://github.com/libp2p/go-libp2p/security/advisories/GHSA-gcq9-qqwx-rgj3') [MISC]('https://github.com/libp2p/go-libp2p/commit/45d3c6fff662ddd6938982e7e9309ad5fa2ad8dd') [MISC]('https://github.com/libp2p/go-libp2p/releases/tag/v0.27.4') [MISC]('https://github.com/libp2p/go-libp2p/releases/tag/v0.27.7')[/TD] [/TR] [TR] [TD][LEFT]ironic-image -- ironic-image [/LEFT][/TD] [TD][LEFT]ironic-image is a container image to run OpenStack Ironic as part of Metal³. Prior to version capm3-v1.4.3, if Ironic is not deployed with TLS and it does not have API and Conductor split into separate services, access to the API is not protected by any authentication. Ironic API is also listening in host network. In case the node is not behind a firewall, the API could be accessed by anyone via network without authentication. By default, Ironic API in Metal3 is protected by TLS and basic authentication, so this vulnerability requires operator to configure API without TLS for it to be vulnerable. TLS and authentication however should not be coupled as they are in versions prior to capm3-v1.4.3. A patch exists in versions capm3-v1.4.3 and newer. Some workarounds are available. Either configure TLS for Ironic API ([ICODE]deploy.sh -t ...[/ICODE], [ICODE]IRONIC_TLS_SETUP=true[/ICODE]) or split Ironic API and Conductor via configuration change (old implementation, not recommended). With both workarounds, services are configured with httpd front-end, which has proper authentication configuration in place.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40585]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40585') [MISC]('https://github.com/metal3-io/ironic-image/commit/f64bb6ce0945bbfb30d9965f98149ea183311de9') [MISC]('https://github.com/metal3-io/ironic-image/security/advisories/GHSA-jwpr-9fwh-m4g7')[/TD] [/TR] [TR] [TD][LEFT]golang -- owasp_coraza_waf [/LEFT][/TD] [TD][LEFT]OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Due to the misuse of [ICODE]log.Fatalf[/ICODE], the application using coraza crashed after receiving crafted requests from attackers. The application will immediately crash after receiving a malicious request that triggers an error in [ICODE]mime.ParseMediaType[/ICODE]. This issue was patched in version 3.0.1.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40586]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40586') [MISC]('https://github.com/corazawaf/coraza/commit/a5239ba3ce839e14d9b4f9486e1b4a403dcade8c') [MISC]('https://github.com/corazawaf/coraza/security/advisories/GHSA-c2pj-v37r-2p6h')[/TD] [/TR] [TR] [TD][LEFT]pylons -- pyramid [/LEFT][/TD] [TD][LEFT]Pyramid is an open source Python web framework. A path traversal vulnerability in Pyramid versions 2.0.0 and 2.0.1 impacts users of Python 3.11 that are using a Pyramid static view with a full filesystem path and have a [ICODE]index.html[/ICODE] file that is located exactly one directory above the location of the static view's file system path. No further path traversal exists, and the only file that could be disclosed accidentally is [ICODE]index.html[/ICODE]. Pyramid version 2.0.2 rejects any path that contains a null-byte out of caution. While valid in directory/file names, we would strongly consider it a mistake to use null-bytes in naming files/directories. Secondly, Python 3.11, and 3.12 has fixed the underlying issue in [ICODE]os.path.normpath[/ICODE] to no longer truncate on the first [ICODE]0x00[/ICODE] found, returning the behavior to pre-3.11 Python, un an as of yet unreleased version. Fixes will be available in:Python 3.12.0rc2 and 3.11.5. Some workarounds are available. Use a version of Python 3 that is not affected, downgrade to Python 3.10 series temporarily, or wait until Python 3.11.5 is released and upgrade to the latest version of Python 3.11 series.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40587]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40587') [MISC]('https://github.com/Pylons/pyramid/commit/347d7750da6f45c7436dd0c31468885cc9343c85') [MISC]('https://github.com/python/cpython/issues/106242') [MISC]('https://github.com/python/cpython/pull/106816') [MISC]('https://github.com/Pylons/pyramid/security/advisories/GHSA-j8g2-6fc7-q8f8')[/TD] [/TR] [TR] [TD][LEFT]mailform_pro_cgi -- mailform_pro_cgi [/LEFT][/TD] [TD][LEFT]Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3.1.3 and earlier, which allows a remote unauthenticated attacker to cause a denial-of-service condition. Affected add-ons are as follows: call/call.js, prefcodeadv/search.cgi, estimate/estimate.js, search/search.js, suggest/suggest.js, and coupon/coupon.js.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40599]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40599') [MISC]('https://www.synck.com/blogs/news/newsroom/detail_1691668841.html') [MISC]('https://jvn.jp/en/jp/JVN86484824/')[/TD] [/TR] [TR] [TD][LEFT]openmns -- horizon [/LEFT][/TD] [TD][LEFT]In OpenMNS Horizon 31.0.8 and versions earlier than 32.0.2, the file editor which is accessible to any user with ROLE_FILESYSTEM_EDITOR privileges is vulnerable to XXE injection attacks. The solution is to upgrade to Meridian 2023.1.5 or Horizon 32.0.2 or newer. Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Erik Wynter for reporting this issue.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40612]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40612') [MISC]('https://github.com/OpenNMS/opennms/pull/6288') [MISC]('https://docs.opennms.com/meridian/2023/releasenotes/changelog.html#releasenotes-changelog-Meridian-2023.1.5')[/TD] [/TR] [TR] [TD][LEFT]opto_22 -- snap_pac_s1 [/LEFT][/TD] [TD][LEFT]There is no limit on the number of login attempts in the web server for the SNAP PAC S1 Firmware version R10.3b. This could allow for a brute-force attack on the built-in web server login.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40706]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40706') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02')[/TD] [/TR] [TR] [TD][LEFT]opto_22 -- snap_pac_s1 [/LEFT][/TD] [TD][LEFT]There are no requirements for setting a complex password in the built-in web server of the SNAP PAC S1 Firmware version R10.3b, which could allow for a successful brute force attack if users don't set up complex credentials.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40707]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40707') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02')[/TD] [/TR] [TR] [TD][LEFT]opto_22 -- snap_pac_s1 [/LEFT][/TD] [TD][LEFT]The File Transfer Protocol (FTP) port is open by default in the SNAP PAC S1 Firmware version R10.3b. This could allow an adversary to access some device files.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40708]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40708') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02')[/TD] [/TR] [TR] [TD][LEFT]opto_22 -- snap_pac_s1 [/LEFT][/TD] [TD][LEFT]An adversary could crash the entire device by sending a large quantity of ICMP requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40709]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40709') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02')[/TD] [/TR] [TR] [TD][LEFT]opto_22 -- snap_pac_s1 [/LEFT][/TD] [TD][LEFT]An adversary could cause a continuous restart loop to the entire device by sending a large quantity of HTTP GET requests if the controller has the built-in web server enabled but does not have the built-in web server completely set up and configured for the SNAP PAC S1 Firmware version R10.3b[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40710') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-02')[/TD] [/TR] [TR] [TD][LEFT]butterfly_button -- butterfly_button [/LEFT][/TD] [TD][LEFT]Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON PROJECT - BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality. This issue affects BUTTERFLY BUTTON: As of 2023-08-21.[/LEFT][/TD] [TD][CENTER]2023-08-21[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40735]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40735') [MISC]('https://www.vulsec.org/advisories') [MISC]('https://github.com/TheButterflyButton') [MISC]('https://github.com/TheButterflySDK') [MISC]('https://github.com/VULSecLabs/Vulnerabilities/blob/main/CVE/CVE-2023-40735.md') [MISC]('https://butterfly-button.web.app/') [MISC]('https://www.butterfly-button.com/')[/TD] [/TR] [TR] [TD][LEFT]phicomm -- k2 [/LEFT][/TD] [TD][LEFT]Phicomm k2 v22.6.529.216 is vulnerable to command injection.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40796]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40796') [MISC]('https://github.com/lst-oss/Vulnerability/tree/main/Phicomm/k2')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac23_firmware [/LEFT][/TD] [TD][LEFT]In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40797]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40797') [MISC]('https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/sub_4781A4')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac23_firmware [/LEFT][/TD] [TD][LEFT]In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40798]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40798') [MISC]('https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/formSetIPv6status-formGetWanParameter')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac23_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC23 Vv16.03.07.45_cn is vulnerable to Buffer Overflow via sub_450A4C function.