High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]3ds -- teamwork_cloud_no_magic_release[/LEFT][/TD] [TD][LEFT]A Cross-Site Request Forgery (CSRF) vulnerability affecting Teamwork Cloud from No Magic Release 2021x through No Magic Release 2022x could allow with some very specific conditions an attacker to send a specifically crafted query to the server.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3589&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3589]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3589') [MISC]('https://www.3ds.com/vulnerability/advisories')[/TD] [/TR] [TR] [TD][LEFT]acronis -- agent[/LEFT][/TD] [TD][LEFT]Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Agent (Windows) before build 36497.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45248&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45248]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45248') [MISC]('https://security-advisory.acronis.com/advisories/SEC-6052')[/TD] [/TR] [TR] [TD][LEFT]acronis -- agent[/LEFT][/TD] [TD][LEFT]Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 35895.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45244&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-45244]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45244') [MISC]('https://security-advisory.acronis.com/advisories/SEC-5907')[/TD] [/TR] [TR] [TD][LEFT]acronis -- agent[/LEFT][/TD] [TD][LEFT]Sensitive information disclosure and manipulation due to improper authentication. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36343.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45246&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-45246]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45246') [MISC]('https://security-advisory.acronis.com/advisories/SEC-5903')[/TD] [/TR] [TR] [TD][LEFT]acronis -- agent[/LEFT][/TD] [TD][LEFT]Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36497.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45247&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-45247]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45247') [MISC]('https://security-advisory.acronis.com/advisories/SEC-6600')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the [ICODE]V1/customers/me[/ICODE] endpoint to achieve information exposure and privilege escalation.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38218&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38218]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38218') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim's browser when they browse to the page containing the vulnerable field. Payload is stored in an admin area, resulting in high confidentiality and integrity impact.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][8.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38219&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-38219]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38219') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Authorization vulnerability that could lead in a security feature bypass in a way that an attacker could access unauthorised data. Exploitation of this issue does not require user interaction.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38220&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38220]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38220') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- photoshop_2022[/LEFT][/TD] [TD][LEFT]Adobe Photoshop versions 23.5.5 (and earlier) and 24.7 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26370&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-26370]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26370') [MISC]('https://helpx.adobe.com/security/products/photoshop/apsb23-51.html')[/TD] [/TR] [TR] [TD][LEFT]arm -- mbed_tls[/LEFT][/TD] [TD][LEFT]Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can lead to remote Code execution.[/LEFT][/TD] [TD][CENTER]2023-10-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45199&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45199]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45199') [MISC]('https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-2/')[/TD] [/TR] [TR] [TD][LEFT]arm -- mbed_tls[/LEFT][/TD] [TD][LEFT]Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.[/LEFT][/TD] [TD][CENTER]2023-10-07[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43615&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-43615]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43615') [MISC]('https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2023-10-1/') [FEDORA]('https://lists.fedoraproject.org/archives/list/[email protected]/message/O7SB7L6A56QZALDTOZ6O4X7PTC4I647R/')[/TD] [/TR] [TR] [TD][LEFT]atos -- unify_openscape_4000_manager[/LEFT][/TD] [TD][LEFT]Atos Unify OpenScape 4000 Manager V10 R1 before V10 R1.42.1 and 4000 Manager V10 R0 allow Privilege escalation that may lead to the ability of an authenticated attacker to run arbitrary code via AScm. This is also known as OSFOURK-24034.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45350&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45350]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45350') [MISC]('https://www.news.de/technik/856969401/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-bekannte-schwachstellen-und-sicherheitsluecken/1/') [MISC]('https://networks.unify.com/security/advisories/OBSO-2306-01.pdf')[/TD] [/TR] [TR] [TD][LEFT]atos -- unify_openscape_4000_manager[/LEFT][/TD] [TD][LEFT]Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.42.1, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.42.1, and 4000 Manager V10 R0 allow Authenticated Command Injection via AShbr. This is also known as OSFOURK-24039.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45351&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45351]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45351') [MISC]('https://www.news.de/technik/856969401/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-bekannte-schwachstellen-und-sicherheitsluecken/1/') [MISC]('https://networks.unify.com/security/advisories/OBSO-2306-01.pdf')[/TD] [/TR] [TR] [TD][LEFT]atos -- unify_openscape_4000_manager[/LEFT][/TD] [TD][LEFT]Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 and 4000 and Manager Platform V10 R1 before Hotfix V10 R1.42.2 allow command injection by an authenticated attacker into the platform operating system, leading to administrative access via the webservice. This is also known as OSFOURK-24120.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45355&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45355]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45355') [MISC]('https://networks.unify.com/security/advisories/OBSO-2308-02.pdf') [MISC]('https://www.news.de/technik/857079218/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-betroffene-systeme-und-produkte-neue-versionen-und-updates/1/')[/TD] [/TR] [TR] [TD][LEFT]atos -- unify_openscape_4000_manager[/LEFT][/TD] [TD][LEFT]Atos Unify OpenScape 4000 Platform V10 R1 before Hotfix V10 R1.42.2 4000 and Manager Platform V10 R1 before Hotfix V10 R1.42.2 allow command injection by an authenticated attacker into the platform operating system, leading to administrative access, via dtb pages of the platform portal. This is also known as OSFOURK-23719.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45356&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45356]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45356') [MISC]('https://networks.unify.com/security/advisories/OBSO-2308-02.pdf') [MISC]('https://www.news.de/technik/857079218/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-betroffene-systeme-und-produkte-neue-versionen-und-updates/1/')[/TD] [/TR] [TR] [TD][LEFT]atos -- unify_openscape_4000_manager[/LEFT][/TD] [TD][LEFT]Atos Unify OpenScape 4000 Assistant V10 R1 before V10 R1.34.7, 4000 Assistant V10 R1.42.0, 4000 Assistant V10 R0, 4000 Manager V10 R1 before V10 R1.34.7, 4000 Manager V10 R1.42.0, and 4000 Manager V10 R0 expose sensitive information that may allow lateral movement to the backup system via AShbr. This is also known as OSFOURK-23722.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45349&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-45349]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45349') [MISC]('https://www.news.de/technik/856969401/unify-openscape-4000-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-bekannte-schwachstellen-und-sicherheitsluecken/1/') [MISC]('https://networks.unify.com/security/advisories/OBSO-2306-01.pdf')[/TD] [/TR] [TR] [TD][LEFT]atos -- unify_openscape_common_management[/LEFT][/TD] [TD][LEFT]Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system via a Common Management Portal web interface Path traversal vulnerability allowing write access outside the intended folders. This is also known as OCMP-6592.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45352&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45352]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45352') [MISC]('https://networks.unify.com/security/advisories/OBSO-2306-02.pdf') [MISC]('https://www.news.de/technik/857003738/unify-openscape-common-management-platform-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-update-zu-bekannten-schwachstellen-und-sicherheitsluecken-vom-03-07-2023/1/')[/TD] [/TR] [TR] [TD][LEFT]atos -- unify_openscape_common_management[/LEFT][/TD] [TD][LEFT]Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated attacker to execute arbitrary code on the operating system by leveraging the Common Management Portal web interface for Authenticated remote upload and creation of arbitrary files affecting the underlying operating system. This is also known as OCMP-6591.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45353&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45353]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45353') [MISC]('https://networks.unify.com/security/advisories/OBSO-2306-02.pdf') [MISC]('https://www.news.de/technik/857003738/unify-openscape-common-management-platform-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-update-zu-bekannten-schwachstellen-und-sicherheitsluecken-vom-03-07-2023/1/')[/TD] [/TR] [TR] [TD][LEFT]atos -- unify_openscape_common_management[/LEFT][/TD] [TD][LEFT]Atos Unify OpenScape Common Management Portal V10 before V10 R4.17.0 and V10 R5.1.0 allows an authenticated remote attacker to execute arbitrary code on the operating system by using the Common Management Portal web interface. This is also known as OCMP-6589.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45354&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45354]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45354') [MISC]('https://networks.unify.com/security/advisories/OBSO-2306-02.pdf') [MISC]('https://www.news.de/technik/857003738/unify-openscape-common-management-platform-gefaehrdet-it-sicherheitswarnung-vom-bsi-und-bug-report-update-zu-bekannten-schwachstellen-und-sicherheitsluecken-vom-03-07-2023/1/')[/TD] [/TR] [TR] [TD][LEFT]bainternet -- shortcodes_ui[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Bainternet ShortCodes UI plugin <= 1.9.8 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44994&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44994]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44994') [MISC]('https://patchstack.com/database/vulnerability/shortcodes-ui/wordpress-shortcodes-ui-plugin-1-9-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]biltay_technology -- kayisi [/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Biltay Technology Kayisi allows SQL Injection, Command Line Execution through SQL Injection.This issue affects Kayisi: before 1286.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER][10]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5045&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5045]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5045') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0580')[/TD] [/TR] [TR] [TD][LEFT]biltay_technology -- procost [/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Biltay Technology Procost allows SQL Injection, Command Line Execution through SQL Injection. This issue affects Procost: before 1390.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER][10]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5046&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5046]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5046') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0581')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s45f_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. It has been rated as critical. Affected by this issue is some unknown functionality of the file /sysmanage/updatelib.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241640. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5488&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5488]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5488') [MISC]('https://vuldb.com/?ctiid.241640') [MISC]('https://github.com/llixixi/cve/blob/main/s45_upload_%20updatelib.md') [MISC]('https://vuldb.com/?id.241640')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s45f_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This affects an unknown part of the file /Tool/uploadfile.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-241641 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5489&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5489]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5489') [MISC]('https://vuldb.com/?ctiid.241641') [MISC]('https://github.com/llixixi/cve/blob/main/s45_upload_%20uploadfile.md') [MISC]('https://vuldb.com/?id.241641')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s45f_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This vulnerability affects unknown code of the file /useratte/userattestation.php. The manipulation of the argument web_img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-241642 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5490&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5490]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5490') [MISC]('https://vuldb.com/?ctiid.241642') [MISC]('https://github.com/llixixi/cve/blob/main/s45_upload_%20userattestation.md') [MISC]('https://vuldb.com/?id.241642')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s45f_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. This issue affects some unknown processing of the file /sysmanage/updatelib.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241643. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5491&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5491]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5491') [MISC]('https://vuldb.com/?ctiid.241643') [MISC]('https://github.com/llixixi/cve/blob/main/s45_upload_changelogo.md') [MISC]('https://vuldb.com/?id.241643')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s45f_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928. Affected is an unknown function of the file /sysmanage/licence.php. The manipulation of the argument file_upload leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241644. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5492&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5492]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5492') [MISC]('https://vuldb.com/?id.241644') [MISC]('https://github.com/llixixi/cve/blob/main/s45_upload_licence.md') [MISC]('https://vuldb.com/?ctiid.241644')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s45f_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /useratte/web.php. The manipulation of the argument file_upload leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-241645 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5493&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5493]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5493') [MISC]('https://vuldb.com/?ctiid.241645') [MISC]('https://vuldb.com/?id.241645') [MISC]('https://github.com/llixixi/cve/blob/main/s45_upload_web.md')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s45f_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230928 and classified as critical. Affected by this issue is some unknown functionality of the file /log/download.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-241646 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5494&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5494]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5494') [MISC]('https://vuldb.com/?id.241646') [MISC]('https://github.com/7332all/cve/blob/main/rce_1.md') [MISC]('https://vuldb.com/?ctiid.241646')[/TD] [/TR] [TR] [TD][LEFT]contiki-ng -- contiki-ng[/LEFT][/TD] [TD][LEFT]In Contiki 4.5, TCP ISNs are improperly random.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-27634&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2020-27634]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-27634') [MISC]('https://www.forescout.com') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01') [MISC]('https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dir-820l_firmware[/LEFT][/TD] [TD][LEFT]D-Link DIR-820L 1.05B03 has a stack overflow vulnerability in the cancelPing function.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44807&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44807]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44807') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/Archerber/bug_submit/blob/main/D-Link/DIR-820l/bug2.md')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dph-400se_firmware[/LEFT][/TD] [TD][LEFT]An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43960&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-43960]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43960') [MISC]('https://hackmd.io/@tahaafarooq/dlink-dph-400se-cwe-200') [MISC]('https://www.exploit-db.com/exploits/51709')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dsl-3782_firmware[/LEFT][/TD] [TD][LEFT]An issue found in D-Link DSL-3782 v.1.03 and before allows remote authenticated users to execute arbitrary code as root via the Router IP Address fields of the network settings page.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44959&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44959]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44959') [MISC]('https://github.com/FzBacon/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection/blob/master/CVE-2023-27216_D-Link_DSL-3782_Router_command_injection.md#cve-2023-27216_d-link_dsl-3782_router_command_injection')[/TD] [/TR] [TR] [TD][LEFT]decidim -- decidim[/LEFT][/TD] [TD][LEFT]Decidim is a participatory democracy framework, written in Ruby on Rails, originally developed for the Barcelona City government online and offline participation website. The [ICODE]templates[/ICODE] module doesn't enforce the correct permissions, allowing any logged-in user to access to this functionality in the administration panel. An attacker could use this vulnerability to change, create or delete templates of surveys. This issue has been patched in version 0.26.8 and 0.27.4.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36465&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:L')[/CENTER][/TD] [TD][CVE-2023-36465]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36465') [MISC]('https://github.com/decidim/decidim/releases/tag/v0.26.8') [MISC]('https://github.com/decidim/decidim/security/advisories/GHSA-639h-86hw-qcjq') [MISC]('https://github.com/decidim/decidim/releases/tag/v0.27.4')[/TD] [/TR] [TR] [TD][LEFT]easycorp -- zentao[/LEFT][/TD] [TD][LEFT]An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v.4.7 and before allows an attacker to execute arbitrary code via a crafted script to the Office Conversion Settings function.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44827&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44827]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44827') [MISC]('https://spotted-topaz-6aa.notion.site/Zentao-Authorized-Remote-Code-Execution-Vulnerability-CVE-2023-44827-be731cbe8607496cae35c08cb9ba2436')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip[/LEFT][/TD] [TD][LEFT]When a non-admin user has been assigned an administrator role via an iControl REST PUT request and later the user's role is reverted back to a non-admin role via the Configuration utility, tmsh, or iControl REST. BIG-IP non-admin user can still have access to iControl REST admin resource. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42768&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42768]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42768') [MISC]('https://my.f5.com/manage/s/article/K26910459')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip [/LEFT][/TD] [TD][LEFT]A directory traversal vulnerability exists in the BIG-IP Configuration Utility that may allow an authenticated attacker to execute commands on the BIG-IP system. For BIG-IP system running in Appliance mode, a successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41373&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41373]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41373') [MISC]('https://my.f5.com/manage/s/article/K000135689')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip [/LEFT][/TD] [TD][LEFT]When running in Appliance mode, an authenticated user assigned the Administrator role may be able to bypass Appliance mode restrictions, utilizing BIG-IP external monitor on a BIG-IP system. A successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43746&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-43746]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43746') [MISC]('https://my.f5.com/manage/s/article/K41072952')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip [/LEFT][/TD] [TD][LEFT]An authenticated user's session cookie may remain valid for a limited time after logging out from the BIG-IP Configuration utility on a multi-blade VIPRION platform. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40537&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40537]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40537') [MISC]('https://my.f5.com/manage/s/article/K29141800')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip [/LEFT][/TD] [TD][LEFT]When a client-side HTTP/2 profile and the HTTP MRF Router option are enabled for a virtual server, and an iRule using the HTTP_REQUEST event or Local Traffic Policy are associated with the virtual server, undisclosed requests can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40534&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40534]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40534') [MISC]('https://my.f5.com/manage/s/article/K000133467')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip [/LEFT][/TD] [TD][LEFT]When TCP Verified Accept is enabled on a TCP profile that is configured on a Virtual Server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40542&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40542]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40542') [MISC]('https://my.f5.com/manage/s/article/K000134652')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip [/LEFT][/TD] [TD][LEFT]When IPSec is configured on a Virtual Server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41085&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-41085]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41085') [MISC]('https://my.f5.com/manage/s/article/K000132420')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip_edge_client[/LEFT][/TD] [TD][LEFT]An insufficient verification of data vulnerability exists in BIG-IP Edge Client Installer on macOS that may allow an attacker elevation of privileges during the installation process. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5450&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5450]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5450') [MISC]('https://my.f5.com/manage/s/article/K000135040')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip_edge_client [/LEFT][/TD] [TD][LEFT]The BIG-IP Edge Client Installer on macOS does not follow best practices for elevating privileges during the installation process. This vulnerability is due to an incomplete fix for CVE-2023-38418. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43611&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-43611]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43611') [MISC]('https://my.f5.com/manage/s/article/K000136185')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip_next_spk[/LEFT][/TD] [TD][LEFT]The BIG-IP SPK TMM (Traffic Management Module) f5-debug-sidecar and f5-debug-sshd containers contains hardcoded credentials that may allow an attacker with the ability to intercept traffic to impersonate the SPK Secure Shell (SSH) server on those containers. This is only exposed when ssh debug is enabled. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45226&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-45226]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45226') [MISC]('https://my.f5.com/manage/s/article/K000135874')[/TD] [/TR] [TR] [TD][LEFT]facebook -- tac_plus[/LEFT][/TD] [TD][LEFT]A lack of input validation exists in tac_plus prior to commit 4fdf178 which, when pre or post auth commands are enabled, allows an attacker who can control the username, rem-addr, or NAC address sent to tac_plus to inject shell commands and gain remote code execution on the tac_plus server.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45239&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45239]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45239') [MISC]('https://github.com/facebook/tac_plus/pull/41') [MISC]('https://github.com/facebook/tac_plus/security/advisories/GHSA-p334-5r3g-4vx3') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/X4J7ZYMFZB4G4OU5EDJPQLP6F6RKDGIH/')[/TD] [/TR] [TR] [TD][LEFT]farmacia -- farmacia[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in codeprojects Farmacia 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument usario/senha leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241608.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5471&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5471]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5471') [MISC]('https://github.com/miziha6/cve/blob/main/Farmacia%20System.pdf') [MISC]('https://vuldb.com/?id.241608') [MISC]('https://vuldb.com/?ctiid.241608')[/TD] [/TR] [TR] [TD][LEFT]fnet -- fnet[/LEFT][/TD] [TD][LEFT]In FNET 4.6.3, TCP ISNs are improperly random.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-27633&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2020-27633]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-27633') [MISC]('https://www.forescout.com') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01') [MISC]('https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiadc[/LEFT][/TD] [TD][LEFT]An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions and FortiADC 7.1.0, 7.0.0 through 7.0.3, 6.2 all versions, 6.1 all versions, 6.0 all versions management interface may allow an authenticated attacker with at least READ permissions on system settings to execute arbitrary commands on the underlying shell due to an unsafe usage of the wordexp function.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25607&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-25607]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25607') [MISC]('https://fortiguard.com/psirt/FG-IR-22-352')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiisolator[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiIsolator version 1.0.0, FortiIsolator version 1.1.0, FortiIsolator version 1.2.0 through 1.2.2, FortiIsolator version 2.0.0 through 2.0.1, FortiIsolator version 2.1.0 through 2.1.2, FortiIsolator version 2.2.0, FortiIsolator version 2.3.0 through 2.3.4 allows attacker to execute arbitrary OS commands in the underlying shell via specially crafted input parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-22298&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-22298]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22298') [MISC]('https://fortiguard.com/psirt/FG-IR-21-233')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortimail[/LEFT][/TD] [TD][LEFT]An incorrect authorization vulnerability [CWE-863] in FortiMail webmail version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.5 and below 6.4.7 allows an authenticated attacker to login on other users accounts from the same web domain via crafted HTTP or HTTPs requests.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36556&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36556]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36556') [MISC]('https://fortiguard.com/psirt/FG-IR-23-202')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortimanager[/LEFT][/TD] [TD][LEFT]An improper access control vulnerability [CWE-284] in FortiManager management interface 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions may allow a remote and authenticated attacker with at least "device management" permission on his profile and belonging to a specific ADOM to add and delete CLI script on other ADOMs[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41679&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41679]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41679') [MISC]('https://fortiguard.com/psirt/FG-IR-23-062')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortimanager[/LEFT][/TD] [TD][LEFT]An improper neutralization of special elements used in an os command ('OS Command Injection') vulnerability [CWE-78] in FortiManager & FortiAnalyzer version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.8, version 6.4.0 through 6.4.12 and version 6.2.0 through 6.2.11 may allow a local attacker with low privileges to execute unauthorized code via specifically crafted arguments to a CLI command[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42788&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42788]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42788') [MISC]('https://fortiguard.com/psirt/FG-IR-23-167')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortimanager[/LEFT][/TD] [TD][LEFT]An improper neutralization of special elements used in an os command ('os command injection') in FortiManager 7.4.0 and 7.2.0 through 7.2.3 may allow attacker to execute unauthorized code or commands via FortiManager cli.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41838&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41838]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41838') [MISC]('https://fortiguard.com/psirt/FG-IR-23-169')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortios[/LEFT][/TD] [TD][LEFT]An improper authorization vulnerability in Fortinet FortiOS 7.0.0 - 7.0.11 and 7.2.0 - 7.2.4 allows an attacker belonging to the prof-admin profile to perform elevated actions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41841&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41841]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41841') [MISC]('https://fortiguard.com/psirt/FG-IR-23-318')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortios[/LEFT][/TD] [TD][LEFT]A use of GET request method with sensitive query strings vulnerability in Fortinet FortiOS 7.0.0 - 7.0.12, 7.2.0 - 7.2.5 and 7.4.0 allows an attacker to view plaintext passwords of remote services such as RDP or VNC, if the attacker is able to read the GET requests to those services.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37935&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-37935]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37935') [MISC]('https://fortiguard.com/psirt/FG-IR-23-120')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortios_ips_engine[/LEFT][/TD] [TD][LEFT]A interpretation conflict in Fortinet IPS Engine versions 7.321, 7.166 and 6.158 allows attacker to evade IPS features via crafted TCP packets.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40718&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-40718]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40718') [MISC]('https://fortiguard.com/psirt/FG-IR-23-090')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortisiem[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.0.0 and 6.7.0 through 6.7.5 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.1 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via crafted API requests.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34992&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34992]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34992') [MISC]('https://fortiguard.com/psirt/FG-IR-23-130')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34993&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34993]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34993') [MISC]('https://fortiguard.com/psirt/FG-IR-23-140')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36547&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36547]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36547') [MISC]('https://fortiguard.com/psirt/FG-IR-23-140')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36548&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36548]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36548') [MISC]('https://fortiguard.com/psirt/FG-IR-23-140')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36549&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36549]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36549') [MISC]('https://fortiguard.com/psirt/FG-IR-23-140')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36550&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36550]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36550') [MISC]('https://fortiguard.com/psirt/FG-IR-23-140')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34985&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34985]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34985') [MISC]('https://fortiguard.com/psirt/FG-IR-23-141')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34986&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34986]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34986') [MISC]('https://fortiguard.com/psirt/FG-IR-23-141')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34987&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34987]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34987') [MISC]('https://fortiguard.com/psirt/FG-IR-23-141')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34988&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34988]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34988') [MISC]('https://fortiguard.com/psirt/FG-IR-23-141')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiwlm[/LEFT][/TD] [TD][LEFT]A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34989&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34989]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34989') [MISC]('https://fortiguard.com/psirt/FG-IR-23-141')[/TD] [/TR] [TR] [TD][LEFT]geokit -- geokit-rails[/LEFT][/TD] [TD][LEFT]Versions of the package geokit-rails before 2.5.0 are vulnerable to Command Injection due to unsafe deserialization of YAML within the 'geo_location' cookie. This issue can be exploited remotely via a malicious cookie value. [B]Note:[/B] An attacker can use this vulnerability to execute commands on the host system.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26153&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-26153]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26153') [MISC]('https://gist.github.com/CalumHutton/b7aa1c2e71c8d4386463ac14f686901d') [MISC]('https://github.com/geokit/geokit-rails/blob/master/lib/geokit-rails/ip_geocode_lookup.rb%23L37') [MISC]('https://github.com/geokit/geokit-rails/commit/a93dfe49fb9aeae7164e2f8c4041450a04b5482f') [MISC]('https://security.snyk.io/vuln/SNYK-RUBY-GEOKITRAILS-5920323') [MISC]('https://github.com/geokit/geokit-rails/commit/7ffc5813e57f6f417987043e1039925fd0865c43')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In TBD of TBD, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35646&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35646]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35646') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35647&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35647]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35647') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35648&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35648]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35648') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In killBackgroundProcesses of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21266&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21266]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21266') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/5b7edbf2ba076b04000eb5d27101927eeb609c26') [MISC]('https://source.android.com/security/bulletin/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In phasechecksercer, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40634&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40634]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40634') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In linkturbo, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40635&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40635]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40635') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35652&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-35652]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35652') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In jpg driver, there is a possible use after free due to a logic error. This could lead to remote information disclosure no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40632&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40632]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40632') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Site Isolation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5218&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5218]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5218') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1487110') [MISC]('https://www.debian.org/security/2023/dsa-5526') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/F5QCMP6KKWPDZZLFU7YXSZDHEKOE7BXO/')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5474&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5474]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5474') [MISC]('https://crbug.com/1483194') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Blink History in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5476&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5476]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5476') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1474253') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.2.2.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5520&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-5520]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5520') [MISC]('https://huntr.dev/bounties/681e42d0-18d4-4ebc-aba0-c5b0f77ac74a') [MISC]('https://github.com/gpac/gpac/commit/5692dc729491805e0e5f55c21d50ba1e6b19e88e')[/TD] [/TR] [TR] [TD][LEFT]hansuncms -- hansuncms[/LEFT][/TD] [TD][LEFT]hansun CMS v1.0 was discovered to contain a SQL injection vulnerability via the component /ajax/ajax_login.ashx.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43899&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-43899]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43899') [MISC]('https://gist.github.com/len0m0/9cb2e87cb517db297be1b2f110248295') [MISC]('https://github.com/len0m0/hansuncmssqli/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]hp -- life[/LEFT][/TD] [TD][LEFT]HP LIFE Android Mobile application is potentially vulnerable to escalation of privilege and/or information disclosure.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5365&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5365]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5365') [MISC]('https://support.hp.com/us-en/document/ish_9393937-9393961-16/hpsbgn03870')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]Vulnerability of permissions not being strictly verified in the window management module. Successful exploitation of this vulnerability may cause features to perform abnormally.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44105&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44105]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44105') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]API permission management vulnerability in the Fwk-Display module. Successful exploitation of this vulnerability may cause features to perform abnormally.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44106&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44106]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44106') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]Vulnerability of access permissions not being strictly verified in the APPWidget module. Successful exploitation of this vulnerability may cause some apps to run without being authorized.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44116&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44116]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44116') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]Vulnerability of defects introduced in the design process in the screen projection module. Successful exploitation of this vulnerability may affect service availability and integrity.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44107&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44107]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44107') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]Vulnerability of undefined permissions in the MeeTime module. Successful exploitation of this vulnerability will affect availability and confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44118&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-44118]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44118') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]Type confusion vulnerability in the distributed file module. Successful exploitation of this vulnerability may cause the device to restart.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44108&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-44108]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44108') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]Out-of-bounds array vulnerability in the dataipa module. Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44114&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-44114]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44114') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]Vulnerability of mutual exclusion management in the kernel module. Successful exploitation of this vulnerability will affect availability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44119&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-44119]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44119') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]ibm -- robotic_process_automation[/LEFT][/TD] [TD][LEFT]IBM Robotic Process Automation 23.0.9 is vulnerable to privilege escalation that affects ownership of projects. IBM X-Force ID: 247527.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43058&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-43058]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43058') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/267527') [MISC]('https://www.ibm.com/support/pages/node/7047017')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_directory_suite[/LEFT][/TD] [TD][LEFT]IBM Security Directory Suite 8.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 228568.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33160&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-33160]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33160') [MISC]('https://www.ibm.com/support/pages/node/7047071') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/228568')[/TD] [/TR] [TR] [TD][LEFT]ibm -- spectrum_protect_client/storage_protect[/LEFT][/TD] [TD][LEFT]IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, caused by a DLL hijacking flaw. IBM X-Force ID: 259246.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35897&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35897]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35897') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/259246') [MISC]('https://www.ibm.com/support/pages/node/7037299')[/TD] [/TR] [TR] [TD][LEFT]ietf -- http[/LEFT][/TD] [TD][LEFT]The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44487&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-44487]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44487') [MISC]('https://aws.amazon.com/security/security-bulletins/AWS-2023-011/') [MISC]('https://news.ycombinator.com/item?id=37831062') [MISC]('https://www.phoronix.com/news/HTTP2-Rapid-Reset-Attack') [MISC]('https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack/') [MISC]('https://cloud.google.com/blog/products/identity-security/how-it-works-the-novel-http2-rapid-reset-ddos-attack') [MISC]('https://cloud.google.com/blog/products/identity-security/google-cloud-mitigated-largest-ddos-attack-peaking-above-398-million-rps/') [MISC]('https://www.nginx.com/blog/http-2-rapid-reset-attack-impacting-f5-nginx-products/') [MISC]('https://blog.cloudflare.com/technical-breakdown-http2-rapid-reset-ddos-attack/') [MISC]('https://github.com/bcdannyboy/CVE-2023-44487') [MISC]('https://www.bleepingcomputer.com/news/security/new-http-2-rapid-reset-zero-day-attack-breaks-ddos-records/') [MISC]('https://github.com/eclipse/jetty.project/issues/10679') [MISC]('https://github.com/alibaba/tengine/issues/1872') [MISC]('https://forums.swift.org/t/swift-nio-http2-security-update-cve-2023-44487-http-2-dos/67764') [MISC]('https://github.com/netty/netty/commit/58f75f665aa81a8cbcf6ffa74820042a285c5e61') [MISC]('https://github.com/nghttp2/nghttp2/pull/1961') [MISC]('https://news.ycombinator.com/item?id=37830987') [MISC]('https://news.ycombinator.com/item?id=37830998') [MISC]('https://github.com/envoyproxy/envoy/pull/30055') [MISC]('https://github.com/apache/tomcat/tree/main/java/org/apache/coyote/http2') [MISC]('https://github.com/caddyserver/caddy/issues/5877') [MISC]('https://github.com/haproxy/haproxy/issues/2312') [MISC]('https://github.com/grpc/grpc-go/pull/6703') [MISC]('https://github.com/icing/mod_h2/blob/0a864782af0a942aa2ad4ed960a6b32cd35bcf0a/mod_http2/README.md?plain=1#L239-L244') [MISC]('https://github.com/nghttp2/nghttp2/releases/tag/v1.57.0') [MISC]('https://mailman.nginx.org/pipermail/nginx-devel/2023-October/S36Q5HBXR7CAIMPLLPRSSSYR4PCMWILK.html') [MISC]('https://my.f5.com/manage/s/article/K000137106') [MISC]('https://bugzilla.proxmox.com/show_bug.cgi?id=4988') [MISC]('https://msrc.microsoft.com/blog/2023/10/microsoft-response-to-distributed-denial-of-service-ddos-attacks-against-http/2/') [MISC]('https://cgit.freebsd.org/ports/commit/?id=c64c329c2c1752f46b73e3e6ce9f4329be6629f9') [MISC]('https://gist.github.com/adulau/7c2bfb8e9cdbe4b35a5e131c66a0c088') [MISC]('https://edg.io/lp/blog/resets-leaks-ddos-and-the-tale-of-a-hidden-cve') [MISC]('https://github.com/micrictor/http2-rst-stream') [MISC]('https://github.com/h2o/h2o/security/advisories/GHSA-2m7v-gc89-fjqf') [MISC]('https://github.com/dotnet/announcements/issues/277') [MISC]('https://github.com/apache/trafficserver/pull/10564') [MISC]('https://github.com/facebook/proxygen/pull/466') [MISC]('https://github.com/microsoft/CBL-Mariner/pull/6381') [MISC]('https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo') [MISC]('https://github.com/nodejs/node/pull/50121') [MISC]('https://github.com/h2o/h2o/pull/3291') [MISC]('https://github.com/advisories/GHSA-vx74-f528-fxqg') [MISC]('https://openssf.org/blog/2023/10/10/http-2-rapid-reset-vulnerability-highlights-need-for-rapid-response/') [MISC]('https://github.com/golang/go/issues/63417') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-44487') [MISC]('https://lists.apache.org/thread/5py8h42mxfsn8l1wy6o41xwhsjlsd87q') [MISC]('https://www.openwall.com/lists/oss-security/2023/10/10/6') [MISC]('https://tomcat.apache.org/security-10.html#Fixed_in_Apache_Tomcat_10.1.14') [MISC]('https://seanmonstar.com/post/730794151136935936/hyper-http2-rapid-reset-unaffected') [MISC]('https://github.com/dotnet/core/blob/e4613450ea0da7fd2fc6b61dfb2c1c1dec1ce9ec/release-notes/6.0/6.0.23/6.0.23.md?plain=1#L73') [MISC]('https://github.com/kubernetes/kubernetes/pull/121120') [MISC]('https://github.com/oqtane/oqtane.framework/discussions/3367') [MISC]('https://github.com/opensearch-project/data-prepper/issues/3474') [MISC]('https://github.com/advisories/GHSA-xpw8-rcwv-8f8p') [MISC]('https://www.haproxy.com/blog/haproxy-is-not-affected-by-the-http-2-rapid-reset-attack-cve-2023-44487') [MISC]('https://netty.io/news/2023/10/10/4-1-100-Final.html') [MISC]('https://blog.qualys.com/vulnerabilities-threat-research/2023/10/10/cve-2023-44487-http-2-rapid-reset-attack') [MISC]('https://www.theregister.com/2023/10/10/http2_rapid_reset_zeroday/') [MISC]('https://news.ycombinator.com/item?id=37837043') [MISC]('https://www.cisa.gov/news-events/alerts/2023/10/10/http2-rapid-reset-vulnerability-cve-2023-44487') [MISC]('https://github.com/apache/httpd/blob/afcdbeebbff4b0c50ea26cdd16e178c0d1f24152/modules/http2/h2_mplx.c#L1101-L1113') [MISC]('https://github.com/kazu-yamamoto/http2/issues/93') [MISC]('https://martinthomson.github.io/h2-stream-limits/draft-thomson-httpbis-h2-stream-limits.html') [MISC]('https://github.com/kazu-yamamoto/http2/commit/f61d41a502bd0f60eb24e1ce14edc7b6df6722a1') [DEBIAN]('https://www.debian.org/security/2023/dsa-5522') [DEBIAN]('https://www.debian.org/security/2023/dsa-5521') [MISC]('https://blog.vespa.ai/cve-2023-44487/') [MISC]('https://github.com/tempesta-tech/tempesta/issues/1986') [MISC]('https://ubuntu.com/security/CVE-2023-44487') [MISC]('https://access.redhat.com/security/cve/cve-2023-44487') [MISC]('https://github.com/junkurihara/rust-rpxy/issues/97') [MISC]('https://istio.io/latest/news/security/istio-security-2023-004/') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2242803') [MISC]('https://github.com/etcd-io/etcd/issues/16740') [MISC]('https://community.traefik.io/t/is-traefik-vulnerable-to-cve-2023-44487/20125') [MISC]('https://www.darkreading.com/cloud/internet-wide-zero-day-bug-fuels-largest-ever-ddos-event') [MISC]('https://github.com/advisories/GHSA-qppj-fm5r-hxr3') [MISC]('https://bugzilla.suse.com/show_bug.cgi?id=1216123') [MISC]('https://github.com/ninenines/cowboy/issues/1615') [MISC]('https://github.com/varnishcache/varnish-cache/issues/3996') [MISC]('https://github.com/apache/httpd-site/pull/10') [MISC]('https://github.com/line/armeria/pull/5232') [MISC]('https://github.com/projectcontour/contour/pull/5826') [MISC]('https://github.com/linkerd/website/pull/1695/commits/4b9c6836471bc8270ab48aae6fd2181bc73fd632') [MISC]('https://blog.litespeedtech.com/2023/10/11/rapid-reset-http-2-vulnerablilty/') [MISC]('https://github.com/akka/akka-http/issues/4323') [MISC]('https://github.com/apache/apisix/issues/10320') [MISC]('https://github.com/openresty/openresty/issues/930') [MISC]('https://github.com/Azure/AKS/issues/3947') [MISC]('https://github.com/arkrwn/PoC/tree/main/CVE-2023-44487') [MISC]('https://security.paloaltonetworks.com/CVE-2023-44487') [MISC]('https://www.netlify.com/blog/netlify-successfully-mitigates-cve-2023-44487/') [MISC]('https://github.com/Kong/kong/discussions/11741') [MISC]('https://github.com/caddyserver/caddy/releases/tag/v2.7.5') [MLIST]('https://lists.debian.org/debian-lts-announce/2023/10/msg00020.html') [MLIST]('http://www.openwall.com/lists/oss-security/2023/10/13/4') [MLIST]('http://www.openwall.com/lists/oss-security/2023/10/13/9') [MISC]('https://lists.w3.org/Archives/Public/ietf-http-wg/2023OctDec/0025.html') [MISC]('https://arstechnica.com/security/2023/10/how-ddosers-used-the-http-2-protocol-to-deliver-attacks-of-unprecedented-size/') [FEDORA]('https://lists.fedoraproject.org/archives/list/[email protected]/message/JMEXY22BFG5Q64HQCM5CK2Q7KDKVV4TY/') [MISC]('https://linkerd.io/2023/10/12/linkerd-cve-2023-44487/')[/TD] [/TR] [TR] [TD][LEFT]jetbrains -- ktor[/LEFT][/TD] [TD][LEFT]In JetBrains Ktor before 2.3.5 default configuration of ContentNegotiation with XML format was vulnerable to XXE[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45612&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45612]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45612') [MISC]('https://www.jetbrains.com/privacy-security/issues-fixed/')[/TD] [/TR] [TR] [TD][LEFT]jetbrains -- ktor[/LEFT][/TD] [TD][LEFT]In JetBrains Ktor before 2.3.5 server certificates were not verified[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45613&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-45613]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45613') [MISC]('https://www.jetbrains.com/privacy-security/issues-fixed/')[/TD] [/TR] [TR] [TD][LEFT]kernelsu -- kernelsu[/LEFT][/TD] [TD][LEFT]Incorrect Authorization in GitHub repository tiann/kernelsu prior to v0.6.9.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5521&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5521]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5521') [MISC]('https://huntr.dev/bounties/d438eff7-4e24-45e0-bc75-d3a5b3ab2ea1') [MISC]('https://github.com/tiann/kernelsu/commit/a22959beae1aad96b1f72710a5daadf529c41bda')[/TD] [/TR] [TR] [TD][LEFT]langchain -- langchain_experimental[/LEFT][/TD] [TD][LEFT]langchain_experimental 0.0.14 allows an attacker to bypass the CVE-2023-36258 fix and execute arbitrary code via the PALChain in the python exec method.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44467&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44467]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44467') [MISC]('https://github.com/langchain-ai/langchain/commit/4c97a10bd0d9385cfee234a63b5bd826a295e483')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- ideapad_creator_5-16ach6_firmware[/LEFT][/TD] [TD][LEFT]A potential vulnerability in a driver used during manufacturing process on some consumer Lenovo Notebook devices that was mistakenly not deactivated may allow an attacker with elevated privileges to modify secure boot setting by modifying an NVRAM variable.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3431&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3431]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3431') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-94952')[/TD] [/TR] [TR] [TD][LEFT]libx11 -- libx11[/LEFT][/TD] [TD][LEFT]A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43787&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-43787]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43787') [MISC]('https://access.redhat.com/security/cve/CVE-2023-43787') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2242254')[/TD] [/TR] [TR] [TD][LEFT]mattermost -- mattermost[/LEFT][/TD] [TD][LEFT]Mattermost fails to enforce a limit for the size of the cache entry for OpenGraph data allowing an attacker to send a specially crafted request to the /api/v4/opengraph filling the cache and turning the server unavailable.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5330&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-5330]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5330') [MISC]('https://mattermost.com/security-updates')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in ApiPageSet.php in MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It allows attackers to cause a denial of service (unbounded loop and RequestTimeoutException) when querying pages redirected to other variants with redirects and converttitles set.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45363&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-45363]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45363') [MISC]('https://phabricator.wikimedia.org/T333050') [DEBIAN]('https://www.debian.org/security/2023/dsa-5520')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. There is no rate limit for merging items.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45371&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-45371]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45371') [MISC]('https://phabricator.wikimedia.org/T345064') [MISC]('https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Wikibase/+/961264')[/TD] [/TR] [TR] [TD][LEFT]microchip -- mplab_network_creator[/LEFT][/TD] [TD][LEFT]In Microchip MPLAB Net 3.6.1, TCP ISNs are improperly random.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-27636&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2020-27636]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-27636') [MISC]('https://www.forescout.com') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01') [MISC]('https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_devops_server[/LEFT][/TD] [TD][LEFT]Azure DevOps Server Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36561&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2023-36561]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36561') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36561')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_hdinsights[/LEFT][/TD] [TD][LEFT]Azure HDInsight Apache Oozie Workflow Scheduler Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36419&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36419]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36419') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36419')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_identity_sdk[/LEFT][/TD] [TD][LEFT]Azure Identity SDK Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36414&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36414]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36414') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36414')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_identity_sdk[/LEFT][/TD] [TD][LEFT]Azure Identity SDK Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36415&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36415]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36415') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36415')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_network_watcher[/LEFT][/TD] [TD][LEFT]Azure Network Watcher VM Agent Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36737&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36737]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36737') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36737')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_rtos_guix_studio[/LEFT][/TD] [TD][LEFT]Azure RTOS GUIX Studio Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36418&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36418]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36418') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36418')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server[/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36778&vector=CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36778]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36778') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36778')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- odbc_driver_for_sql_server[/LEFT][/TD] [TD][LEFT]Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36785&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36785]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36785') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36785')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office[/LEFT][/TD] [TD][LEFT]Microsoft Office Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36569&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36569]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36569') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36569')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office[/LEFT][/TD] [TD][LEFT]Microsoft Office Graphics Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36565&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36565]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36565') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36565')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office[/LEFT][/TD] [TD][LEFT]Microsoft Office Click-To-Run Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36568&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36568]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36568') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36568')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- skype_for_business_server[/LEFT][/TD] [TD][LEFT]Skype for Business Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36780&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36780]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36780') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36780')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- skype_for_business_server[/LEFT][/TD] [TD][LEFT]Skype for Business Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36786&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36786]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36786') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36786')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- skype_for_business_server[/LEFT][/TD] [TD][LEFT]Skype for Business Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36789&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36789]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36789') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36789')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sql_server[/LEFT][/TD] [TD][LEFT]Microsoft SQL OLE DB Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36417&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36417]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36417') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36417')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sql_server[/LEFT][/TD] [TD][LEFT]Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36420&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36420]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36420') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36420')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sql_server[/LEFT][/TD] [TD][LEFT]Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36730&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36730]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36730') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36730')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35349&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35349]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35349') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35349')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows IIS Server Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36434&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36434]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36434') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36434')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36577&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36577]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36577') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36577')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38166&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38166]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38166') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38166')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41765&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41765]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41765') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41765')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41767&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41767]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41767') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41767')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41768&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41768]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41768') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41768')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41769&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41769]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41769') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41769')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41770&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41770]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41770') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41770')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41771&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41771]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41771') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41771')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41773&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41773]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41773') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41773')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Layer 