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40799]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40799') [MISC]('https://github.com/lst-oss/Vulnerability/blob/main/Tenda/AC23/sub_450A4C')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac23_firmware [/LEFT][/TD] [TD][LEFT]The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40800]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40800') [MISC]('https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/compare_parentcontrol_time')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac23_firmware [/LEFT][/TD] [TD][LEFT]The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40801]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40801') [MISC]('https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/sub_451784')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac23_firmware [/LEFT][/TD] [TD][LEFT]The get_parentControl_list_Info function does not verify the parameters entered by the user, causing a post-authentication heap overflow vulnerability in Tenda AC23 v16.03.07.45_cn[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40802]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40802') [MISC]('https://github.com/lst-oss/Vulnerability/tree/main/Tenda/AC23/get_parentControl_list_Info')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter firewallEn at /goform/SetFirewallCfg.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40891]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40891') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/formSetFirewallCfg/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware[/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40892]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40892') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/setSchedEWifi/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter time at /goform/PowerSaveSet.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40893]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40893') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/setSmartPowerManagement/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetStaticRouteCfg.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40894]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40894') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/fromSetStaticRouteCfg/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetVirtualServerCfg.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40895]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40895') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/formSetVirtualSer/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40896]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40896') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/SetIpMacBind/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter mac at /goform/GetParentControlInfo.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40897]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40897') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/GetParentControlInfo/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter timeZone at /goform/SetSysTimeCfg.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40898]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40898') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/SetSysTimeCfg/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40899]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40899') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/formSetMacFilterCfg/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter list at /goform/SetNetControlList.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40900]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40900') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac8/formSetQosBand/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac10v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at url /goform/setMacFilterCfg.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40901]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40901') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac10/fromSetStaticRouteCfg/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac10v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter list and bindnum at /goform/SetIpMacBind.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40902]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40902') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac10/SetIpMacBind/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac10v4_firmware [/LEFT][/TD] [TD][LEFT]Tenda AC10 v4 US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via parameter macFilterType and parameter deviceList at /goform/setMacFilterCfg.