2 Tunneling Protocol Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41774&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41774]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41774') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41774')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36697&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36697]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36697') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36697')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Graphics Component Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36594&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36594]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36594') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36594')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36598&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36598]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36598') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36598')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft DirectMusic Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36702&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36702]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36702') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36702')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Media Foundation Core Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36710&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36710') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36710')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Internet Key Exchange (IKE) Extension Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36726&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36726]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36726') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36726')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Win32k Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36731&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36731]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36731') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36731')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Win32k Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36732&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36732]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36732') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36732')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Win32k Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36743&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36743]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36743') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36743')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36790&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36790]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36790') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36790')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41766&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41766]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41766') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41766')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Remote Desktop Gateway (RD Gateway) Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-29348&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-29348]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29348') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29348')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36431&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36431]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36431') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36431')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows TCP/IP Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36438&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36438]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36438') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36438')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Deployment Services Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36567&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36567]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36567') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36567')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36579&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36579]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36579') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36579')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36581&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36581]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36581') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36581')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Active Template Library Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36585&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36585]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36585') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36585')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows TCP/IP Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36602&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36602]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36602') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36602')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36606&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36606]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36606') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36606')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]DHCP Server Service Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36703&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36703]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36703') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36703')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36570&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36570]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36570') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36570')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36571&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36571]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36571') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36571')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36572&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36572]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36572') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36572')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36573&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36573]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36573') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36573')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36574&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36574]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36574') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36574')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36575&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36575]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36575') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36575')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36578&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36578]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36578') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36578')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36582&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36582]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36582') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36582')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36583&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36583]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36583') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36583')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36589&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36589]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36589') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36589')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36590&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36590]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36590') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36590')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36591&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36591]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36591') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36591')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36592&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36592]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36592') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36592')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft Message Queuing Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36593&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36593]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36593') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36593')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Win32k Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36776&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36776]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36776') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36776')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows MSHTML Platform Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36436&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36436]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36436') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36436')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36701&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36701]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36701') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36701')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows Runtime C++ Template Library Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36711&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36711]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36711') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36711')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows Kernel Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36712&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36712]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36712') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36712')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Named Pipe File System Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36729&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36729]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36729') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36729')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Remote Procedure Call Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36596&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36596]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36596') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36596')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows Deployment Services Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36707&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36707]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36707') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36707')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2016[/LEFT][/TD] [TD][LEFT]PrintHTML API Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36557&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36557]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36557') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36557')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2016[/LEFT][/TD] [TD][LEFT]Microsoft Virtual Trusted Platform Module Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36718&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36718]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36718') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36718')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2016[/LEFT][/TD] [TD][LEFT]Microsoft AllJoyn API Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36709&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36709]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36709') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36709')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2016[/LEFT][/TD] [TD][LEFT]Windows Mixed Reality Developer Tools Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36720&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36720]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36720') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36720')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2016[/LEFT][/TD] [TD][LEFT]Windows Runtime Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36902&vector=CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36902]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36902') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36902')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2016[/LEFT][/TD] [TD][LEFT]Windows Graphics Component Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38159&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38159]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38159') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38159')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Named Pipe Filesystem Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36605&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36605]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36605') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36605')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Setup Files Cleanup Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36704&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36704]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36704') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36704')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Container Manager Service Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36723&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36723]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36723') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36723')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Kernel Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36725&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36725]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36725') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36725')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Win32k Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41772&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41772]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41772') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41772')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows TCP/IP Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36603&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36603]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36603') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36603')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Error Reporting Service Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36721&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36721]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36721') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36721')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2022[/LEFT][/TD] [TD][LEFT]Microsoft QUIC Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36435&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36435]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36435') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36435')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2022[/LEFT][/TD] [TD][LEFT]Microsoft QUIC Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38171&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38171]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38171') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38171')[/TD] [/TR] [TR] [TD][LEFT]moosocial -- moosocial[/LEFT][/TD] [TD][LEFT]Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44811&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44811]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44811') [MISC]('https://github.com/ahrixia/CVE-2023-44811')[/TD] [/TR] [TR] [TD][LEFT]netis-systems -- n3m_firmware[/LEFT][/TD] [TD][LEFT]An issue in NETIS SYSTEMS N3Mv2 v.1.0.1.865 allows a remote attacker to cause a denial of service via the authorization component in the HTTP request.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44860&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-44860]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44860') [MISC]('https://github.com/adhikara13/CVE/blob/main/netis_N3/Improper%20Authentication%20Mechanism%20Leading%20to%20Denial-of-Service%20(DoS).md')[/TD] [/TR] [TR] [TD][LEFT]openmct -- openmct[/LEFT][/TD] [TD][LEFT]In NASA Open MCT (aka openmct) before 3.1.0, prototype pollution can occur via an import action.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45282&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-45282]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45282') [MISC]('https://github.com/nasa/openmct/pull/7094/commits/545a1770c523ecc3410dca884c6809d5ff0f9d52') [MISC]('https://nasa.github.io/openmct/') [MISC]('https://www.linkedin.com/pulse/prototype-pollution-nasas-open-mct-cve-2023-45282') [CONFIRM]('https://github.com/nasa/openmct/compare/v3.0.2...v3.1.0')[/TD] [/TR] [TR] [TD][LEFT]opentelemetry -- opentelemetry[/LEFT][/TD] [TD][LEFT]OpenTelemetry, also known as OTel for short, is a vendor-neutral open-source Observability framework for instrumenting, generating, collecting, and exporting telemetry data such as traces, metrics, logs. Autoinstrumentation out of the box adds the label [ICODE]http_method[/ICODE] that has unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent. HTTP method for requests can be easily set by an attacker to be random and long. In order to be affected program has to be instrumented for HTTP handlers and does not filter any unknown HTTP methods on the level of CDN, LB, previous middleware, etc. This issue has been patched in version 0.41b0.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43810&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-43810]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43810') [MISC]('https://github.com/open-telemetry/opentelemetry-python-contrib/releases/tag/v0.41b0') [MISC]('https://github.com/open-telemetry/opentelemetry-python-contrib/commit/6007e0c013071e7f8b9612d3bc68aeb9d600d74e') [MISC]('https://github.com/open-telemetry/opentelemetry-python-contrib/security/advisories/GHSA-5rv5-6h4r-h22v')[/TD] [/TR] [TR] [TD][LEFT]oryx-embedded -- cyclonetcp[/LEFT][/TD] [TD][LEFT]In Oryx CycloneTCP 1.9.6, TCP ISNs are improperly random.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-27631&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-27631]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-27631') [MISC]('https://www.forescout.com') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01') [MISC]('https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/')[/TD] [/TR] [TR] [TD][LEFT]phpjabbers -- appointment_scheduler[/LEFT][/TD] [TD][LEFT]User enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36127&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36127]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36127') [MISC]('https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4')[/TD] [/TR] [TR] [TD][LEFT]picotcp -- picotcp[/LEFT][/TD] [TD][LEFT]In PicoTCP 1.7.0, TCP ISNs are improperly random.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-27635&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2020-27635]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-27635') [MISC]('https://www.forescout.com') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01') [MISC]('https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/')[/TD] [/TR] [TR] [TD][LEFT]plain_craft_launcher_2 -- plain_craft_launcher_2[/LEFT][/TD] [TD][LEFT]Directory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information.[/LEFT][/TD] [TD][CENTER]2023-10-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36123&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36123]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36123') [MISC]('https://github.com/9Bakabaka/CVE-2023-36123') [MISC]('https://gist.github.com/9Bakabaka/d4559b081ce0577dbf415917afc0efb5')[/TD] [/TR] [TR] [TD][LEFT]puppet -- bolt[/LEFT][/TD] [TD][LEFT]In Puppet Bolt versions prior to 3.27.4, a path to escalate privileges was identified.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5214&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5214]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5214') [MISC]('https://www.puppet.com/security/cve/cve-2023-5255-denial-service-revocation-auto-renewed-certificates')[/TD] [/TR] [TR] [TD][LEFT]qnap -- multiple_products[/LEFT][/TD] [TD][LEFT]A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32971&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32971]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32971') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-37')[/TD] [/TR] [TR] [TD][LEFT]qnap -- multiple_products[/LEFT][/TD] [TD][LEFT]A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32972&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32972]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32972') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-37')[/TD] [/TR] [TR] [TD][LEFT]sangfor -- next-gen_application_firewall[/LEFT][/TD] [TD][LEFT]The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authentication bypass vulnerability. A remote and unauthenticated attacker can bypass authentication and access administrative functionality by sending HTTP requests using a crafted Y-forwarded-for header.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30803&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30803]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30803') [MISC]('https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4') [MISC]('https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/') [MISC]('https://vulncheck.com/advisories/sangfor-ngaf-auth-bypass')[/TD] [/TR] [TR] [TD][LEFT]sangfor -- next-gen_application_firewall[/LEFT][/TD] [TD][LEFT]The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /LogInOut.php endpoint. This is due to mishandling of shell meta-characters in the "un" parameter.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30805&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30805]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30805') [MISC]('https://vulncheck.com/advisories/sangfor-ngaf-username-rce') [MISC]('https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4') [MISC]('https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/')[/TD] [/TR] [TR] [TD][LEFT]sangfor -- next-gen_application_firewall[/LEFT][/TD] [TD][LEFT]The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system command injection vulnerability. A remote and unauthenticated attacker can execute arbitrary commands by sending a crafted HTTP POST request to the /cgi-bin/login.cgi endpoint. This is due to mishandling of shell meta-characters in the PHPSESSID cookie.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30806&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30806]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30806') [MISC]('https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4') [MISC]('https://vulncheck.com/advisories/sangfor-ngaf-sessid-rce') [MISC]('https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/')[/TD] [/TR] [TR] [TD][LEFT]sap -- powerdesigner[/LEFT][/TD] [TD][LEFT]SAP PowerDesigner Client - version 16.7, does not sufficiently validate BPMN2 XML document imported from an untrusted source. As a result, URLs of external entities in BPMN2 file, although not used, would be accessed during import. A successful attack could impact availability of SAP PowerDesigner Client.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40310&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40310]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40310') [MISC]('https://me.sap.com/notes/3357154') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]seacms -- seacms[/LEFT][/TD] [TD][LEFT]An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ notify.php component.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44846&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44846]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44846') [MISC]('https://blog.csdn.net/2301_79997870/article/details/133365547?spm=1001.2014.3001.5501') [MISC]('https://blog.csdn.net/2301_79997870/article/details/133661890?spm=1001.2014.3001.5502')[/TD] [/TR] [TR] [TD][LEFT]seacms -- seacms[/LEFT][/TD] [TD][LEFT]An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_template.php component.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44848&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44848]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44848') [MISC]('https://blog.csdn.net/2301_79997870/article/details/133661890?spm=1001.2014.3001.5502')[/TD] [/TR] [TR] [TD][LEFT]seacms -- seacms[/LEFT][/TD] [TD][LEFT]An issue in SeaCMS v.12.8 allows an attacker to execute arbitrary code via the admin_ Weixin.php component.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44847&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44847]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44847') [MISC]('https://blog.csdn.net/2301_79997870/article/details/133661890?spm=1001.2014.3001.5502')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Improper Access Control in SICK APU allows an unprivileged remote attacker to download as well as upload arbitrary files via anonymous access to the FTP server.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43696&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-43696]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43696') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Improper Restriction of Excessive Authentication Attempts in RDT400 in SICK APU allows an unprivileged remote attacker to guess the password via trial-and-error as the login attempts are not limited.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43699&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-43699]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43699') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Missing Authorization in RDT400 in SICK APU allows an unprivileged remote attacker to modify data via HTTP requests that no not require authentication.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43700&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-43700]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43700') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]siemens -- multiple_products[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11 (only with activated debug support)). The affected devices contain a hard-coded ID in the SSH [ICODE]authorized_keys[/ICODE] configuration file. An attacker with knowledge of the corresponding private key could login to the device via SSH. Only devices with activated debug support are affected.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36380&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36380]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36380') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-134651.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- multiple_products [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11), CP-8050 MASTER MODULE (All versions < CPCI85 V05.11). The web server of affected devices fails to properly sanitize user input for the /sicweb-ajax/tmproot/ endpoint. This could allow an authenticated remote attacker to traverse directories on the system and download arbitrary files. By exploring active session IDs, the vulnerability could potentially be leveraged to escalate privileges to the administrator role.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42796&vector=CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42796]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42796') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-770890.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- sicam_pas/pqs[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.20). The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges to [ICODE]NT AUTHORITY/SYSTEM[/ICODE].[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45205&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45205]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45205') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-035466.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simcenter_amesim[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Simcenter Amesim (All versions < V2021.1). The affected application contains a SOAP endpoint that could allow an unauthenticated remote attacker to perform DLL injection and execute arbitrary code in the context of the affected application process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43625&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-43625]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43625') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-386812.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- sinec_nms [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application assigns improper access rights to specific folders containing executable files and libraries. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30527&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30527]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30527') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-160243.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- sinema_server [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SINEMA Server V14 (All versions). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could perform a stored cross-site scripting (XSS) attack that may lead to arbitrary code execution with [ICODE]SYSTEM[/ICODE] privileges on the application server. (ZDI-CAN-19823)[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35796&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35796]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35796') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-594373.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44081&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44081]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44081') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44082&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44082]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44082') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44083&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44083]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44083') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44084&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44084]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44084') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44085&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44085]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44085') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44086&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44086]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44086') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44087&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44087]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44087') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a type confusion vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21268)[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45204&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45204]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45204') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- tecnomatix[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.262), Parasolid V35.1 (All versions < V35.1.250), Parasolid V36.0 (All versions < V36.0.169), Tecnomatix Plant Simulation V2201 (All versions < V2201.0009), Tecnomatix Plant Simulation V2302 (All versions < V2302.0003). The affected applications contain a stack overflow vulnerability while parsing specially crafted IGS files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21290)[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45601&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45601]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45601') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-524778.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- xpedition_layout_browser[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Xpedition Layout Browser (All versions < VX.2.14). Affected application contains a stack overflow vulnerability when parsing a PCB file. An attacker can leverage this vulnerability to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30900&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30900]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30900') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-829656.pdf')[/TD] [/TR] [TR] [TD][LEFT]silabs -- uc/tcp-ip[/LEFT][/TD] [TD][LEFT]In Silicon Labs uC/TCP-IP 3.6.0, TCP ISNs are improperly random.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-27630&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-27630]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-27630') [MISC]('https://www.forescout.com') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01') [MISC]('https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/')[/TD] [/TR] [TR] [TD][LEFT]simple_and_nice_shopping_cart_script -- simple_and_nice_shopping_cart_script[/LEFT][/TD] [TD][LEFT]File Upload vulnerability in Simple and Nice Shopping Cart Script v.1.0 allows a remote attacker to execute arbitrary code via the upload function in the edit profile component.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44061&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44061]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44061') [MISC]('https://github.com/soundarkutty/File-upload-Restriction-bypass/blob/main/poc.md')[/TD] [/TR] [TR] [TD][LEFT]snipeitapp -- snipe-it[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) in GitHub repository snipe/snipe-it prior to v.6.2.3.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5511&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-5511]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5511') [MISC]('https://github.com/snipe/snipe-it/commit/6d55d782806c9660e9e65dc5250faacb5d0033ed') [MISC]('https://huntr.dev/bounties/43206801-9862-48da-b379-e55e341d78bf')[/TD] [/TR] [TR] [TD][LEFT]thingsboard -- thingsboard[/LEFT][/TD] [TD][LEFT]ThingsBoard before 3.5 allows Server-Side Template Injection if users are allowed to modify an email template, because Apache FreeMarker supports freemarker.template.utility.Execute (for content sent to the /api/admin/settings endpoint).[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45303&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45303]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45303') [MISC]('https://freemarker.apache.org/docs/api/freemarker/template/utility/Execute.html') [MISC]('https://herolab.usd.de/security-advisories/usd-2023-0010/')[/TD] [/TR] [TR] [TD][LEFT]turnatasarim -- advertising_administration_panel[/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Turna Advertising Administration Panel allows SQL Injection. This issue affects Advertising Administration Panel: before 1.1.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4530&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4530]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4530') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0571')[/TD] [/TR] [TR] [TD][LEFT]typora -- typora[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain sensitive information via the PDF file exporting function.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][7.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-18336&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2020-18336]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-18336') [MISC]('https://github.com/typora/typora-issues/issues/2232')[/TD] [/TR] [TR] [TD][LEFT]uptime_kuma -- uptime_kuma[/LEFT][/TD] [TD][LEFT]Uptime Kuma is a self-hosted monitoring tool. Prior to version 1.23.3, attackers with access to a user's device can gain persistent account access. This is caused by missing verification of Session Tokens after password changes and/or elapsed inactivity periods. Version 1.23.3 has a patch for the issue.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44400&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44400]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44400') [MISC]('https://github.com/louislam/uptime-kuma/issues/3481') [MISC]('https://github.com/louislam/uptime-kuma/commit/88afab6571ef7d4d41bb395cdb6ecd3968835a4a') [MISC]('https://github.com/louislam/uptime-kuma/security/advisories/GHSA-g9v2-wqcj-j99g')[/TD] [/TR] [TR] [TD][LEFT]vantage6 -- vantage6[/LEFT][/TD] [TD][LEFT]vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that has known security issues. All users of vantage6 that post tasks with the default serialization are affected. Version 4.0.0 contains a patch. Users may specify JSON serialization as a workaround.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23930&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-23930]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23930') [MISC]('https://medium.com/ochrona/python-pickle-is-notoriously-insecure-d6651f1974c9') [MISC]('https://github.com/vantage6/vantage6/security/advisories/GHSA-5m22-cfq9-86x6') [MISC]('https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400') [MISC]('https://github.com/vantage6/vantage6/commit/e62f03bacf2247bd59eed217e2e7338c3a01a5f0')[/TD] [/TR] [TR] [TD][LEFT]wazuh -- wazuh-dashboard[/LEFT][/TD] [TD][LEFT]Wazuh is a security detection, visibility, and compliance open source project. In versions 4.4.0 and 4.4.1, it is possible to get the Wazuh API administrator key used by the Dashboard using the browser development tools. This allows a logged user to the dashboard to become administrator of the API, even if their dashboard role is not. Version 4.4.2 contains a fix. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42455&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42455]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42455') [MISC]('https://github.com/wazuh/wazuh-kibana-app/security/advisories/GHSA-8w7x-52r7-qvjf') [MISC]('https://github.com/wazuh/wazuh-dashboard-plugins/issues/5427') [MISC]('https://github.com/wazuh/wazuh-kibana-app/pull/5428')[/TD] [/TR] [TR] [TD][LEFT]webkitgtk -- webkitgtk[/LEFT][/TD] [TD][LEFT]A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a malicious webpage to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39928&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39928]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39928') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1831') [MISC]('https://webkitgtk.org/security/WSA-2023-0009.html') [MISC]('https://www.debian.org/security/2023/dsa-5527') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL/')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in BoldGrid Post and Page Builder by BoldGrid - Visual Drag and Drop Editor plugin <= 1.24.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25480&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-25480]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25480') [MISC]('https://patchstack.com/database/vulnerability/post-and-page-builder/wordpress-post-and-page-builder-by-boldgrid-plugin-1-24-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Dipak C. Gajjar WP Super Minify plugin <= 1.5.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27615&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-27615]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27615') [MISC]('https://patchstack.com/database/vulnerability/wp-super-minify/wordpress-wp-super-minify-plugin-1-5-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in LeadSquared, Inc LeadSquared Suite plugin <= 0.7.4 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45047&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-45047]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45047') [MISC]('https://patchstack.com/database/vulnerability/leadsquared-suite/wordpress-leadsquared-suite-plugin-0-7-4-cross-site-request-forgery-csrf-leading-to-form-deactivation-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (subscriber+) SQL Injection (SQLi) vulnerability in MainWP Google Analytics Extension plugin <= 4.0.4 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23651&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-23651]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23651') [MISC]('https://patchstack.com/database/vulnerability/mainwp-google-analytics-extension/wordpress-mainwp-google-analytics-extension-plugin-4-0-4-subscriber-sql-injection-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in MakeStories Team MakeStories (for Google Web Stories) plugin <= 2.8.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27448&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-27448]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27448') [MISC]('https://patchstack.com/database/vulnerability/makestories-helper/wordpress-makestories-for-google-web-stories-plugin-2-8-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Naresh Parmar Post View Count plugin <= 1.8.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44996&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44996]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44996') [MISC]('https://patchstack.com/database/vulnerability/wp-simple-post-view/wordpress-post-view-count-plugin-1-8-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in QuantumCloud AI ChatBot plugin <= 4.7.8 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44993&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44993]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44993') [MISC]('https://patchstack.com/database/vulnerability/chatbot/wordpress-ai-chatbot-plugin-4-7-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in P Royal Royal Elementor Addons and Templates plugin <= 1.3.75 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47175&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-47175]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47175') [MISC]('https://patchstack.com/database/vulnerability/royal-elementor-addons/wordpress-royal-elementor-addons-plugin-1-3-75-multiple-cross-site-request-forgery-csrf?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <= 4.5 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25033&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-25033]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25033') [MISC]('https://patchstack.com/database/vulnerability/social-share-boost/wordpress-social-share-boost-plugin-4-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in Easy2Map Photos Plugin 1.0.1 on WordPress. This vulnerability affects unknown code. The manipulation leads to sql injection. The attack can be initiated remotely. Upgrading to version 1.1.0 is able to address this issue. The patch is identified as 503d9ee2482d27c065f78d9546f076a406189908. It is recommended to upgrade the affected component. VDB-241318 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-10126&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2015-10126]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-10126') [MISC]('https://vuldb.com/?id.241318') [MISC]('https://github.com/wp-plugins/easy2map-photos/commit/503d9ee2482d27c065f78d9546f076a406189908') [MISC]('https://vuldb.com/?ctiid.241318')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Gangesh Matta Simple Org Chart plugin <= 2.3.4 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40008&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40008]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40008') [MISC]('https://patchstack.com/database/vulnerability/simple-org-chart/wordpress-simple-org-chart-plugin-2-3-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Greg Ross Schedule Posts Calendar plugin <= 5.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40556&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40556]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40556') [MISC]('https://patchstack.com/database/vulnerability/schedule-posts-calendar/wordpress-schedule-posts-calendar-plugin-5-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in ??wp DX-auto-save-images plugin <= 1.4.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40671&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40671]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40671') [MISC]('https://patchstack.com/database/vulnerability/dx-auto-save-images/wordpress-dx-auto-save-images-plugin-1-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Remove/hide Author, Date, Category Like Entry-Meta plugin <= 2.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41650&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41650]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41650') [MISC]('https://patchstack.com/database/vulnerability/removehide-author-date-category-like-entry-meta/wordpress-remove-hide-author-date-category-like-entry-meta-plugin-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Andreas Heigl authLdap plugin <= 2.5.8 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41654&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41654') [MISC]('https://patchstack.com/database/vulnerability/authldap/wordpress-authldap-plugin-2-5-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Jules Colle, BDWM Responsive Gallery Grid plugin <= 2.3.10 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41659&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41659]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41659') [MISC]('https://patchstack.com/database/vulnerability/responsive-gallery-grid/wordpress-responsive-gallery-grid-plugin-2-3-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in WPSynchro WP Synchro plugin <= 1.9.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41660&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41660]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41660') [MISC]('https://patchstack.com/database/vulnerability/wpsynchro/wordpress-wordpress-migration-plugin-db-files-wp-synchro-plugin-1-9-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Ulf Benjaminsson WP-dTree plugin <= 4.4.5 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41667&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41667]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41667') [MISC]('https://patchstack.com/database/vulnerability/wp-dtree-30/wordpress-wp-dtree-plugin-4-4-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Leadster plugin <= 1.1.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41668&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41668]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41668') [MISC]('https://patchstack.com/database/vulnerability/leadster-marketing-conversacional/wordpress-leadster-plugin-1-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in DAEXT Live News plugin <= 1.06 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41669&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41669]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41669') [MISC]('https://patchstack.com/database/vulnerability/live-news-lite/wordpress-live-news-plugin-1-06-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Palasthotel (in person: Edward Bock) Use Memcached plugin <= 1.0.4 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41670&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41670]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41670') [MISC]('https://patchstack.com/database/vulnerability/use-memcached/wordpress-use-memcached-plugin-1-0-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Rémi Leclercq Hide admin notices - Admin Notification Center plugin <= 2.3.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41672&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41672]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41672') [MISC]('https://patchstack.com/database/vulnerability/wp-admin-notification-center/wordpress-hide-admin-notices-admin-notification-center-plugin-2-3-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Felix Welberg SIS Handball plugin <= 1.0.45 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41684&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41684]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41684') [MISC]('https://patchstack.com/database/vulnerability/sis-handball/wordpress-sis-handball-plugin-1-0-45-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Realbig Team Realbig For WordPress plugin <= 1.0.3 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41694&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41694]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41694') [MISC]('https://patchstack.com/database/vulnerability/realbig-media/wordpress-realbig-plugin-1-0-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Nikunj Soni Easy WP Cleaner plugin <= 1.9 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41697&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41697]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41697') [MISC]('https://patchstack.com/database/vulnerability/easy-wp-cleaner/wordpress-easy-wp-cleaner-plugin-1-9-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in SendPress Newsletters plugin <= 1.22.3.31 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41730&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41730]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41730') [MISC]('https://patchstack.com/database/vulnerability/sendpress/wordpress-sendpress-newsletters-plugin-1-22-3-31-cross-site-request-forgery-csrf?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in CodePeople CP Blocks plugin <= 1.0.20 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41732&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41732]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41732') [MISC]('https://patchstack.com/database/vulnerability/cp-blocks/wordpress-cp-blocks-plugin-1-0-20-csrf-leading-to-plugin-settings-change-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin <= 4.3 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41801&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41801]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41801') [MISC]('https://patchstack.com/database/vulnerability/another-wordpress-classifieds-plugin/wordpress-classifieds-plugin-ad-directory-listings-plugin-4-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Morris Bryant, Ruben Sargsyan Outbound Link Manager plugin <= 1.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41850&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41850]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41850') [MISC]('https://patchstack.com/database/vulnerability/outbound-link-manager/wordpress-outbound-link-manager-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Dotsquares WP Custom Post Template <= 1.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41851&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41851]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41851') [MISC]('https://patchstack.com/database/vulnerability/wp-custom-post-template/wordpress-wp-custom-post-template-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in MailMunch MailMunch - Grow your Email List plugin <= 3.1.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41852&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41852]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41852') [MISC]('https://patchstack.com/database/vulnerability/mailmunch/wordpress-mailmunch-grow-your-email-list-plugin-3-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in WP iCal Availability plugin <= 1.0.3 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41853&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41853]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41853') [MISC]('https://patchstack.com/database/vulnerability/wp-ical-availability/wordpress-wp-ical-availability-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Softaculous Ltd. WpCentral plugin <= 1.5.7 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41854&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41854]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41854') [MISC]('https://patchstack.com/database/vulnerability/wp-central/wordpress-wpcentral-plugin-1-5-7-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Ashok Rane Order Delivery Date for WP e-Commerce plugin <= 1.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41858&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41858]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41858') [MISC]('https://patchstack.com/database/vulnerability/order-delivery-date/wordpress-order-delivery-date-for-wp-e-commerce-plugin-1-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Hardik Kalathiya WP Gallery Metabox plugin <= 1.0.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41876&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41876]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41876') [MISC]('https://patchstack.com/database/vulnerability/wp-gallery-metabox/wordpress-wp-gallery-metabox-plugin-1-0-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Laposta - Roel Bousardt Laposta Signup Basic plugin <= 1.4.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41950&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41950]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41950') [MISC]('https://patchstack.com/database/vulnerability/laposta-signup-basic/wordpress-laposta-signup-basic-plugin-1-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Checkfront Inc. Checkfront Online Booking System plugin <= 3.6 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44146&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44146]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44146') [MISC]('https://patchstack.com/database/vulnerability/checkfront-wp-booking/wordpress-checkfront-online-booking-system-plugin-3-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in NickDuncan Contact Form plugin <= 2.0.10 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44231&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44231]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44231') [MISC]('https://patchstack.com/database/vulnerability/contact-form-ready/wordpress-contact-form-plugin-2-0-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Huseyin Berberoglu WP Hide Pages plugin <= 1.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44232&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44232]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44232') [MISC]('https://patchstack.com/database/vulnerability/wp-hide-pages/wordpress-wp-hide-pages-plugin-1-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in FooPlugins Best WordPress Gallery Plugin - FooGallery plugin <= 2.2.44 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44233&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44233]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44233') [MISC]('https://patchstack.com/database/vulnerability/foogallery/wordpress-foogallery-plugin-2-2-44-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Devnath verma WP Captcha plugin <= 2.0.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44236&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44236]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44236') [MISC]('https://patchstack.com/database/vulnerability/wp-captcha/wordpress-wp-captcha-plugin-2-0-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Moriyan Jay WP Site Protector plugin <= 2.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44237&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44237]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44237') [MISC]('https://patchstack.com/database/vulnerability/wp-site-protector/wordpress-wp-site-protector-plugin-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Joakim Ling Remove slug from custom post type plugin <= 1.0.3 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44238&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44238]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44238') [MISC]('https://patchstack.com/database/vulnerability/remove-slug-from-custom-post-type/wordpress-remove-slug-from-custom-post-type-plugin-1-0-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Peter Butler Timthumb Vulnerability Scanner plugin <= 1.54 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44240&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44240]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44240') [MISC]('https://patchstack.com/database/vulnerability/timthumb-vulnerability-scanner/wordpress-timthumb-vulnerability-scanner-plugin-1-54-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Keap Keap Landing Pages plugin <= 1.4.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44241&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44241]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44241') [MISC]('https://patchstack.com/database/vulnerability/infusionsoft-landing-pages/wordpress-keap-landing-pages-plugin-1-4-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Dylan Blokhuis Instant CSS plugin <= 1.2.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44243&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44243]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44243') [MISC]('https://patchstack.com/database/vulnerability/instant-css/wordpress-instant-css-plugin-1-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Matias s Shockingly Simple Favicon plugin <= 1.8.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44246&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44246]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44246') [MISC]('https://patchstack.com/database/vulnerability/shockingly-simple-favicon/wordpress-shockingly-simple-favicon-plugin-1-8-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Hometory Mang Board WP plugin <= 1.7.6 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44257&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44257]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44257') [MISC]('https://patchstack.com/database/vulnerability/mangboard/wordpress-mang-board-wp-plugin-1-7-6-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Mediavine Mediavine Control Panel plugin <= 2.10.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44259&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44259]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44259') [MISC]('https://patchstack.com/database/vulnerability/mediavine-control-panel/wordpress-mediavine-control-panel-plugin-2-10-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Mikk Mihkel Nurges, Rebing OÜ Woocommerce ESTO plugin <= 2.23.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44260&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44260]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44260') [MISC]('https://patchstack.com/database/vulnerability/woo-esto/wordpress-woocommerce-esto-plugin-2-23-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Dinesh Karki Block Plugin Update plugin <= 3.3 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44261&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44261]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44261') [MISC]('https://patchstack.com/database/vulnerability/block-specific-plugin-updates/wordpress-block-plugin-update-plugin-3-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Kvvaradha Kv TinyMCE Editor Add Fonts plugin <= 1.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44470&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44470]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44470') [MISC]('https://patchstack.com/database/vulnerability/kv-tinymce-editor-fonts/wordpress-kv-tinymce-editor-add-fonts-plugin-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Bernhard Kau Backend Localization plugin <= 2.1.10 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44471&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44471]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44471') [MISC]('https://patchstack.com/database/vulnerability/kau-boys-backend-localization/wordpress-backend-localization-plugin-2-1-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Michael Tran Table of Contents Plus plugin <= 2302 versions.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44473&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44473]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44473') [MISC]('https://patchstack.com/database/vulnerability/table-of-contents-plus/wordpress-table-of-contents-plus-plugin-2302-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Michael Simpson Add Shortcodes Actions And Filters plugin <= 2.0.9 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44475&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44475]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44475') [MISC]('https://patchstack.com/database/vulnerability/add-actions-and-filters/wordpress-add-shortcodes-actions-and-filters-plugin-2-0-9-multiple-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Andres Felipe Perea V. CopyRightPro plugin <= 2.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44476&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44476]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44476') [MISC]('https://patchstack.com/database/vulnerability/copyrightpro/wordpress-copyrightpro-plugin-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in WP Doctor WooCommerce Login Redirect plugin <= 2.2.4 versions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44995&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-44995]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44995') [MISC]('https://patchstack.com/database/vulnerability/woo-login-redirect/wordpress-woocommerce-login-redirect-plugin-2-2-4-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]An authentication bypass vulnerability exists in the httpd nvram.cgi functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-24479&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-24479]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24479') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1762')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]A stack-based buffer overflow vulnerability exists in the httpd do_wds functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31272&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-31272]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31272') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1765')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]A command execution vulnerability exists in the validate.so diag_ping_start functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32632&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32632]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32632') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1767')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to authentication bypass. An attacker can send a network request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32645&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32645]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32645') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1752')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially crafted network packet can lead to command execution. An attacker can send a network request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34346&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34346]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34346') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1764')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a buffer overflow. An attacker can send a network request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34365&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34365]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34365') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1763')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]A stack-based buffer overflow vulnerability exists in the httpd manage_request functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to stack-based buffer overflow. An attacker can send a network request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34426&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34426]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34426') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1766')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the gozila_cgi function.