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40904]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40904') [MISC]('https://github.com/peris-navince/founded-0-days/blob/main/ac10/formSetMacFilterCfg/1.md')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ax3_firmware [/LEFT][/TD] [TD][LEFT]Tenda AX3 v16.03.12.11 has a stack buffer overflow vulnerability detected at function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40915]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40915') [MISC]('https://github.com/Korey0sh1/IoT_vuln/blob/main/Tenda/AX3/form_fast_setting_wifi_set.md')[/TD] [/TR] [TR] [TD][LEFT]jupilink -- rx4-1500 [/LEFT][/TD] [TD][LEFT]A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41028]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41028') [MISC]('https://blog.exodusintel.com/2023/08/23/juplink-rx4-1500-stack-based-buffer-overflow-vulnerability/')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_tomcat [/LEFT][/TD] [TD][LEFT]URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41080]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41080') [MISC]('https://lists.apache.org/thread/71wvwprtx2j2m54fovq9zr7gbm2wow2f')[/TD] [/TR] [TR] [TD][LEFT]misp -- misp [/LEFT][/TD] [TD][LEFT]An issue was discovered in MISP 2.4.174. In app/Controller/DashboardsController.php, a reflected XSS issue exists via the id parameter upon a dashboard edit.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41098]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41098') [MISC]('https://github.com/MISP/MISP/commit/09fb0cba65eab9341e81f1cbebc2ae10be34a2b7')[/TD] [/TR] [TR] [TD][LEFT]typo3 -- typo3 [/LEFT][/TD] [TD][LEFT]An issue was discovered in the hcaptcha (aka hCaptcha for EXT:form) extension before 2.1.2 for TYPO3. It fails to check that the required captcha field is submitted in the form data. allowing a remote user to bypass the CAPTCHA check.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41100]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41100') [MISC]('https://typo3.org/security/advisory/typo3-ext-sa-2023-007')[/TD] [/TR] [TR] [TD][LEFT]varnish_software -- varnish_enterprise [/LEFT][/TD] [TD][LEFT]libvmod-digest before 1.0.3, as used in Varnish Enterprise 6.0.x before 6.0.11r5, has an out-of-bounds memory access during base64 decoding, leading to both authentication bypass and information disclosure; however, the exact attack surface will depend on the particular VCL (Varnish Configuration Language) configuration in use.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41104]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41104') [MISC]('https://www.varnish-cache.org/security/VSV00012.html') [MISC]('https://docs.varnish-software.com/security/VSV00012/') [MISC]('https://github.com/varnish/libvmod-digest/releases/tag/libvmod-digest-1.0.3')[/TD] [/TR] [TR] [TD][LEFT]python -- python [/LEFT][/TD] [TD][LEFT]An issue was discovered in Python 3.11 through 3.11.4. If a path containing '\0' bytes is passed to os.path.normpath(), the path will be truncated unexpectedly at the first '\0' byte. There are plausible cases in which an application would have rejected a filename for security reasons in Python 3.10.x or earlier, but that filename is no longer rejected in Python 3.11.x.[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41105]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41105') [MISC]('https://github.com/python/cpython/pull/107982') [MISC]('https://github.com/python/cpython/pull/107983') [MISC]('https://github.com/python/cpython/pull/107981') [MISC]('https://github.com/python/cpython/issues/106242') [CONFIRM]('https://mail.python.org/archives/list/[email protected]/thread/D6CDW3ZZC5D444YGL3VQUY6D4ECMCQLD/')[/TD] [/TR] [TR] [TD][LEFT]array_networks -- array_ag_os [/LEFT][/TD] [TD][LEFT]Array AG OS before 9.4.0.499 allows denial of service: remote attackers can cause system service processes to crash through abnormal HTTP operations.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41121]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41121') [MISC]('https://semonto.com/tools/website-reachability-check?test=325b4e588e64536b21664d24640f547') [MISC]('https://support.arraynetworks.net/prx/001/http/supportportal.arraynetworks.net/documentation/FieldNotice/Array_Networks_Security_Advisory_for_Denial_of_Service_ID-144162.pdf')[/TD] [/TR] [TR] [TD][LEFT]webiny -- headless_cms [/LEFT][/TD] [TD][LEFT]@webiny/react-rich-text-renderer before 5.37.2 allows XSS attacks by content managers. This is a react component to render data coming from Webiny Headless CMS and Webiny Form Builder. Webiny is an open-source serverless enterprise CMS. The @webiny/react-rich-text-renderer package depends on the editor.js rich text editor to handle rich text content. The CMS stores rich text content from the editor.js into the database. When the @webiny/react-rich-text-renderer is used to render such content, it uses the dangerouslySetInnerHTML prop, without applying HTML sanitization. The issue arises when an actor, who in this context would specifically be a content manager with access to the CMS, inserts a malicious script as part of the user-defined input. This script is then injected and executed within the user's browser when the main page or admin page loads.