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35055&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35055]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35055') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]A buffer overflow vulnerability exists in the httpd next_page functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the next_page parameter in the cgi_handler function.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35056&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35056]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35056') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1761')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities. This integer overflow result is used as argument for the malloc function.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35965&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35965]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35965') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1787')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities. This integer overflow result is used as argument for the realloc function.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35966&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35966]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35966') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1787')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities. This integer overflow result is used as argument for the malloc function.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35967&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35967]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35967') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1788')[/TD] [/TR] [TR] [TD][LEFT]yifanwireless -- yf325_firmware[/LEFT][/TD] [TD][LEFT]Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer overflow. An attacker can send a network request to trigger these vulnerabilities. This integer overflow result is used as argument for the realloc function.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35968&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35968]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35968') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1788')[/TD] [/TR] [TR] [TD][LEFT]zephyrproject -- zephyr[/LEFT][/TD] [TD][LEFT]Potential buffer overflow vulnerability in the Zephyr CAN bus subsystem[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3725&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3725]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3725') [MISC]('https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-2g3m-p6c7-8rr3')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]acronis -- agent[/LEFT][/TD] [TD][LEFT]Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 36119.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45245&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-45245]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45245') [MISC]('https://security-advisory.acronis.com/advisories/SEC-6017')[/TD] [/TR] [TR] [TD][LEFT]adobe -- bridge[/LEFT][/TD] [TD][LEFT]Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38216&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38216]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38216') [MISC]('https://helpx.adobe.com/security/products/bridge/apsb23-49.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- bridge[/LEFT][/TD] [TD][LEFT]Adobe Bridge versions 12.0.4 (and earlier) and 13.0.3 (and earlier) are affected by an Out-of-bounds Read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38217&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38217]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38217') [MISC]('https://helpx.adobe.com/security/products/bridge/apsb23-49.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Server-Side Request Forgery (SSRF) vulnerability that could lead to arbitrary file system read. A high-privileged authenticated attacker can force the application to make arbitrary requests via injection of arbitrary URLs. Exploitation of this issue does not require user interaction, scope is changed due to the fact that an attacker can enforce file read outside the application's path boundary.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26366&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-26366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26366') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][6.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38221&vector=CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38221]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38221') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][6.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38249&vector=CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38249]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38249') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction and attack complexity is high as it requires knowledge of tooling beyond just using the UI.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][6.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38250&vector=CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38250]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38250') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by a Uncontrolled Resource Consumption vulnerability that could lead in minor application denial-of-service. Exploitation of this issue does not require user interaction.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38251&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2023-38251]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38251') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce[/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read by an admin-privilege authenticated attacker. Exploitation of this issue does not require user interaction.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26367&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-26367]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26367') [MISC]('https://helpx.adobe.com/security/products/magento/apsb23-50.html')[/TD] [/TR] [TR] [TD][LEFT]antisamy -- antisamy[/LEFT][/TD] [TD][LEFT]AntiSamy is a library for performing fast, configurable cleansing of HTML coming from untrusted sources. Prior to version 1.7.4, there is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the [ICODE]preserveComments[/ICODE] directive must be enabled in your policy file and also allow for certain tags at the same time. As a result, certain crafty inputs can result in elements in comment tags being interpreted as executable when using AntiSamy's sanitized output. This issue has been patched in AntiSamy 1.7.4 and later.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43643&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-43643]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43643') [MISC]('https://github.com/nahsra/antisamy/security/advisories/GHSA-pcf2-gh6g-h5r2') [MISC]('https://github.com/nahsra/antisamy/releases/tag/v1.7.4')[/TD] [/TR] [TR] [TD][LEFT]atx -- ucrypt[/LEFT][/TD] [TD][LEFT]The web interface of ATX Ucrypt through 3.5 allows authenticated users (or attackers using default credentials for the admin, master, or user account) to include files via a URL in the /hydra/view/get_cc_url url parameter. There can be resultant SSRF.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39854&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39854]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39854') [MISC]('https://wiki.notveg.ninja/blog/CVE-2023-39854/')[/TD] [/TR] [TR] [TD][LEFT]canonical -- subiquity[/LEFT][/TD] [TD][LEFT]Sensitive data could be exposed in logs of subiquity version 23.09.1 and earlier. An attacker in the adm group could use this information to find hashed passwords and possibly escalate their privilege.[/LEFT][/TD] [TD][CENTER]2023-10-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5182&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5182]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5182') [MISC]('https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5182') [MISC]('https://github.com/canonical/subiquity/pull/1820/commits/62e126896fb063808767d74d00886001e38eaa1c')[/TD] [/TR] [TR] [TD][LEFT]chiefonboarding -- chiefonboarding[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) in GitHub repository chiefonboarding/chiefonboarding prior to v2.0.47.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5498&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5498]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5498') [MISC]('https://huntr.dev/bounties/ec367b1d-5ec4-4ab2-881a-caf82e4877d9') [MISC]('https://github.com/chiefonboarding/chiefonboarding/commit/7de93f5fcc21e8f16fa0a64d38461c1b48ff3ee7')[/TD] [/TR] [TR] [TD][LEFT]concretecms -- concrete_cms[/LEFT][/TD] [TD][LEFT]Concrete CMS v9.2.1 is affected by Arbitrary File Upload vulnerability via the Thumbnail" file upload, which allows Cross-Site Scripting (XSS).[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44763&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-44763]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44763') [MISC]('https://github.com/sromanhu/ConcreteCMS-Arbitrary-file-upload-Thumbnail')[/TD] [/TR] [TR] [TD][LEFT]consensys -- gnark[/LEFT][/TD] [TD][LEFT]gnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of [ICODE]a[/ICODE], for small values there exists a second decomposition for [ICODE]a+r[/ICODE] (where [ICODE]r[/ICODE] is the modulus the values are being reduced by). The second decomposition was possible due to overflowing the field where the values are defined. Upgrading to version 0.9.0 should fix the issue without needing to change the calls to value comparison methods.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44378&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-44378]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44378') [MISC]('https://github.com/Consensys/gnark/security/advisories/GHSA-498w-5j49-vqjg') [MISC]('https://github.com/Consensys/gnark/commit/59a4087261a6c73f13e80d695c17b398c3d0934f') [MISC]('https://github.com/zkopru-network/zkopru/issues/116')[/TD] [/TR] [TR] [TD][LEFT]delta_electronics -- wplsoft[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Delta Electronics WPLSoft 2.51. It has been classified as problematic. Affected is an unknown function of the component Modbus Handler. The manipulation leads to cleartext transmission of sensitive information. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241584. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5461&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5461]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5461') [MISC]('https://vuldb.com/?ctiid.241584') [MISC]('https://vuldb.com/?id.241584') [MISC]('https://drive.google.com/drive/folders/17nBJt3tejqipE_L-lMEhYXeGhG0eii-_')[/TD] [/TR] [TR] [TD][LEFT]delta_electronics -- wplsoft[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Delta Electronics WPLSoft up to 2.51 and classified as problematic. This issue affects some unknown processing of the component Modbus Data Packet Handler. The manipulation leads to heap-based buffer overflow. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-241583. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5460&vector=CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-5460]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5460') [MISC]('https://drive.google.com/drive/folders/1oYxs_KxK4Ftd7OsexGk6upkxhJ3-m8M3') [MISC]('https://vuldb.com/?ctiid.241583') [MISC]('https://vuldb.com/?id.241583')[/TD] [/TR] [TR] [TD][LEFT]discourse -- discourse_jira[/LEFT][/TD] [TD][LEFT]Discourse-jira is a Discourse plugin allows Jira projects, issue types, fields and field options will be synced automatically. An administrator user can make an SSRF attack by setting the Jira URL to an arbitrary location and enabling the [ICODE]discourse_jira_verbose_log[/ICODE] site setting. A moderator user could manipulate the request path to the Jira API, allowing them to perform arbitrary GET requests using the Jira API credentials, potentially with elevated permissions, used by the application.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][4.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44384&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-44384]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44384') [MISC]('https://github.com/discourse/discourse-jira/security/advisories/GHSA-pmv5-h2x6-35fh') [MISC]('https://github.com/discourse/discourse-jira/pull/50') [MISC]('https://github.com/discourse/discourse-jira/commit/8a2d3ad228883199fd5f081cc93d173c88e2e48f')[/TD] [/TR] [TR] [TD][LEFT]easycorp -- zentao[/LEFT][/TD] [TD][LEFT]Cross Site Scripting vulnerability in ZenTaoPMS v.18.6 allows a local attacker to obtain sensitive information via a crafted script.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44826&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-44826]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44826') [MISC]('https://github.com/jacyyang52/chandaoxss/')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip[/LEFT][/TD] [TD][LEFT]When on BIG-IP DNS or BIG-IP LTM enabled with DNS Services License, and a TSIG key is created, it is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41253&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-41253]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41253') [MISC]('https://my.f5.com/manage/s/article/K98334513')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip[/LEFT][/TD] [TD][LEFT]When TACACS+ audit forwarding is configured on BIG-IP or BIG-IQ system, sharedsecret is logged in plaintext in the audit log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43485&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-43485]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43485') [MISC]('https://my.f5.com/manage/s/article/K06110200')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip[/LEFT][/TD] [TD][LEFT]When BIG-IP APM Guided Configurations are configured, undisclosed sensitive information may be logged in restnoded log. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39447&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39447]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39447') [MISC]('https://my.f5.com/manage/s/article/K47756555')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip[/LEFT][/TD] [TD][LEFT]Exposure of Sensitive Information vulnerability exist in an undisclosed BIG-IP TMOS shell (tmsh) command which may allow an authenticated attacker with resource administrator role privileges to view sensitive information. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45219&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-45219]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45219') [MISC]('https://my.f5.com/manage/s/article/K20307245')[/TD] [/TR] [TR] [TD][LEFT]f5 -- big-ip[/LEFT][/TD] [TD][LEFT]The BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41964&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-41964]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41964') [MISC]('https://my.f5.com/manage/s/article/K20850144')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortianalyzer[/LEFT][/TD] [TD][LEFT]A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 may allow a remote attacker with low privileges to access a privileged web console via client side code execution.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42787&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-42787]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42787') [MISC]('https://fortiguard.com/psirt/FG-IR-23-187')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortianalyzer[/LEFT][/TD] [TD][LEFT]An authorization bypass through user-controlled key [CWE-639] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 allows a remote attacker with low privileges to read sensitive information via crafted HTTP requests.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44249&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-44249]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44249') [MISC]('https://fortiguard.com/psirt/FG-IR-23-201')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortianalyzer[/LEFT][/TD] [TD][LEFT]A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.4.0 and below 7.2.3 allows a remote unauthenticated attacker to send messages to the syslog server of FortiAnalyzer via the knoweldge of an authorized device serial number.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42782&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-42782]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42782') [MISC]('https://fortiguard.com/psirt/FG-IR-23-221')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiguest[/LEFT][/TD] [TD][LEFT]An insertion of sensitive information into log file vulnerability in Fortinet FortiGuest 1.0.0 allows a local attacker to access plaintext passwords in the RADIUS logs.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25604&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-25604]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25604') [MISC]('https://fortiguard.com/psirt/FG-IR-23-052')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortimail[/LEFT][/TD] [TD][LEFT]An improper neutralization of input during web page generation vulnerability [CWE-79] in FortiMail version 7.2.0 through 7.2.2 and before 7.0.5 allows an authenticated attacker to inject HTML tags in FortiMail's calendar via input fields.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36637&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36637]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36637') [MISC]('https://fortiguard.com/psirt/FG-IR-23-194')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortios[/LEFT][/TD] [TD][LEFT]An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiOS 7.2.0 - 7.2.4 allows an attacker to execute unauthorized code or commands via the SAML and Security Fabric components.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36555&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36555]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36555') [MISC]('https://fortiguard.com/psirt/FG-IR-23-104')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortios[/LEFT][/TD] [TD][LEFT]An improper access control vulnerability in Fortinet FortiOS 7.2.0 - 7.2.4 and 7.4.0 allows an attacker to access a restricted resource from an untrusted host.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33301&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-33301]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33301') [MISC]('https://fortiguard.com/psirt/FG-IR-23-139')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiproxy[/LEFT][/TD] [TD][LEFT]A use after free vulnerability [CWE-416] in FortiOS version 7.2.0 through 7.2.4 and version 7.0.0 through 7.0.10 and FortiProxy version 7.2.0 through 7.2.2 and version 7.0.0 through 7.0.8 may allow an unauthenticated remote attacker to crash the WAD process via multiple crafted packets reaching proxy policies or firewall policies with proxy mode alongside SSL deep packet inspection.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41675&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2023-41675]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41675') [MISC]('https://fortiguard.com/psirt/FG-IR-23-184')[/TD] [/TR] [TR] [TD][LEFT]gdidees -- gdidees_cms[/LEFT][/TD] [TD][LEFT]GDidees CMS 3.0 is affected by a Cross-Site Scripting (XSS) vulnerability that allows attackers to execute arbitrary code via a crafted payload to the Page Title.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44758&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-44758]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44758') [MISC]('https://github.com/sromanhu/GDidees-CMS-Stored-XSS---Title/tree/main')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In visitUris of Notification.java, there is a possible bypass of user profile boundaries due to a missing permission check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21244&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21244]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21244') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/20aedba4998373addc2befcc455a118585559fef') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/3a448067ac9ebdf669951e90678c2daa592a81d3') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/5a3d0c131175d923cf35c7beb3ee77a9e6485dad') [MISC]('https://source.android.com/security/bulletin/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ctrl_roi of stmvl53l1_module.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35654&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35654') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35655&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35655]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35655') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40653&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40653]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40653') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In FW-PackageManager, there is a possible missing permission check. This could lead to local escalation of privilege with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40654&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40654') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35645&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35645]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35645') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In validatePassword of WifiConfigurationUtil.java, there is a possible way to get the device into a boot loop due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21252&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-21252]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21252') [MISC]('https://android.googlesource.com/platform/packages/modules/Wifi/+/044ab0684153c4effb9f4fda47df43ccdc77bda8') [MISC]('https://android.googlesource.com/platform/packages/modules/Wifi/+/50b08ee30e04d185e5ae97a5f717d436fd5a90f3') [MISC]('https://source.android.com/security/bulletin/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In multiple locations, there is a possible way to crash multiple system services due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21253&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-21253]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21253') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/84df68840b6f2407146e722ebd95a7d8bc6e3529') [MISC]('https://android.googlesource.com/platform/tools/apksig/+/039f815895f62c9f8af23df66622b66246f3f61e') [MISC]('https://android.googlesource.com/platform/tools/apksig/+/41d882324288085fd32ae0bb70dc85f5fd0e2be7') [MISC]('https://source.android.com/security/bulletin/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In visitUris of Notification.java, there is a possible way to reveal image contents from another user due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21291&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-21291]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21291') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/cb6282e8970f4c9db5497889699e68fb2038566e') [MISC]('https://source.android.com/security/bulletin/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In phasecheckserver, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40633&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40633]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40633') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40637&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40637]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40637') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40639&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40639]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40639') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In SoundRecorder service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40640&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40640]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40640') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40641&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40641]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40641') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40642&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40642]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40642') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40643&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40643]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40643') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40644&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40644]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40644') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40645&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40645]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40645') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40646&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40646]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40646') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40647&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40647]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40647') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40648&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40648]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40648') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Messaging, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40649&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40649]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40649') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Telecom service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40650&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40650]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40650') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In TBD of TBD, there is a possible way to access location information due to a permissions bypass. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35653&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-35653]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35653') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Dialer, there is a possible missing permission check. This could lead to local information disclosure with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40631&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40631]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40631') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In telecom service, there is a possible way to write permission usage records of an app due to a missing permission check. This could lead to local information disclosure with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40636&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40636]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40636') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Telecom service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40638&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40638]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40638') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40651&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40651]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40651') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In jpg driver, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-10-08[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40652&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40652]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40652') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1707266966118531074')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in DevTools in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass discretionary access control via a crafted Chrome Extension. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5475&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-5475]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5475') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1476952') [MISC]('https://www.debian.org/security/2023/dsa-5526') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/F5QCMP6KKWPDZZLFU7YXSZDHEKOE7BXO/')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Extensions API in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5479&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-5479]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5479') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1471253') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Downloads in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5481&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-5481]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5481') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1458934') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Intents in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass content security policy via a crafted HTML page. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5483&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-5483]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5483') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1425355') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Navigation in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5484&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-5484]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5484') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1414936') [MISC]('https://www.debian.org/security/2023/dsa-5526') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/F5QCMP6KKWPDZZLFU7YXSZDHEKOE7BXO/')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Fullscreen in Google Chrome prior to 118.0.5993.70 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. (Chromium security severity: Medium)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5487&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-5487]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5487') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1062251') [MISC]('https://www.debian.org/security/2023/dsa-5526') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/F5QCMP6KKWPDZZLFU7YXSZDHEKOE7BXO/')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Cast in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][6.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5473&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2023-5473]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5473') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1484000') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Installer in Google Chrome prior to 118.0.5993.70 allowed a local attacker to bypass discretionary access control via a crafted command. (Chromium security severity: Low)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5477&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5477]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5477') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1472558') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5478&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5478]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5478') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1472404') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Autofill in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to bypass autofill restrictions via a crafted HTML page. (Chromium security severity: Low)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5485&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5485]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5485') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1395164') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Inappropriate implementation in Input in Google Chrome prior to 118.0.5993.70 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5486&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5486]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5486') [MISC]('https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_10.html') [MISC]('https://crbug.com/1357442') [MISC]('https://www.debian.org/security/2023/dsa-5526')[/TD] [/TR] [TR] [TD][LEFT]gradle -- gradle[/LEFT][/TD] [TD][LEFT]Gradle is a build tool with a focus on build automation and support for multi-language development. In some cases, when Gradle parses XML files, resolving XML external entities is not disabled. Combined with an Out Of Band XXE attack (OOB-XXE), just parsing XML can lead to exfiltration of local text files to a remote server. Gradle parses XML files for several purposes. Most of the time, Gradle parses XML files it generated or were already present locally. Only Ivy XML descriptors and Maven POM files can be fetched from remote repositories and parsed by Gradle. In Gradle 7.6.3 and 8.4, resolving XML external entities has been disabled for all use cases to protect against this vulnerability. Gradle will now refuse to parse XML files that have XML external entities.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42445&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-42445]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42445') [MISC]('https://github.com/gradle/gradle/releases/tag/v7.6.3') [MISC]('https://github.com/gradle/gradle/security/advisories/GHSA-mrff-q8qj-xvg8') [MISC]('https://github.com/gradle/gradle/releases/tag/v8.4.0')[/TD] [/TR] [TR] [TD][LEFT]hpe -- msa_1060_storage_firmware[/LEFT][/TD] [TD][LEFT]HPE MSA Controller prior to version IN210R004 could be remotely exploited to allow inconsistent interpretation of HTTP requests. [/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30910&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-30910]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30910') [MISC]('https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbst04539en_us')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos[/LEFT][/TD] [TD][LEFT]Out-of-bounds access vulnerability in the audio module. Successful exploitation of this vulnerability may affect availability.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44110&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2023-44110]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44110') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]ibm -- collaborative_lifecycle_management[/LEFT][/TD] [TD][LEFT]IBM Jazz Foundation (IBM Engineering Lifecycle Management 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2) could disclose sensitive version information to a user that could be used in further attacks against the system. IBM X-Force ID: 230498.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34355&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-34355]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34355') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/230498') [MISC]('https://www.ibm.com/support/pages/node/7046995')[/TD] [/TR] [TR] [TD][LEFT]janusintl -- noke_standard_smart_padlock_firmware[/LEFT][/TD] [TD][LEFT]Nokelock Smart padlock O1 Version 5.3.0 is vulnerable to Insecure Permissions. By sending a request, you can add any device and set the device password in the Nokelock app.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-36228&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-36228]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-36228') [MISC]('https://gist.github.com/YTrick/59c06611052d3fdae034e7087293bbc0')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- thinkpad_t14s_gen_3_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3728&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-3728]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3728') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-106014')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- thinkpad_t14s_gen_3_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48182&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-48182]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48182') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-106014')[/TD] [/TR] [TR] [TD][LEFT]lenovo -- thinkpad_t14s_gen_3_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48183&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-48183]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48183') [MISC]('https://support.lenovo.com/us/en/product_security/LEN-106014')[/TD] [/TR] [TR] [TD][LEFT]libx11 -- libx11[/LEFT][/TD] [TD][LEFT]A vulnerability was found in libX11 due to a boundary condition within the _XkbReadKeySyms() function. This flaw allows a local user to trigger an out-of-bounds read error and read the contents of memory on the system.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43785&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-43785]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43785') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2242252') [MISC]('https://access.redhat.com/security/cve/CVE-2023-43785')[/TD] [/TR] [TR] [TD][LEFT]libx11 -- libx11[/LEFT][/TD] [TD][LEFT]A vulnerability was found in libX11 due to an infinite loop within the PutSubImage() function. This flaw allows a local user to consume all available system resources and cause a denial-of-service condition.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43786&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-43786]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43786') [MISC]('https://access.redhat.com/security/cve/CVE-2023-43786') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2242253')[/TD] [/TR] [TR] [TD][LEFT]libxpm -- libxpm[/LEFT][/TD] [TD][LEFT]A vulnerability was found in libXpm due to a boundary condition within the XpmCreateXpmImageFromBuffer() function. This flaw allows a local to trigger an out-of-bounds read error and read the contents of memory on the system.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43788&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-43788]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43788') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2242248') [MISC]('https://access.redhat.com/security/cve/CVE-2023-43788') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/V6FARGWN7VWXXWPXYNEEDJLRR3EWFZ3T/')[/TD] [/TR] [TR] [TD][LEFT]linux -- kernel[/LEFT][/TD] [TD][LEFT]A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39189&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39189]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39189') [MISC]('https://access.redhat.com/security/cve/CVE-2023-39189') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2226777')[/TD] [/TR] [TR] [TD][LEFT]linux -- kernel[/LEFT][/TD] [TD][LEFT]A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-of-bounds read by setting the size fields with a value beyond the array boundaries, leading to a crash or information disclosure.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39192&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39192]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39192') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2226784') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-CAN-18408/') [MISC]('https://access.redhat.com/security/cve/CVE-2023-39192')[/TD] [/TR] [TR] [TD][LEFT]linux -- kernel[/LEFT][/TD] [TD][LEFT]A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39193&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39193]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39193') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2226787') [MISC]('https://access.redhat.com/security/cve/CVE-2023-39193') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-CAN-18866/')[/TD] [/TR] [TR] [TD][LEFT]linux -- kernel[/LEFT][/TD] [TD][LEFT]A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, potentially leading to an information disclosure.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39194&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39194]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39194') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2226788') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-CAN-18111/') [MISC]('https://access.redhat.com/security/cve/CVE-2023-39194')[/TD] [/TR] [TR] [TD][LEFT]mattermost -- mattermost[/LEFT][/TD] [TD][LEFT]Mattermost fails to properly check the creator of an attached file when adding the file to a draft post, potentially exposing unauthorized file information.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5331&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5331]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5331') [MISC]('https://mattermost.com/security-updates')[/TD] [/TR] [TR] [TD][LEFT]mattermost -- mattermost[/LEFT][/TD] [TD][LEFT]Mattermost fails to deduplicate input IDs allowing a simple user to cause the application to consume excessive resources and possibly crash by sending a specially crafted request to /api/v4/users/ids with multiple identical IDs.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5333&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-5333]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5333') [MISC]('https://mattermost.com/security-updates')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in the CheckUser extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. A user can use a rest.php/checkuser/v0/useragent-clienthints/revision/ URL to store an arbitrary number of rows in cu_useragent_clienthints, leading to a denial of service.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45367&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-45367]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45367') [MISC]('https://phabricator.wikimedia.org/T344923')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in the ProofreadPage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. XSS can occur via formatNumNoSeparators.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45373&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-45373]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45373') [MISC]('https://gerrit.wikimedia.org/r/c/mediawiki/extensions/ProofreadPage/+/961262') [MISC]('https://phabricator.wikimedia.org/T345693')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in includes/page/Article.php in MediaWiki 1.36.x through 1.39.x before 1.39.5 and 1.40.x before 1.40.1. Deleted revision existence is leaked due to incorrect permissions being checked. This reveals that a given revision ID belonged to the given page title, and its timestamp, both of which are not supposed to be public information.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45364&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-45364]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45364') [MISC]('https://phabricator.wikimedia.org/T264765') [DEBIAN]('https://www.debian.org/security/2023/dsa-5520')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. SportsTeams: Special:SportsManagerLogo and Special:SportsTeamsManagerLogo do not check for the sportsteamsmanager user right, and thus an attacker may be able to affect pages that are concerned with sports teams.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45370&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-45370]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45370') [MISC]('https://gerrit.wikimedia.org/r/c/mediawiki/extensions/SportsTeams/+/959699/') [MISC]('https://phabricator.wikimedia.org/T345680')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in the Wikibase extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. During item merging, ItemMergeInteractor does not have an edit filter running (e.g., AbuseFilter).[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45372&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-45372]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45372') [MISC]('https://phabricator.wikimedia.org/T345064') [MISC]('https://gerrit.wikimedia.org/r/c/mediawiki/extensions/Wikibase/+/961264')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in the SportsTeams extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. It does not check for the anti-CSRF edit token in Special:SportsTeamsManager and Special:UpdateFavoriteTeams.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45374&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-45374]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45374') [MISC]('https://gerrit.wikimedia.org/r/c/mediawiki/extensions/SportsTeams/+/952552/') [MISC]('https://phabricator.wikimedia.org/T345040')[/TD] [/TR] [TR] [TD][LEFT]mediawiki -- mediawiki[/LEFT][/TD] [TD][LEFT]An issue was discovered in the PageTriage extension for MediaWiki before 1.35.12, 1.36.x through 1.39.x before 1.39.5, and 1.40.x before 1.40.1. Usernames of hidden users are exposed.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-45369&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-45369]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45369') [MISC]('https://phabricator.wikimedia.org/T344359') [MISC]('https://gerrit.wikimedia.org/r/c/mediawiki/extensions/PageTriage/+/960676')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- common_data_model_sdk[/LEFT][/TD] [TD][LEFT]Microsoft Common Data Model SDK Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36566&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36566]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36566') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36566')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- dynamics_365[/LEFT][/TD] [TD][LEFT]Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36429&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36429]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36429') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36429')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- dynamics_365[/LEFT][/TD] [TD][LEFT]Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36433&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36433]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36433') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36433')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- dynamics_365[/LEFT][/TD] [TD][LEFT]Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36416&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36416]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36416') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36416')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- edge [/LEFT][/TD] [TD][LEFT]Microsoft Edge (Chromium-based) Spoofing Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36559&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36559]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36559') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36559')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- skype_for_business_server[/LEFT][/TD] [TD][LEFT]Skype for Business Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41763&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-41763]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41763') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-41763')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sql_server[/LEFT][/TD] [TD][LEFT]Microsoft SQL Server Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36728&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36728]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36728') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36728')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Microsoft WordPad Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36563&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36563]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36563') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36563')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Search Security Feature Bypass Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36564&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-36564]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36564') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36564')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Deployment Services Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36706&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36706]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36706') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36706')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Power Management Service Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36724&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36724') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36724')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Windows Mark of the Web Security Feature Bypass Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36584&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L')[/CENTER][/TD] [TD][CVE-2023-36584]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36584') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36584')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2008[/LEFT][/TD] [TD][LEFT]Active Directory Domain Services Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36722&vector=CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36722]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36722') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36722')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2012[/LEFT][/TD] [TD][LEFT]Windows Common Log File System Driver Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36713&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36713]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36713') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36713')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2016[/LEFT][/TD] [TD][LEFT]Windows Virtual Trusted Platform Module Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36717&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36717]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36717') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36717')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2016[/LEFT][/TD] [TD][LEFT]Windows Kernel Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36576&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36576]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36576') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36576')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_server_2019[/LEFT][/TD] [TD][LEFT]Windows Kernel Security Feature Bypass Vulnerability[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36698&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L')[/CENTER][/TD] [TD][CVE-2023-36698]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36698') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36698')[/TD] [/TR] [TR] [TD][LEFT]moosocial -- moosocial[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the admin_redirect_url parameter of the user login function.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44812&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-44812]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44812') [MISC]('https://github.com/ahrixia/CVE-2023-44812')[/TD] [/TR] [TR] [TD][LEFT]moosocial -- moosocial[/LEFT][/TD] [TD][LEFT]Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44813&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-44813]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44813') [MISC]('https://github.com/ahrixia/CVE-2023-44813')[/TD] [/TR] [TR] [TD][LEFT]objectcomputing -- micronaut_security[/LEFT][/TD] [TD][LEFT]Micronaut Security is a security solution for applications. Prior to versions 3.1.2, 3.2.4, 3.3.2, 3.4.3, 3.5.3, 3.6.6, 3.7.4, 3.8.4, 3.9.6, 3.10.2, and 3.11.1, IdTokenClaimsValidator skips [ICODE]aud[/ICODE] claim validation if token is issued by same identity issuer/provider. Any OIDC setup using Micronaut where multiple OIDC applications exists for the same issuer but token auth are not meant to be shared. This issue has been patched in versions 3.1.2, 3.2.4, 3.3.2, 3.4.3, 3.5.3, 3.6.6, 3.7.4, 3.8.4, 3.9.6, 3.10.2, and 3.11.1.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36820&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36820]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36820') [MISC]('https://github.com/micronaut-projects/micronaut-security/security/advisories/GHSA-qw22-8w9r-864h') [MISC]('https://github.com/micronaut-projects/micronaut-security/commit/9728b925221a0d87798ccf250657a3c214b7e980')[/TD] [/TR] [TR] [TD][LEFT]octoprint -- octoprint[/LEFT][/TD] [TD][LEFT]OctoPrint is a web interface for 3D printers. OctoPrint versions up until and including 1.9.2 contain a vulnerability that allows malicious admins to configure a specially crafted GCODE script that will allow code execution during rendering of that script. An attacker might use this to extract data managed by OctoPrint, or manipulate data managed by OctoPrint, as well as execute arbitrary commands with the rights of the OctoPrint process on the server system. OctoPrint versions from 1.9.3 onward have been patched. Administrators of OctoPrint instances are advised to make sure they can trust all other administrators on their instance and to also not blindly configure arbitrary GCODE scripts found online or provided to them by third parties.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41047&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41047]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41047') [MISC]('https://github.com/OctoPrint/OctoPrint/commit/d0072cff894509c77e243d6562245ad3079e17db') [MISC]('https://github.com/OctoPrint/OctoPrint/releases/tag/1.9.3') [MISC]('https://github.com/OctoPrint/OctoPrint/security/advisories/GHSA-fwfg-vprh-97ph')[/TD] [/TR] [TR] [TD][LEFT]openvswitch -- openvswitch[/LEFT][/TD] [TD][LEFT]A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5366&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-5366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5366') [MISC]('https://access.redhat.com/security/cve/CVE-2023-5366') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2006347')[/TD] [/TR] [TR] [TD][LEFT]oro_inc -- orocommerce[/LEFT][/TD] [TD][LEFT]OroCommerce is an open-source Business to Business Commerce application. In versions 4.1.0 through 4.1.13, 4.2.0 through 4.2.10, 5.0.0 prior to 5.0.11, and 5.1.0 prior to 5.1.1, the JS payload added to the product name may be executed at the storefront when adding a note to the shopping list line item containing a vulnerable product. An attacker should be able to edit a product in the admin area and force a user to add this product to Shopping List and click add a note for it. Versions 5.0.11 and 5.1.1 contain a fix for this issue.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-35950&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-35950]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-35950') [MISC]('https://github.com/oroinc/orocommerce/security/advisories/GHSA-2jc6-3fhj-8q84')[/TD] [/TR] [TR] [TD][LEFT]phpjabbers -- appointment_scheduler[/LEFT][/TD] [TD][LEFT]There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Appointment Scheduler v3.0[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36126&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36126]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36126') [MISC]('https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4')[/TD] [/TR] [TR] [TD][LEFT]piwigo -- piwigo[/LEFT][/TD] [TD][LEFT]Piwigo is an open source photo gallery application. Prior to version 14.0.0beta4, a reflected cross-site scripting (XSS) vulnerability is in the` /admin.php?page=plugins&tab=new&installstatus=ok&plugin_id=[here]` page. This vulnerability can be exploited by an attacker to inject malicious HTML and JS code into the HTML page, which could then be executed by admin users when they visit the URL with the payload. The vulnerability is caused by the insecure injection of the [ICODE]plugin_id[/ICODE] value from the URL into the HTML page. An attacker can exploit this vulnerability by crafting a malicious URL that contains a specially crafted [ICODE]plugin_id[/ICODE] value. When a victim who is logged in as an administrator visits this URL, the malicious code will be injected into the HTML page and executed. This vulnerability can be exploited by any attacker who has access to a malicious URL. However, only users who are logged in as administrators are affected. This is because the vulnerability is only present on the [ICODE]/admin.php?page=plugins&tab=new&installstatus=ok&plugin_id=[here][/ICODE] page, which is only accessible to administrators. Version 14.0.0.beta4 contains a patch for this issue.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44393&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-44393]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44393') [MISC]('https://github.com/Piwigo/Piwigo/security/advisories/GHSA-qg85-957m-7vgg') [MISC]('https://github.com/Piwigo/Piwigo/commit/cc99c0f1e967c5f1722a0cce30ff42374a7bbc23')[/TD] [/TR] [TR] [TD][LEFT]qnap -- music_station[/LEFT][/TD] [TD][LEFT]A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23365&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-23365]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23365') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-28')[/TD] [/TR] [TR] [TD][LEFT]qnap -- music_station[/LEFT][/TD] [TD][LEFT]A path traversal vulnerability has been reported to affect Music Station. If exploited, the vulnerability could allow authenticated users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following version: Music Station 5.3.22 and later[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23366&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-23366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23366') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-28')[/TD] [/TR] [TR] [TD][LEFT]qnap -- qvpn[/LEFT][/TD] [TD][LEFT]An insufficiently protected credentials vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to gain access to user accounts and access sensitive data used by the user account via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.1.0.0518 and later[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23370&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-23370]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23370') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-36')[/TD] [/TR] [TR] [TD][LEFT]qnap -- qvpn[/LEFT][/TD] [TD][LEFT]A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.2.0.0823 and later[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23371&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-23371]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23371') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-39')[/TD] [/TR] [TR] [TD][LEFT]qnap -- video_station[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34977&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-34977]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34977') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-52')[/TD] [/TR] [TR] [TD][LEFT]reportportal -- reportportal[/LEFT][/TD] [TD][LEFT]ReportPortal is an AI-powered test automation platform. Prior to version 5.10.0 of the [ICODE]com.epam.reportportal:service-api[/ICODE] module, corresponding to ReportPortal version 23.2, the ReportPortal database becomes unstable and reporting almost fully stops except for small launches with approximately 1 test inside when the test_item.path field is exceeded the allowable [ICODE]ltree[/ICODE] field type indexing limit (path length>=120, approximately recursive nesting of the nested steps). REINDEX INDEX path_gist_idx and path_idx aren't helped. The problem was fixed in [ICODE]com.epam.reportportal:service-api[/ICODE] module version 5.10.0 (product release 23.2), where the maximum number of nested elements were programmatically limited. A workaround is available. After deletion of the data with long paths, and reindexing both indexes (path_gist_idx and path_idx), the database becomes stable and ReportPortal works properly.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25822&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-25822]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25822') [MISC]('https://reportportal.io/docs/releases/Version23.2/') [MISC]('https://github.com/reportportal/reportportal/security/advisories/GHSA-mj24-gpw7-23m9') [MISC]('https://github.com/reportportal/reportportal/releases/tag/v23.2')[/TD] [/TR] [TR] [TD][LEFT]sangfor -- next-gen_application_firewall[/LEFT][/TD] [TD][LEFT]The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an authenticated file disclosure vulnerability. A remote and authenticated attacker can read arbitrary system files using the svpn_html/loadfile.php endpoint. This issue is exploitable by a remote and unauthenticated attacker when paired with CVE-2023-30803.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30804&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30804]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30804') [MISC]('https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4') [MISC]('https://vulncheck.com/advisories/sangfor-ngaf-auth-file-disclosure') [MISC]('https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/')[/TD] [/TR] [TR] [TD][LEFT]sangfor -- next-gen_application_firewall[/LEFT][/TD] [TD][LEFT]The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to a source code disclosure vulnerability. A remote and unauthenticated attacker can obtain PHP source code by sending an HTTP request with an invalid Content-Length field.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30802&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30802]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30802') [MISC]('https://aws.amazon.com/marketplace/pp/prodview-uujwjffddxzp4') [MISC]('https://vulncheck.com/advisories/sangfor-ngaf-source') [MISC]('https://labs.watchtowr.com/yet-more-unauth-remote-command-execution-vulns-in-firewalls-sangfor-edition/')[/TD] [/TR] [TR] [TD][LEFT]sap -- business_one[/LEFT][/TD] [TD][LEFT]SAP Business One (B1i) - version 10.0, allows an authorized attacker to retrieve the details stack trace of the fault message to conduct the XXE injection, which will lead to information disclosure. After successful exploitation, an attacker can cause limited impact on the confidentiality and no impact to the integrity and availability.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41365&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-41365]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41365') [MISC]('https://me.sap.com/notes/3338380') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- businessobjects_web_intelligence[/LEFT][/TD] [TD][LEFT]SAP BusinessObjects Web Intelligence - version 420, has a URL with parameter that could be vulnerable to XSS attack. The attacker could send a malicious link to a user that would possibly allow an attacker to retrieve the sensitive information.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42474&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-42474]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42474') [MISC]('https://me.sap.com/notes/3372991') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- s/4hana[/LEFT][/TD] [TD][LEFT]S/4HANA Manage (Withholding Tax Items) - version 106, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges which has low impact on the confidentiality and integrity of the application.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42473&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-42473]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42473') [MISC]('https://me.sap.com/notes/3219846') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sap -- s/4hana[/LEFT][/TD] [TD][LEFT]The Statutory Reporting application has a vulnerable file storage location, potentially enabling low privileged attacker to read server files with minimal impact on confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42475&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-42475]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42475') [MISC]('https://me.sap.com/notes/3222121') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Modification of Assumed-Immutable Data (MAID) in RDT400 in SICK APU allows an unprivileged remote attacker to make the site unable to load necessary strings via changing file paths using HTTP requests.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43697&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L')[/CENTER][/TD] [TD][CVE-2023-43697]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43697') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Cleartext Transmission of Sensitive Information in RDT400 in SICK APU allows an unprivileged remote attacker to retrieve potentially sensitive information via intercepting network traffic that is not encrypted.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5100&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5100]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5100') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in RDT400 in SICK APU allows an unprivileged remote attacker to run arbitrary code in the client's browser via injecting code into the website.