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41167]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41167') [MISC]('https://webiny.com') [MISC]('https://github.com/webiny/webiny-js/security/advisories/GHSA-3x59-vrmc-5mx6')[/TD] [/TR] [TR] [TD][LEFT]adguard_dns -- adguard_dns [/LEFT][/TD] [TD][LEFT]AdGuard DNS before 2.2 allows remote attackers to cause a denial of service via malformed UDP packets.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41173]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41173') [MISC]('https://adguard-dns.io/en/versions.html#2.2')[/TD] [/TR] [TR] [TD][LEFT]jetbrains -- teamcity [/LEFT][/TD] [TD][LEFT]In JetBrains TeamCity before 2023.05.3 stored XSS was possible during Cloud Profiles configuration[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41248]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41248') [MISC]('https://www.jetbrains.com/privacy-security/issues-fixed/')[/TD] [/TR] [TR] [TD][LEFT]jetbrains -- teamcity [/LEFT][/TD] [TD][LEFT]In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during copying Build Step[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41249]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41249') [MISC]('https://www.jetbrains.com/privacy-security/issues-fixed/')[/TD] [/TR] [TR] [TD][LEFT]jetbrains -- teamcity [/LEFT][/TD] [TD][LEFT]In JetBrains TeamCity before 2023.05.3 reflected XSS was possible during user registration[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41250]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41250') [MISC]('https://www.jetbrains.com/privacy-security/issues-fixed/')[/TD] [/TR] [TR] [TD][LEFT]trane_technologies -- multiple_products [/LEFT][/TD] [TD][LEFT]A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats allowing an attacker to execute arbitrary commands as root using a specially crafted filename. The vulnerability requires physical access to the device via a USB stick.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4212]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4212') [MISC]('https://https://www.cisa.gov/news-events/ics-advisories/icsa-23-234-02') [MISC]('https://hub.tranetechnologies.com/docs/DOC-216377') [MISC]('https://www.trane.com/commercial/north-america/us/en/contact-us/locate-sales-offices.html')[/TD] [/TR] [TR] [TD][LEFT]moxa -- iologik_4000_series [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in the ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which can be exploited by malicious actors to potentially gain unauthorized access to the product. This could lead to security breaches, data theft, and unauthorized manipulation of sensitive information. The vulnerability is attributed to the presence of an unauthorized service, which could potentially enable unauthorized access to the. device.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4227]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4227') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability')[/TD] [/TR] [TR] [TD][LEFT]moxa -- iologik_4000_series [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4228]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4228') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability')[/TD] [/TR] [TR] [TD][LEFT]moxa -- iologik_4000_series [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, potentially exposing users to security risks. This vulnerability may allow attackers to trick users into interacting with malicious content, leading to unintended actions or unauthorized data disclosures.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4229]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4229') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability')[/TD] [/TR] [TR] [TD][LEFT]moxa -- iologik_4000_series [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in ioLogik 4000 Series (ioLogik E4200) firmware versions v1.6 and prior, which has the potential to facilitate the collection of information on ioLogik 4000 Series devices. This vulnerability may enable attackers to gather information for the purpose of assessing vulnerabilities and potential attack vectors.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4230]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4230') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230310-iologik-4000-series-multiple-web-server-vulnerabilities-and-improper-access-control-vulnerability')[/TD] [/TR] [TR] [TD][LEFT]sick_ag -- lms5xx [/LEFT][/TD] [TD][LEFT]A remote unprivileged attacker can sent multiple packages to the LMS5xx to disrupt its availability through a TCP SYN-based denial-of-service (DDoS) attack. By exploiting this vulnerability, an attacker can flood the targeted LMS5xx with a high volume of TCP SYN requests, overwhelming its resources and causing it to become unresponsive or unavailable for legitimate users.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4418]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4418') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf')[/TD] [/TR] [TR] [TD][LEFT]sick_ag -- lms5xx [/LEFT][/TD] [TD][LEFT]The LMS5xx uses hard-coded credentials, which potentially allow low-skilled unauthorized remote attackers to reconfigure settings and /or disrupt the functionality of the device.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4419]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4419') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf')[/TD] [/TR] [TR] [TD][LEFT]sick_ag -- lms5xx[/LEFT][/TD] [TD][LEFT]A remote unprivileged attacker can intercept the communication via e.g. Man-In-The-Middle, due to the absence of Transport Layer Security (TLS) in the SICK LMS5xx. This lack of encryption in the communication channel can lead to the unauthorized disclosure of sensitive information. The attacker can exploit this weakness to eavesdrop on the communication between the LMS5xx and the Client, and potentially manipulate the data being transmitted.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4420]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4420') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.json') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0007.pdf')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome [/LEFT][/TD] [TD][LEFT]Out of bounds memory access in V8 in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-08-23[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4427]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4427') [MISC]('https://crbug.com/1470668') [MISC]('https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.html') [MISC]('https://www.debian.org/security/2023/dsa-5483')[/TD] [/TR] [TR] [TD][LEFT]asustor -- adm [/LEFT][/TD] [TD][LEFT]An Arbitrary File Movement vulnerability was found in ASUSTOR Data Master (ADM) allows an attacker to exploit the file renaming feature to move files to unintended directories. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.[/LEFT][/TD] [TD][CENTER]2023-08-22[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4475]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4475') [MISC]('https://www.asustor.com/security/security_advisory_detail?id=30')[/TD] [/TR] [TR] [TD][LEFT]mattermost -- mattermost [/LEFT][/TD] [TD][LEFT]Mattermost fails to restrict which parameters' values it takes from the request during signup allowing an attacker to register users as inactive, thus blocking them from later accessing Mattermost without the system admin activating their accounts.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4478]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4478') [MISC]('https://mattermost.com/security-updates')[/TD] [/TR] [TR] [TD][LEFT]gerbv -- gerbv [/LEFT][/TD] [TD][LEFT]A user able to control file input to Gerbv, between versions 2.4.0 and 2.10.0, can cause a crash and cause denial-of-service with a specially crafted Gerber RS-274X file.[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4508]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4508') [MISC]('https://github.com/gerbv/gerbv/commit/dfb5aac533a3f9e8ccd93ca217a753258cba4fe5') [MISC]('https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-4508') [MISC]('https://github.com/gerbv/gerbv/issues/191')[/TD] [/TR] [TR] [TD][LEFT]wireshark -- wireshark [/LEFT][/TD] [TD][LEFT]BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4511]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4511') [MISC]('https://gitlab.com/wireshark/wireshark/-/issues/19258') [MISC]('https://www.wireshark.org/security/wnpa-sec-2023-24.html')[/TD] [/TR] [TR] [TD][LEFT]wireshark -- wireshark [/LEFT][/TD] [TD][LEFT]CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4512]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4512') [MISC]('https://gitlab.com/wireshark/wireshark/-/issues/19144') [MISC]('https://www.wireshark.org/security/wnpa-sec-2023-23.html')[/TD] [/TR] [TR] [TD][LEFT]wireshark -- wireshark [/LEFT][/TD] [TD][LEFT]BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file[/LEFT][/TD] [TD][CENTER]2023-08-24[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4513]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4513') [MISC]('https://www.wireshark.org/security/wnpa-sec-2023-25.html') [MISC]('https://gitlab.com/wireshark/wireshark/-/issues/19259')[/TD] [/TR] [TR] [TD][LEFT]neomind -- fusion_platform [/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as problematic, was found in NeoMind Fusion Platform up to 20230731. Affected is an unknown function of the file /fusion/portal/action/Link. The manipulation of the argument link leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-238026 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4534]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4534') [MISC]('https://vuldb.com/?ctiid.238026') [MISC]('https://vuldb.com/?id.238026') [MISC]('https://l6x.notion.site/PoC-9f23bb9757374f82981de81604500d98?pvs=4')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dar-8000-10 [/LEFT][/TD] [TD][LEFT]A vulnerability was found in D-Link DAR-8000-10 up to 20230809. It has been classified as critical. This affects an unknown part of the file /app/sys1.php. The manipulation of the argument cmd with the input id leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238047. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4542]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4542') [MISC]('https://vuldb.com/?id.238047') [MISC]('https://vuldb.com/?ctiid.238047') [MISC]('https://github.com/PumpkinBridge/cve/blob/main/rce.md')[/TD] [/TR] [TR] [TD][LEFT]ibos -- oa [/LEFT][/TD] [TD][LEFT]A vulnerability was found in IBOS OA 4.5.5. It has been declared as critical. This vulnerability affects unknown code of the file ?r=recruit/contact/export&contactids=x. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238048. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-25[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4543]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4543') [MISC]('https://vuldb.com/?ctiid.238048') [MISC]('https://github.com/spcck/cve/blob/main/sql.md') [MISC]('https://vuldb.com/?id.238048')[/TD] [/TR] [TR] [TD][LEFT]beijing_baichuo -- smart_s85f_management_platform [/LEFT][/TD] [TD][LEFT]A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230809. It has been rated as problematic. This issue affects some unknown processing of the file /config/php.ini. The manipulation leads to direct request. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238049 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-26[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4544]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4544') [MISC]('https://vuldb.com/?ctiid.238049') [MISC]('https://vuldb.com/?id.238049') [MISC]('https://github.com/jo1995hn/cve/blob/main/s856.md')[/TD] [/TR] [TR] [TD][LEFT]ibos -- oa [/LEFT][/TD] [TD][LEFT]A vulnerability was found in IBOS OA 4.5.5. It has been classified as critical. Affected is an unknown function of the file ?r=recruit/bgchecks/export&checkids=x. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238056. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-08-26[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4545]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4545') [MISC]('https://vuldb.com/?ctiid.238056') [MISC]('https://vuldb.com/?id.238056') [MISC]('https://github.com/siyu15/cve/blob/main/sql.md')[/TD] [/TR] [TR] [TD][LEFT]beijing_baichuo -- smart_s85f_management_platform [/LEFT][/TD] [TD][LEFT]A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230816. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /sysmanage/licence.php. The manipulation leads to improper access controls. The exploit has been disclosed to the public and may be used. The identifier VDB-238057 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-26[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4546]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4546') [MISC]('https://vuldb.com/?id.238057') [MISC]('https://vuldb.com/?ctiid.238057') [MISC]('https://github.com/hutianshuai/CVE/blob/main/information_disclosure.md')[/TD] [/TR] [TR] [TD][LEFT]spa-cart_ecommerce_cms -- spa-cart_ecommerce_cms [/LEFT][/TD] [TD][LEFT]A vulnerability was found in SPA-Cart eCommerce CMS 1.9.0.3. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /search. The manipulation of the argument filter[brandid]/filter[price] leads to cross site scripting. The attack may be launched remotely. VDB-238058 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-08-26[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4547]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4547') [MISC]('https://vuldb.com/?id.238058') [MISC]('https://vuldb.com/?ctiid.238058')[/TD] [/TR] [TR] [TD][LEFT]spa-cart_ecommerce_cms -- spa-cart_ecommerce_cms [/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in SPA-Cart eCommerce CMS 1.9.0.3. This affects an unknown part of the file /search of the component GET Parameter Handler. The manipulation of the argument filter[brandid] leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-238059.[/LEFT][/TD] [TD][CENTER]2023-08-26[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4548]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4548') [MISC]('https://vuldb.com/?ctiid.238059') [MISC]('https://vuldb.com/?id.238059')[/TD] [/TR][/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/TABLE][/CENTER] [TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT] [Back to top]('https://www.cisa.gov/uscert/ncas/#top') [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT][TD][LEFT] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD] [/LEFT][/TD]