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43698&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-43698]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43698') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Files or Directories Accessible to External Parties in RDT400 in SICK APU allows an unprivileged remote attacker to download various files from the server via HTTP requests.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5101&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5101]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5101') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Insufficient Control Flow Management in RDT400 in SICK APU allows an unprivileged remote attacker to potentially enable hidden functionality via HTTP requests.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5102&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5102]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5102') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]sick -- apu0200_firmware[/LEFT][/TD] [TD][LEFT]Improper Restriction of Rendered UI Layers or Frames in RDT400 in SICK APU allows an unprivileged remote attacker to potentially reveal sensitive information via tricking a user into clicking on an actionable item using an iframe.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5103&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-5103]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5103') [MISC]('https://sick.com/psirt') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.pdf') [MISC]('https://sick.com/.well-known/csaf/white/2023/sca-2023-0010.json')[/TD] [/TR] [TR] [TD][LEFT]siemens -- mendix_forgot_password[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Mendix Forgot Password (Mendix 10 compatible) (All versions < V5.4.0), Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.3), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.3), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.4.0). Applications using the affected module are vulnerable to user enumeration due to distinguishable responses. This could allow an unauthenticated remote attacker to determine if a user is valid or not, enabling a brute force attack with valid users.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-43623&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-43623]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43623') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-295483.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- sicam_pas/pqs[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SICAM PAS/PQS (All versions >= V8.00 < V8.22). The affected application is installed with specific files and folders with insecure permissions. This could allow an authenticated local attacker to read and modify configuration data in the context of the application process.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38640&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38640]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38640') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-035466.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simatic_cp[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). The kernel memory of affected devices is exposed to user-mode via direct memory access (DMA) which could allow a local attacker with administrative privileges to execute arbitrary code on the host system without any restrictions.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37194&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-37194]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37194') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- simatic_cp[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SIMATIC CP 1604 (All versions), SIMATIC CP 1616 (All versions), SIMATIC CP 1623 (All versions), SIMATIC CP 1626 (All versions), SIMATIC CP 1628 (All versions). Affected devices insufficiently control continuous mapping of direct memory access (DMA) requests. This could allow local attackers with administrative privileges to cause a denial-of-service situation on the host. A physical power cycle is required to get the system working again.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37195&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-37195]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37195') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-784849.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- sinec_nms[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in SINEC NMS (All versions < V2.0). The affected application improperly sanitizes certain SNMP configuration data retrieved from monitored devices. An attacker with access to a monitored device could prepare a stored cross-site scripting (XSS) attack that may lead to unintentional modification of application data by legitimate users.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-44315&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-44315]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44315') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-160243.pdf')[/TD] [/TR] [TR] [TD][LEFT]snipeitapp -- snipe-it[/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Stored in GitHub repository snipe/snipe-it prior to v6.2.2.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5452&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5452]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5452') [MISC]('https://huntr.dev/bounties/d6ed5ac1-2ad6-45fd-9492-979820bf60c8') [MISC]('https://github.com/snipe/snipe-it/commit/eea2eabaeef16fc8f3a1d61b19c06e9fc8ed942a')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The GEO my WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via shortcodes in versions up to, and including, 4.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5467&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5467]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5467') [MISC]('https://plugins.trac.wordpress.org/browser/geo-my-wp/tags/4.0.1/plugins/single-location/includes/class-gmw-single-location.php#L413') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/a96ac71f-3dae-40eb-9268-d56688a5aa64?source=cve') [MISC]('https://plugins.trac.wordpress.org/browser/geo-my-wp/tags/4.0/plugins/single-location/includes/class-gmw-single-location.php#L401')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Slick Contact Forms plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'dcscf-link' shortcode in versions up to, and including, 1.3.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5468&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5468]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5468') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/22c63226-2bc6-40be-a5d1-1bd169fc78b8?source=cve') [MISC]('https://plugins.trac.wordpress.org/browser/slick-contact-forms/tags/1.3.7/dcwp_slick_contact.php#L71')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Etsy Shop plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'etsy-shop' shortcode in versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5470&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5470]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5470') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/e4696f7a-8b87-4376-b4c9-596eca30b38c?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset/2977260/etsy-shop#file1') [MISC]('https://plugins.trac.wordpress.org/browser/etsy-shop/tags/3.0.4/etsy-shop.php#L94') [MISC]('https://plugins.trac.wordpress.org/browser/etsy-shop/tags/3.0.4/etsy-shop.php#L417')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Profile Extra Fields by BestWebSoft plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the prflxtrflds_export_file function in versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to expose potentially sensitive user data, including data entered into custom fields.[/LEFT][/TD] [TD][CENTER]2023-10-06[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4469&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4469]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4469') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/916c73e8-a150-4b35-8773-ea0ec29f7fd1?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset/2975179/profile-extra-fields')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Embed Calendly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'calendly' shortcode in versions up to, and including, 3.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4995&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4995]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4995') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/d1bf83df-7a1f-4572-9c8d-1013750d51d7?source=cve') [MISC]('https://plugins.trac.wordpress.org/browser/embed-calendly-scheduling/tags/3.6/includes/embed.php#L140')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Hotjar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the hotjar_site_id in versions up to, and including, 1.0.15 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1259&vector=CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-1259]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1259') [MISC]('https://plugins.trac.wordpress.org/browser/hotjar/tags/1.0.14/includes/class-hotjar.php#L40') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/9c640bcb-b6bf-4865-b713-32ca846e4ed9?source=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality. This makes it possible for unauthenticated attackers to delete image lightboxes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-5531&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-5531]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5531') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/055b7ed5-268a-485e-ac7d-8082dc9fb2ad?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=1263536%40wp-responsive-slider-with-lightbox&new=1263536%40wp-responsive-slider-with-lightbox&sfp_email=&sfph_mail=') [MISC]('https://wordpress.org/plugins/wp-responsive-slider-with-lightbox/')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Low Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]fortinet -- forticlient[/LEFT][/TD] [TD][LEFT]An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions, Linux 7.2.0, 7.0 all versions, 6.4 all versions, 6.2 all versions and Mac 7.2.0 through 7.2.1, 7.0 all versions, 6.4 all versions, 6.2 all versions, may allow a local authenticated attacker with no Administrative privileges to retrieve the list of files or folders excluded from malware scanning.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37939&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-37939]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37939') [MISC]('https://fortiguard.com/psirt/FG-IR-22-235')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Severity Not Yet Assigned

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]1e -- 1e_platform [/LEFT][/TD] [TD][LEFT]Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution. Application of the relevant hotfix remediates this issue. for v8.1.2 apply hotfix Q23166 for v8.4.1 apply hotfix Q23164 for v9.0.1 apply hotfix Q23173 SaaS implementations on v23.7.1 will automatically have hotfix Q23173 applied. Customers with SaaS versions below this are urged to upgrade urgently - please contact 1E to arrange this[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45162]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45162') [MISC]('https://www.1e.com/trust-security-compliance/cve-info/')[/TD] [/TR] [TR] [TD][LEFT]70mai -- a500s [/LEFT][/TD] [TD][LEFT]Incorrect access control in 70mai a500s v1.2.119 allows attackers to directly access and delete the video files of the driving recorder through ftp and other protocols.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-43271]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43271') [MISC]('https://github.com/Question-h/vuln/blob/master/70mai_a500s_backdoor.md') [MISC]('https://github.com/Question-h/vuln/blob/master/CVE-2023-43271.md')[/TD] [/TR] [TR] [TD][LEFT]babel -- babel [/LEFT][/TD] [TD][LEFT]Babel is a compiler for writingJavaScript. In [ICODE]@babel/traverse[/ICODE] prior to versions 7.23.2 and 8.0.0-alpha.4 and all versions of [ICODE]babel-traverse[/ICODE], using Babel to compile code that was specifically crafted by an attacker can lead to arbitrary code execution during compilation, when using plugins that rely on the `path.evaluate()`or [ICODE]path.evaluateTruthy()[/ICODE] internal Babel methods. Known affected plugins are [ICODE]@babel/plugin-transform-runtime[/ICODE]; [ICODE]@babel/preset-env[/ICODE] when using its [ICODE]useBuiltIns[/ICODE] option; and any "polyfill provider" plugin that depends on [ICODE]@babel/helper-define-polyfill-provider[/ICODE], such as [ICODE]babel-plugin-polyfill-corejs3[/ICODE], [ICODE]babel-plugin-polyfill-corejs2[/ICODE], [ICODE]babel-plugin-polyfill-es-shims[/ICODE], [ICODE]babel-plugin-polyfill-regenerator[/ICODE]. No other plugins under the [ICODE]@babel/[/ICODE] namespace are impacted, but third-party plugins might be. Users that only compile trusted code are not impacted. The vulnerability has been fixed in [ICODE]@babel/[email protected][/ICODE] and [ICODE]@babel/[email protected][/ICODE]. Those who cannot upgrade [ICODE]@babel/traverse[/ICODE] and are using one of the affected packages mentioned above should upgrade them to their latest version to avoid triggering the vulnerable code path in affected [ICODE]@babel/traverse[/ICODE] versions: [ICODE]@babel/plugin-transform-runtime[/ICODE] v7.23.2, [ICODE]@babel/preset-env[/ICODE] v7.23.2, [ICODE]@babel/helper-define-polyfill-provider[/ICODE] v0.4.3, [ICODE]babel-plugin-polyfill-corejs2[/ICODE] v0.4.6, [ICODE]babel-plugin-polyfill-corejs3[/ICODE] v0.8.5, [ICODE]babel-plugin-polyfill-es-shims[/ICODE] v0.10.0, [ICODE]babel-plugin-polyfill-regenerator[/ICODE] v0.5.3.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45133]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45133') [MISC]('https://github.com/babel/babel/security/advisories/GHSA-67hx-6x53-jw92') [MISC]('https://github.com/babel/babel/pull/16033') [MISC]('https://github.com/babel/babel/releases/tag/v8.0.0-alpha.4') [MISC]('https://github.com/babel/babel/commit/b13376b346946e3f62fc0848c1d2a23223314c82') [MISC]('https://github.com/babel/babel/releases/tag/v7.23.2')[/TD] [/TR] [TR] [TD][LEFT]beyondtrust -- privileged_remote_access [/LEFT][/TD] [TD][LEFT]BeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the secret.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-23632]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23632') [MISC]('https://www.compass-security.com/fileadmin/Research/Advisories/2023_03_CSNC-2022-018_PRA_Privilege_Escalation.txt')[/TD] [/TR] [TR] [TD][LEFT]broadcom -- lsi_pci-sv92ex [/LEFT][/TD] [TD][LEFT]An issue was discovered in Broadcom LSI PCI-SV92EX Soft Modem Kernel Driver through 2.2.100.1 (aka AGRSM64.sys). There is Local Privilege Escalation to SYSTEM via a Stack Overflow in RTLCopyMemory (IOCTL 0x1b2150). An attacker can exploit this to elevate privileges from a medium-integrity process to SYSTEM. This can also be used to bypass kernel-level protections such as AV or PPL, because exploit code runs with high-integrity privileges and can be used in coordinated BYOVD (bring your own vulnerable driver) ransomware campaigns.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-31096]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31096') [MISC]('https://cschwarz1.github.io/posts/0x04/') [MISC]('https://www.broadcom.com')[/TD] [/TR] [TR] [TD][LEFT]cachethq -- cachet [/LEFT][/TD] [TD][LEFT]Cachet, the open-source status page system. Prior to the 2.4 branch, a template functionality which allows users to create templates allows them to execute any code on the server during the bad filtration and old twig version. Commit 6fb043e109d2a262ce3974e863c54e9e5f5e0587 of the 2.4 branch contains a patch for this issue.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-43661]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43661') [MISC]('https://github.com/cachethq/cachet/commit/6fb043e109d2a262ce3974e863c54e9e5f5e0587') [MISC]('https://github.com/cachethq/cachet/security/advisories/GHSA-hv79-p62r-wg3p')[/TD] [/TR] [TR] [TD][LEFT]citrix -- netscaler_adc/gateway [/LEFT][/TD] [TD][LEFT]Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server. [/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4966]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4966') [MISC]('https://support.citrix.com/article/CTX579459')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dap-x1860 [/LEFT][/TD] [TD][LEFT]A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP-X1860 repeater 1.00 through 1.01b05-01 allows attackers (within range of the repeater) to run shell commands as root during the setup process of the repeater, via a crafted SSID. Also, network names containing single quotes (in the range of the repeater) can result in a denial of service.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45208]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45208') [MISC]('https://www.redteam-pentesting.de/en/advisories/rt-sa-2023-006/-d-link-dap-x1860-remote-command-injection')[/TD] [/TR] [TR] [TD][LEFT]dell -- dell_openmanage_server_administrator[/LEFT][/TD] [TD][LEFT]Dell OpenManage Server Administrator, versions 11.0.0.0 and prior, contains an Improper Access Control vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to execute arbitrary code in order to elevate privileges on the system. Exploitation may lead to a complete system compromise.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-43079]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43079') [MISC]('https://www.dell.com/support/kbdoc/en-us/000218469/dsa-2023-367-dell-openmanage-server-administrator-omsa-security-update-for-multiple-vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]delta_electronics -- dvp32es2_plc [/LEFT][/TD] [TD][LEFT]A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. VDB-241582 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5459]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5459') [MISC]('https://drive.google.com/drive/folders/1mUKkl_NPoUENpPUq-pdQQaEEGvKAaIFB') [MISC]('https://vuldb.com/?ctiid.241582') [MISC]('https://vuldb.com/?id.241582')[/TD] [/TR] [TR] [TD][LEFT]devolutions -- server [/LEFT][/TD] [TD][LEFT]Improper access control in PAM propagation scripts in Devolutions Server 2023.2.8.0 and ealier allows an attack with permission to manage PAM propagation scripts to retrieve passwords stored in it via a GET request.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5240]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5240') [MISC]('https://devolutions.net/security/advisories/DEVO-2023-0017')[/TD] [/TR] [TR] [TD][LEFT]digital_agency -- e-gov_client_application_for_windows [/LEFT][/TD] [TD][LEFT]e-Gov Client Application (Windows version) versions prior to 2.1.1.0 and e-Gov Client Application (macOS version) versions prior to 1.1.1.0 are vulnerable to improper authorization in handler for custom URL scheme. A crafted URL may direct the product to access an arbitrary website. As a result, the user may become a victim of a phishing attack.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44689]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44689') [MISC]('https://shinsei.e-gov.go.jp/contents/news/2023-03-12t1022040900_1318.html') [MISC]('https://jvn.jp/en/jp/JVN15808274/')[/TD] [/TR] [TR] [TD][LEFT]eclipse -- jetty [/LEFT][/TD] [TD][LEFT]Eclipse Jetty provides a web server and servlet container. In versions 11.0.0 through 11.0.15, 10.0.0 through 10.0.15, and 9.0.0 through 9.4.52, an integer overflow in [ICODE]MetaDataBuilder.checkSize[/ICODE] allows for HTTP/2 HPACK header values to exceed their size limit. [ICODE]MetaDataBuilder.java[/ICODE] determines if a header name or value exceeds the size limit and throws an exception if the limit is exceeded. However, when length is very large and huffman is true, the multiplication by 4 in line 295 will overflow, and length will become negative. [ICODE](_size+length)[/ICODE] will now be negative, and the check on line 296 will not be triggered. Furthermore, [ICODE]MetaDataBuilder.checkSize[/ICODE] allows for user-entered HPACK header value sizes to be negative, potentially leading to a very large buffer allocation later on when the user-entered size is multiplied by 2. This means that if a user provides a negative length value (or, more precisely, a length value which, when multiplied by the 4/3 fudge factor, is negative), and this length value is a very large positive number when multiplied by 2, then the user can cause a very large buffer to be allocated on the server. Users of HTTP/2 can be impacted by a remote denial of service attack. The issue has been fixed in versions 11.0.16, 10.0.16, and 9.4.53. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36478]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36478') [MISC]('https://github.com/eclipse/jetty.project/pull/9634') [MISC]('https://github.com/eclipse/jetty.project/releases/tag/jetty-11.0.16') [MISC]('https://github.com/eclipse/jetty.project/security/advisories/GHSA-wgh7-54f2-x98r') [MISC]('https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.53.v20231009') [MISC]('https://github.com/eclipse/jetty.project/releases/tag/jetty-10.0.16')[/TD] [/TR] [TR] [TD][LEFT]election_services_co. -- internet_election_service[/LEFT][/TD] [TD][LEFT]Election Services Co. (ESC) Internet Election Service is vulnerable to SQL injection in multiple pages and parameters. These vulnerabilities allow an unauthenticated, remote attacker to read or modify data for any elections that share the same backend database. ESC deactivated older and unused elections and enabled web application firewall (WAF) protection for current and future elections on or around 2023-08-12.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4309]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4309') [MISC]('https://www.electionservicesco.com/pages/services_internet.php') [MISC]('https://schemasecurity.co/private-elections.pdf') [MISC]('https://www.youtube.com/watch?v=yeG1xZkHc64')[/TD] [/TR] [TR] [TD][LEFT]elenos -- etg150 [/LEFT][/TD] [TD][LEFT]An Insecure Direct Object Reference (IDOR) vulnerability leads to events profiles access in Elenos ETG150 FM transmitter running on version 3.12.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45396]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45396') [MISC]('https://github.com/strik3r0x1/Vulns/blob/main/(IDOR)%20leads%20to%20events%20profiles%20access%20-%20Elenos.md')[/TD] [/TR] [TR] [TD][LEFT]erlang -- erlang [/LEFT][/TD] [TD][LEFT]In the mtproto_proxy (aka MTProto proxy) component through 0.7.2 for Erlang, a low-privileged remote attacker can access an improperly secured default installation without authenticating and achieve remote command execution ability.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45312]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45312') [MISC]('https://medium.com/@_sadshade/almost-2000-telegram-proxy-servers-are-potentially-vulnerable-to-rce-since-2018-742a455be16b')[/TD] [/TR] [TR] [TD][LEFT]ethernut -- nut/os [/LEFT][/TD] [TD][LEFT]An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. While the ISN generator seems to adhere to RFC 793 (where a global 32-bit counter is incremented roughly every 4 microseconds), proper ISN generation should aim to follow at least the specifications outlined in RFC 6528.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-27213]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-27213') [MISC]('http://www.ethernut.de/en/download/index.html') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-21-042-01') [MISC]('http://lists.egnite.de/mailman/listinfo/en-nut-announce') [MISC]('https://www.forescout.com/resources/numberjack-weak-isn-generation-in-embedded-tcpip-stacks/')[/TD] [/TR] [TR] [TD][LEFT]farmbot -- farmbot-web-app [/LEFT][/TD] [TD][LEFT]Farmbot-Web-App is a web control interface for the Farmbot farm automation platform. An SQL injection vulnerability was found in FarmBot's web app that allows authenticated attackers to extract arbitrary data from its database (including the user table). This issue may lead to Information Disclosure. This issue has been patched in version 15.8.4. Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45674') [MISC]('https://github.com/FarmBot/Farmbot-Web-App/security/advisories/GHSA-pgq5-ff74-g7xq')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiedr [/LEFT][/TD] [TD][LEFT]A insufficient session expiration in Fortinet FortiEDR version 5.0.0 through 5.0.1 allows attacker to execute unauthorized code or commands via api request[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-33303]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33303') [MISC]('https://fortiguard.com/psirt/FG-IR-23-007')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortisandbox [/LEFT][/TD] [TD][LEFT]A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.1 allows attacker to execute unauthorized code or commands via crafted HTTP requests.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41680]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41680') [MISC]('https://fortiguard.com/psirt/FG-IR-23-311')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortisandbox [/LEFT][/TD] [TD][LEFT]A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.1 allows attacker to execute unauthorized code or commands via crafted HTTP requests.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41681]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41681') [MISC]('https://fortiguard.com/psirt/FG-IR-23-311')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortisandbox [/LEFT][/TD] [TD][LEFT]A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 and 3.2.0 through 3.2.4 and 2.5.0 through 2.5.2 and 2.4.1 and 2.4.0 allows attacker to denial of service via crafted http requests.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41682]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41682') [MISC]('https://fortiguard.com/psirt/FG-IR-23-280')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortisandbox [/LEFT][/TD] [TD][LEFT]An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 through 4.2.4, and 4.0.0 through 4.0.4 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.4 through 3.0.7 allows attacker to execute unauthorized code or commands via crafted HTTP requests.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41836]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41836') [MISC]('https://fortiguard.com/psirt/FG-IR-23-215')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortisandbox [/LEFT][/TD] [TD][LEFT]A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 through 4.2.5 and 4.0.0 through 4.0.3 allows attacker to execute unauthorized code or commands via crafted HTTP requests.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41843]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41843') [MISC]('https://fortiguard.com/psirt/FG-IR-23-273')[/TD] [/TR] [TR] [TD][LEFT]frappe_lms -- frappe_lms [/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Generic in GitHub repository frappe/lms prior to 5614a6203fb7d438be8e2b1e3030e4528d170ec4.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5555]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5555') [MISC]('https://huntr.dev/bounties/f6d688ee-b049-4f85-ac3e-f4d3e29e7b9f') [MISC]('https://github.com/frappe/lms/commit/5614a6203fb7d438be8e2b1e3030e4528d170ec4')[/TD] [/TR] [TR] [TD][LEFT]frappe_lms -- frappe_lms [/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Reflected in GitHub repository structurizr/onpremises prior to 3194.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5556]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5556') [MISC]('https://huntr.dev/bounties/a3ee0f98-6898-41ae-b1bd-242a03a73d1b') [MISC]('https://github.com/structurizr/onpremises/commit/6cff4f792b010dfb1ff6a0b4ae1c6e398f8f8a18')[/TD] [/TR] [TR] [TD][LEFT]froxlor -- froxlor [/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.0.22.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4829]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4829') [MISC]('https://huntr.dev/bounties/babd73ca-6c80-4145-8c7d-33a883fe606b') [MISC]('https://github.com/froxlor/froxlor/commit/4711a414360782fe4fc94f7c25027077cbcdf73d')[/TD] [/TR] [TR] [TD][LEFT]froxlor -- froxlor [/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5564]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5564') [MISC]('https://github.com/froxlor/froxlor/commit/e8ed43056c1665522a586e3485da67f2bdf073aa') [MISC]('https://huntr.dev/bounties/9254d8f3-a847-4ae8-8477-d2ce027cff5c')[/TD] [/TR] [TR] [TD][LEFT]garden-io -- garden [/LEFT][/TD] [TD][LEFT]Garden provides automation for Kubernetes development and testing. Prior tov ersions 0.13.17 and 0.12.65, Garden has a dependency on the cryo library, which is vulnerable to code injection due to an insecure implementation of deserialization. Garden stores serialized objects using cryo in the Kubernetes [ICODE]ConfigMap[/ICODE] resources prefixed with [ICODE]test-result[/ICODE] and [ICODE]run-result[/ICODE] to cache Garden test and run results. These [ICODE]ConfigMaps[/ICODE] are stored either in the [ICODE]garden-system[/ICODE] namespace or the configured user namespace. When a user invokes the command [ICODE]garden test[/ICODE] or [ICODE]garden run[/ICODE] objects stored in the [ICODE]ConfigMap[/ICODE] are retrieved and deserialized. This can be used by an attacker with access to the Kubernetes cluster to store malicious objects in the [ICODE]ConfigMap[/ICODE], which can trigger a remote code execution on the users machine when cryo deserializes the object. In order to exploit this vulnerability, an attacker must have access to the Kubernetes cluster used to deploy garden remote environments. Further, a user must actively invoke either a [ICODE]garden test[/ICODE] or [ICODE]garden run[/ICODE] which has previously cached results. The issue has been patched in Garden versions [ICODE]0.13.17[/ICODE] (Bonsai) and [ICODE]0.12.65[/ICODE] (Acorn). Only Garden versions prior to these are vulnerable. No known workarounds are available.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44392]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44392') [MISC]('https://github.com/garden-io/garden/commit/3117964da40d3114f129a6131b4ada89eaa4eb8c') [MISC]('https://github.com/garden-io/garden/security/advisories/GHSA-hm75-6vc9-8rpr')[/TD] [/TR] [TR] [TD][LEFT]go_standard_library -- net/http [/LEFT][/TD] [TD][LEFT]A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39325]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39325') [MISC]('https://go.dev/issue/63417') [MISC]('https://go.dev/cl/534235') [MISC]('https://go.dev/cl/534215') [MISC]('https://pkg.go.dev/vuln/GO-2023-2102') [MISC]('https://groups.google.com/g/golang-announce/c/iNNxDTCjZvo/m/UDd7VKQuAAAJ')[/TD] [/TR] [TR] [TD][LEFT]google -- android [/LEFT][/TD] [TD][LEFT]In several functions of Exynos modem files, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-35649]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35649') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android [/LEFT][/TD] [TD][LEFT]In lwis_transaction_client_cleanup of lwis_transaction.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-35660]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35660') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android [/LEFT][/TD] [TD][LEFT]In ProfSixDecomTcpSACKoption of RohcPacketCommon.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-35661]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35661') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android [/LEFT][/TD] [TD][LEFT]There is a possible out of bounds write due to buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-35662]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35662') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android [/LEFT][/TD] [TD][LEFT]There is a possible use-after-free write due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3781]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3781') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android [/LEFT][/TD] [TD][LEFT]In temp_residency_name_store of thermal_metrics.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40141]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40141') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android [/LEFT][/TD] [TD][LEFT]In TBD of TBD, there is a possible way to bypass carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40142]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40142') [MISC]('https://source.android.com/security/bulletin/pixel/2023-10-01')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac [/LEFT][/TD] [TD][LEFT]An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via the Q_DecCoordOnUnitSphere function of file src/bifs/unquantize.c.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-42298]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42298') [MISC]('https://github.com/gpac/gpac/issues/2567')[/TD] [/TR] [TR] [TD][LEFT]granding_utime_master -- granding_utime_master [/LEFT][/TD] [TD][LEFT]A stored cross-site scripting (XSS) vulnerability in the Create A New Employee function of Granding UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the First Name parameter.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45391]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45391') [MISC]('https://the-it-wonders.blogspot.com/2023/10/granding-utime-master-stored-xss.html')[/TD] [/TR] [TR] [TD][LEFT]granding_utime_master -- granding_utime_master [/LEFT][/TD] [TD][LEFT]An indirect object reference (IDOR) in GRANDING UTime Master v9.0.7-Build:Apr 4,2023 allows authenticated attackers to access sensitive information via a crafted cookie.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45393]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45393') [MISC]('https://the-it-wonders.blogspot.com/2023/10/granding-utime-master-idor.html')[/TD] [/TR] [TR] [TD][LEFT]hcl_software -- bigfix_insights_for_vulnerability_remediation[/LEFT][/TD] [TD][LEFT]BigFix Insights for Vulnerability Remediation (IVR) uses weak cryptography that can lead to credential exposure. An attacker could gain access to sensitive information, modify data in unexpected ways, etc.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-44757]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44757') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108005')[/TD] [/TR] [TR] [TD][LEFT]hcl_software -- bigfix_insights_for_vulnerability_remediation[/LEFT][/TD] [TD][LEFT]BigFix Insights/IVR fixlet uses improper credential handling within certain fixlet content. An attacker can gain access to information that is not explicitly authorized.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-44758]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44758') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108005')[/TD] [/TR] [TR] [TD][LEFT]hcl_software -- bigfix_patch_management[/LEFT][/TD] [TD][LEFT]Certain credentials within the BigFix Patch Management Download Plug-ins are stored insecurely and could be exposed to a local privileged user.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-42451]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-42451') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108007')[/TD] [/TR] [TR] [TD][LEFT]hcl_software -- bigfix_platform [/LEFT][/TD] [TD][LEFT]An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37536]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37536') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107791')[/TD] [/TR] [TR] [TD][LEFT]hcl_software -- digital_experience [/LEFT][/TD] [TD][LEFT]HCL Digital Experience is susceptible to cross site scripting (XSS). One subcomponent is vulnerable to reflected XSS. In reflected XSS, an attacker must induce a victim to click on a crafted URL from some delivery mechanism (email, other web site).[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37538]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37538') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0108006')[/TD] [/TR] [TR] [TD][LEFT]hestiacp -- hestiacp [/LEFT][/TD] [TD][LEFT]Cross-site Scripting (XSS) - Stored in GitHub repository hestiacp/hestiacp prior to 1.8.6.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4517]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4517') [MISC]('https://github.com/hestiacp/hestiacp/commit/d30e3edbca5915235643e46ab222cb7aed9b319a') [MISC]('https://huntr.dev/bounties/508d1d21-c45d-47ff-833f-50c671882e51')[/TD] [/TR] [TR] [TD][LEFT]hp_inc. -- hp_displays [/LEFT][/TD] [TD][LEFT]A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitor's Theft Deterrence to be deactivated.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5449]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5449') [MISC]('https://support.hp.com/us-en/document/ish_9438665-9438794-16')[/TD] [/TR] [TR] [TD][LEFT]hp_inc. -- hp_life_android_mobile [/LEFT][/TD] [TD][LEFT]HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5409]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5409') [MISC]('https://support.hp.com/us-en/document/ish_9441200-9441233-16')[/TD] [/TR] [TR] [TD][LEFT]hp_inc. -- hp_thinupdate [/LEFT][/TD] [TD][LEFT]A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4499') [MISC]('https://support.hp.com/us-en/document/ish_9440593-9440618-16')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Parameter verification vulnerability in the window module.Successful exploitation of this vulnerability may cause the size of an app window to be adjusted to that of a floating window.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41304]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41304') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Vulnerability of package names' public keys not being verified in the security module.Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44093]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44093') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Type confusion vulnerability in the distributed file module.Successful exploitation of this vulnerability may cause the device to restart.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44094]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44094') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Use-After-Free (UAF) vulnerability in the surfaceflinger module.Successful exploitation of this vulnerability can cause system crash.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44095]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44095') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Vulnerability of brute-force attacks on the device authentication module.Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44096]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44096') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Vulnerability of the permission to access device SNs being improperly managed.Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44097]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44097') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Broadcast permission control vulnerability in the Bluetooth module. Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44100]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44100') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]The Bluetooth module has a vulnerability in permission control for broadcast notifications.Successful exploitation of this vulnerability may affect confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44101]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44101') [MISC]('https://https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability can cause the Bluetooth function to be unavailable.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44102]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44102') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Out-of-bounds read vulnerability in the Bluetooth module. Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44103]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44103') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44104]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44104') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Clone vulnerability in the huks ta module.Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44109]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44109') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]huawei -- harmonyos [/LEFT][/TD] [TD][LEFT]Vulnerability of brute-force attacks on the device authentication module. Successful exploitation of this vulnerability may affect service confidentiality.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44111]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44111') [MISC]('https://consumer.huawei.com/en/support/bulletin/2023/10/') [MISC]('https://device.harmonyos.com/en/docs/security/update/security-bulletins-202310-0000001663676540')[/TD] [/TR] [TR] [TD][LEFT]ibm -- app_connect_enterprise [/LEFT][/TD] [TD][LEFT]IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40682]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40682') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/263833') [MISC]('https://www.ibm.com/support/pages/node/7051204')[/TD] [/TR] [TR] [TD][LEFT]ibm -- app_connect_enterprise [/LEFT][/TD] [TD][LEFT]IBM App Connect Enterprise 11.0.0.1 through 11.0.0.23, 12.0.1.0 through 12.0.10.0 and IBM Integration Bus 10.1 through 10.1.0.1 are vulnerable to a denial of service for integration nodes on Windows. IBM X-Force ID: 247998.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45176]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45176') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/267998') [MISC]('https://www.ibm.com/support/pages/node/7051448')[/TD] [/TR] [TR] [TD][LEFT]ibm -- cloud_pak_for_business_automation [/LEFT][/TD] [TD][LEFT]IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 258349.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-35024]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35024') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/258349') [MISC]('https://www.ibm.com/support/pages/node/7047198')[/TD] [/TR] [TR] [TD][LEFT]ibm -- qradar_siem [/LEFT][/TD] [TD][LEFT]IBM QRadar SIEM 7.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 254138[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-30994]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30994') [MISC]('https://www.ibm.com/support/pages/node/7049133') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/254138')[/TD] [/TR] [TR] [TD][LEFT]ibm -- qradar_siem [/LEFT][/TD] [TD][LEFT]IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 263376.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40367]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40367') [MISC]('https://www.ibm.com/support/pages/node/7049133') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/263376')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_directory_server[/LEFT][/TD] [TD][LEFT]IBM Security Directory Server 6.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 228505.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-32755]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32755') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/228505') [MISC]('https://www.ibm.com/support/pages/node/7047428')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_directory_server[/LEFT][/TD] [TD][LEFT]IBM Security Directory Server 6.4.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. X-Force ID: 228569.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-33161]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33161') [MISC]('https://www.ibm.com/support/pages/node/7047428') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/228569') [MISC]('https://www.ibm.com/support/pages/node/7047116')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_directory_server[/LEFT][/TD] [TD][LEFT]IBM Security Directory Server 6.4.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 228582.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-33165]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33165') [MISC]('https://www.ibm.com/support/pages/node/7047428') [MISC]('https://www.ibm.com/support/pages/node/7047116') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/228582')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_verify_access[/LEFT][/TD] [TD][LEFT]IBM Security Verify Access OIDC Provider could allow a remote user to cause a denial of service due to uncontrolled resource consumption. IBM X-Force ID: 238921.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-43740]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43740') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/238921') [MISC]('https://www.ibm.com/support/pages/node/7028513')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_verify_access[/LEFT][/TD] [TD][LEFT]IBM Security Verify Access OIDC Provider could disclose directory information that could aid attackers in further attacks against the system. IBM X-Force ID: 239445.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-43868]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43868') [MISC]('https://www.ibm.com/support/pages/node/7028513') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/239445')[/TD] [/TR] [TR] [TD][LEFT]icecms -- icecms [/LEFT][/TD] [TD][LEFT]An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker to gain privileges via the Id and key parameters in getCosSetting.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40833]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40833') [MISC]('https://gist.github.com/Sholway/93f05987dbf35c15c26de32b1e5590ec')[/TD] [/TR] [TR] [TD][LEFT]inspect_element_ltd. -- echo.ac [/LEFT][/TD] [TD][LEFT]An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a local attacker to gain privileges via a crafted command to the echo_driver.sys component. NOTE: the vendor's position is that the reported ability for user-mode applications to execute code as NT AUTHORITY\SYSTEM was "deactivated by Microsoft itself."[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38817]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38817') [MISC]('https://ioctl.fail/echo-ac-writeup/')[/TD] [/TR] [TR] [TD][LEFT]json-java -- json-java [/LEFT][/TD] [TD][LEFT]Denial of Service in JSON-Java versions up to and including 20230618. A bug in the parser means that an input string of modest size can lead to indefinite amounts of memory being used. [/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5072]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5072') [MISC]('https://github.com/stleary/JSON-java/issues/771') [MISC]('https://github.com/stleary/JSON-java/issues/758')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). PTX3000, PTX5000, QFX10000, PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs do not support certain flow-routes. Once a flow-route is received over an established BGP session and an attempt is made to install the resulting filter into the PFE, FPC heap memory is leaked. The FPC heap memory can be monitored using the CLI command "show chassis fpc". The following syslog messages can be observed if the respective filter derived from a flow-route cannot be installed. expr_dfw_sfm_range_add:661 SFM packet-length Unable to get a sfm entry for updating the hw expr_dfw_hw_sfm_add:750 Unable to add the filter secondarymatch to the hardware expr_dfw_base_hw_add:52 Failed to add h/w sfm data. expr_dfw_base_hw_create:114 Failed to add h/w data. expr_dfw_base_pfe_inst_create:241 Failed to create base inst for sfilter 0 on PFE 0 for [B]flowspec_default_inet[/B] expr_dfw_flt_inst_change:1368 Failed to create [B]flowspec_default_inet[/B] on PFE 0 expr_dfw_hw_pgm_fnum:465 dfw_pfe_inst_old not found for pfe_index 0! expr_dfw_bp_pgm_flt_num:548 Failed to pgm bind-point in hw: generic failure expr_dfw_bp_topo_handler:1102 Failed to program fnum. expr_dfw_entry_process_change:679 Failed to change instance for filter [B]flowspec_default_inet[/B]. This issue affects Juniper Networks Junos OS: on PTX1000, PTX10002, and PTX10004, PTX10008 and PTX10016 with LC110x FPCs: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S2; * 21.3 versions prior to 21.3R3; * 21.4 versions prior to 21.4R2-S2, 21.4R3; * 22.1 versions prior to 22.1R1-S2, 22.1R2. on PTX3000, PTX5000, QFX10000: * All versions prior to 20.4R3-S8; * 21.1 version 21.1R1 and later versions; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3 * 22.2 versions prior to 22.2R3-S1 * 22.3 versions prior to 22.3R2-S2, 22.3R3 * 22.4 versions prior to 22.4R2.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-22392]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-22392') [MISC]('https://supportportal.juniper.net/JSA70188')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated network-based attacker to cause an infinite loop, resulting in a Denial of Service (DoS). An attacker who sends malformed TCP traffic via an interface configured with PPPoE, causes an infinite loop on the respective PFE. This results in consuming all resources and a manual restart is needed to recover. This issue affects interfaces with PPPoE configured and tcp-mss enabled. This issue affects Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.1 version 21.1R1 and later versions; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R2-S2; * 22.4 versions prior to 22.4R2.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36841]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36841') [MISC]('https://supportportal.juniper.net/JSA73172')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improper Handling of Inconsistent Special Elements vulnerability in the Junos Services Framework (jsf) module of Juniper Networks Junos OS allows an unauthenticated network-based attacker to cause a crash in the Packet Forwarding Engine (pfe) and thereby resulting in a Denial of Service (DoS). Upon receiving malformed SSL traffic, the PFE crashes. A manual restart will be needed to recover the device. This issue only affects devices with Juniper Networks Advanced Threat Prevention (ATP) Cloud enabled with Encrypted Traffic Insights (configured via 'security-metadata-streaming policy'). This issue affects Juniper Networks Junos OS: * All versions prior to 20.4R3-S8, 20.4R3-S9; * 21.1 version 21.1R1 and later versions; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3;[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36843]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36843') [MISC]('https://supportportal.juniper.net/JSA73174')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44176]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44176') [MISC]('https://supportportal.juniper.net/JSA73140')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos OS allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 20.4 versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1; * 23.2 versions prior to 23.2R2.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44178]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44178') [MISC]('https://supportportal.juniper.net/JSA73140')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improperly Implemented Security Check for Standard vulnerability in storm control of Juniper Networks Junos OS QFX5k devices allows packets to be punted to ARP queue causing a l2 loop resulting in a DDOS violations and DDOS syslog. This issue is triggered when Storm control is enabled and ICMPv6 packets are present on device. This issue affects Juniper Networks: Junos OS * All versions prior to 20.2R3-S6 on QFX5k; * 20.3 versions prior to 20.3R3-S5 on QFX5k; * 20.4 versions prior to 20.4R3-S5 on QFX5k; * 21.1 versions prior to 21.1R3-S4 on QFX5k; * 21.2 versions prior to 21.2R3-S3 on QFX5k; * 21.3 versions prior to 21.3R3-S2 on QFX5k; * 21.4 versions prior to 21.4R3 on QFX5k; * 22.1 versions prior to 22.1R3 on QFX5k; * 22.2 versions prior to 22.2R2 on QFX5k.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44181]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44181') [MISC]('https://www.juniper.net/documentation/us/en/software/junos/security-services/topics/task/rate-limiting-storm-control-disabling-cli-els.html') [MISC]('https://supportportal.juniper.net/JSA73145')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improper Input Validation vulnerability in the VxLAN packet forwarding engine (PFE) of Juniper Networks Junos OS on QFX5000 Series, EX4600 Series devices allows an unauthenticated, adjacent attacker, sending two or more genuine packets in the same VxLAN topology to possibly cause a DMA memory leak to occur under various specific operational conditions. The scenario described here is the worst-case scenario. There are other scenarios that require operator action to occur. An indicator of compromise may be seen when multiple devices indicate that FPC0 has gone missing when issuing a show chassis fpc command for about 10 to 20 minutes, and a number of interfaces have also gone missing. Use the following command to determine if FPC0 has gone missing from the device. show chassis fpc detail This issue affects: Juniper Networks Junos OS on QFX5000 Series, EX4600 Series: * 18.4 version 18.4R2 and later versions prior to 20.4R3-S8; * 21.1 version 21.1R1 and later versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44183]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44183') [MISC]('https://supportportal.juniper.net/JSA73148') [MISC]('https://www.juniper.net/documentation/us/en/software/junos/evpn-vxlan/topics/topic-map/sdn-vxlan.html') [MISC]('https://www.juniper.net/documentation/us/en/software/junos/multicast-l2/topics/topic-map/redundant-trunk-groups.html')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]A Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in telemetry processing of Juniper Networks Junos OS allows a network-based authenticated attacker to flood the system with multiple telemetry requests, causing the Junos Kernel Debugging Streaming Daemon (jkdsd) process to crash, leading to a Denial of Service (DoS). Continued receipt and processing of telemetry requests will repeatedly crash the jkdsd process and sustain the Denial of Service (DoS) condition. This issue is seen on all Junos platforms. The crash is triggered when multiple telemetry requests come from different collectors. As the load increases, the Dynamic Rendering Daemon (drend) decides to defer processing and continue later, which results in a timing issue accessing stale memory, causing the jkdsd process to crash and restart. This issue affects: Juniper Networks Junos OS: * 20.4 versions prior to 20.4R3-S9; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S1, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S2, 22.4R3; * 23.1 versions prior to 23.1R2; * 23.2 versions prior to 23.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.4R1.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44188]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44188') [MISC]('https://supportportal.juniper.net/JSA73152')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Allocation of Resources Without Limits or Throttling vulnerability in Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS QFX5000 Series and EX4000 Series platforms, when a high number of VLANs are configured, a specific DHCP packet will cause PFE hogging which will lead to dropping of socket connections. This issue affects: Juniper Networks Junos OS on QFX5000 Series and EX4000 Series * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2. This issue does not affect Juniper Networks Junos OS versions prior to 21.1R1[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44191]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44191') [MISC]('https://supportportal.juniper.net/JSA73155')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improper Input Validation vulnerability in the Packet Forwarding Engine of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause memory leak, leading to Denial of Service (DoS). On all Junos OS QFX5000 Series platforms, when pseudo-VTEP (Virtual Tunnel End Point) is configured under EVPN-VXLAN scenario, and specific DHCP packets are transmitted, DMA memory leak is observed. Continuous receipt of these specific DHCP packets will cause memory leak to reach 99% and then cause the protocols to stop working and traffic is impacted, leading to Denial of Service (DoS) condition. A manual reboot of the system recovers from the memory leak. To confirm the memory leak, monitor for "sheaf:possible leak" and "vtep not found" messages in the logs. This issue affects: Juniper Networks Junos OS QFX5000 Series: * All versions prior to 20.4R3-S6; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R2-S2, 22.2R3; * 22.3 versions prior to 22.3R2-S1, 22.3R3; * 22.4 versions prior to 22.4R1-S2, 22.4R2.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44192]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44192') [MISC]('https://supportportal.juniper.net/JSA73156')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improper Release of Memory Before Removing Last Reference vulnerability in Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows a local, low privileged attacker to cause an FPC crash, leading to Denial of Service (DoS). On all Junos MX Series with MPC1 - MPC9, LC480, LC2101, MX10003, and MX80, when Connectivity-Fault-Management (CFM) is enabled in a VPLS scenario, and a specific LDP related command is run, an FPC will crash and reboot. Continued execution of this specific LDP command can lead to sustained Denial of Service condition. This issue affects: Juniper Networks Junos OS on MX Series: * All versions prior to 20.4R3-S7; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S1; * 22.2 versions prior to 22.2R2-S1, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44193]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44193') [MISC]('https://supportportal.juniper.net/JSA73157')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Incorrect Default Permissions vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker with local access to the device to create a backdoor with root privileges. The issue is caused by improper directory permissions on a certain system directory, allowing an attacker with access to this directory to create a backdoor with root privileges. This issue affects Juniper Networks Junos OS: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S3; * 21.4 versions prior to 21.4R3-S1.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44194]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44194') [MISC]('https://supportportal.juniper.net/JSA73158')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improper Check for Unusual or Exceptional Conditions vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated network-based attacker to cause an integrity impact in connected networks. If the SIP ALG is configured and a device receives a specifically malformed SIP packet, the device prevents this packet from being forwarded, but any subsequently received retransmissions of the same packet are forwarded as if they were valid. This issue affects Juniper Networks Junos OS on SRX Series and MX Series: * 20.4 versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S4; * 21.3 versions prior to 21.3R3-S3; * 21.4 versions prior to 21.4R3-S2; * 22.1 versions prior to 22.1R2-S2, 22.1R3; * 22.2 versions prior to 22.2R2-S1, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2. This issue doesn't not affected releases prior to 20.4R1.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44198]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44198') [MISC]('https://supportportal.juniper.net/JSA73164')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On Junos MX Series platforms with Precision Time Protocol (PTP) configured, a prolonged routing protocol churn can lead to an FPC crash and restart. This issue affects Juniper Networks Junos OS on MX Series: * All versions prior to 20.4R3-S4; * 21.1 version 21.1R1 and later versions; * 21.2 versions prior to 21.2R3-S2; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3; * 22.1 versions prior to 22.1R3; * 22.2 versions prior to 22.2R1-S1, 22.2R2.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44199]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44199') [MISC]('https://supportportal.juniper.net/JSA73165')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os [/LEFT][/TD] [TD][LEFT]An Improper Check or Handling of Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600 allows a adjacent attacker to send specific traffic, which leads to packet flooding, resulting in a Denial of Service (DoS). When a specific IGMP packet is received in an isolated VLAN, it is duplicated to all other ports under the primary VLAN, which causes a flood. This issue affects QFX5000 series, EX2300, EX3400, EX4100, EX4400 and EX4600 platforms only. This issue affects Juniper Junos OS on on QFX5000 Series, EX2300, EX3400, EX4100, EX4400 and EX4600: * All versions prior to 20.4R3-S5; * 21.1 versions prior to 21.1R3-S4; * 21.2 versions prior to 21.2R3-S3; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S2; * 22.1 versions prior to 22.1R3; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R2.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44203]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44203') [MISC]('https://supportportal.juniper.net/JSA73169')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os/junos_evo [/LEFT][/TD] [TD][LEFT]A Stack-based Buffer Overflow vulnerability in the CLI command of Juniper Networks Junos and Junos EVO allows a low privileged attacker to execute a specific CLI commands leading to Denial of Service. Repeated actions by the attacker will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions prior to 19.1R3-S10; * 19.2 versions prior to 19.2R3-S7; * 19.3 versions prior to 19.3R3-S8; * 19.4 versions prior to 19.4R3-S12; * 20.2 versions prior to 20.2R3-S8; * 20.4 versions prior to 20.4R3-S8; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S1; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R2. Junos OS Evolved: * All versions prior to 20.4R3-S8-EVO; * 21.2 versions prior to 21.2R3-S6-EVO; * 21.3 versions prior to 21.3R3-S5-EVO; * 21.4 versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 versions prior to 22.2R3-S1-EVO; * 22.3 versions prior to 22.3R3-EVO; * 22.4 versions prior to 22.4R2-EVO.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44177]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44177') [MISC]('https://supportportal.juniper.net/JSA73140')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os/os_evolved [/LEFT][/TD] [TD][LEFT]An Improper Validation of Specified Quantity in Input vulnerability in the Layer-2 control protocols daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated adjacent attacker who sends specific LLDP packets to cause a Denial of Service (DoS). This issue occurs when specific LLDP packets are received, and telemetry polling is being done on the device. The impact of the l2cpd crash is reinitialization of STP protocols (RSTP, MSTP or VSTP), and MVRP and ERP. Also, if any services depend on LLDP state (like PoE or VoIP device recognition), then these will also be affected. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S8; * 21.1 version 21.1R1 and later versions; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R2-S2; * 22.4 versions prior to 22.4R2; Juniper Networks Junos OS Evolved * All versions prior to 20.4R3-S8-EVO; * 21.1 version 21.1R1-EVO and later versions; * 21.2 versions prior to 21.2R3-S5-EVO; * 21.3 versions prior to 21.3R3-S4-EVO; * 21.4 versions prior to 21.4R3-S3-EVO; * 22.1 versions prior to 22.1R3-S2-EVO; * 22.2 versions prior to 22.2R3-EVO; * 22.3 versions prior to 22.3R2-S2-EVO; * 22.4 versions prior to 22.4R1-S1-EVO;[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36839]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36839') [MISC]('https://supportportal.juniper.net/JSA73171')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os/os_evolved [/LEFT][/TD] [TD][LEFT]A Reachable Assertion vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows to send specific genuine PIM packets to the device resulting in rpd to crash causing a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. Note: This issue is not noticed when all the devices in the network are Juniper devices. This issue affects Juniper Networks: Junos OS: * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R3; * 22.4 versions prior to 22.4R3. Junos OS Evolved: * All versions prior to 22.3R3-EVO; * 22.4-EVO versions prior to 22.4R3-EVO; * 23.2-EVO versions prior to 23.2R1-EVO.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44175]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44175') [MISC]('https://supportportal.juniper.net/JSA73141')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os/os_evolved [/LEFT][/TD] [TD][LEFT]An Unchecked Return Value vulnerability in the user interfaces to the Juniper Networks Junos OS and Junos OS Evolved, the CLI, the XML API, the XML Management Protocol, the NETCONF Management Protocol, the gNMI interfaces, and the J-Web User Interfaces causes unintended effects such as demotion or elevation of privileges associated with an operator's actions to occur. Multiple scenarios may occur; for example: privilege escalation over the device or another account, access to files that should not otherwise be accessible, files not being accessible where they should be accessible, code expected to run as non-root may run as root, and so forth. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.1 versions prior to 21.1R3-S5; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S4; * 21.4 versions prior to 21.4R3-S3; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R2-S2, 22.2R3; * 22.3 versions prior to 22.3R1-S2, 22.3R2. Juniper Networks Junos OS Evolved * All versions prior to 21.4R3-S3-EVO; * 22.1-EVO version 22.1R1-EVO and later versions prior to 22.2R2-S2-EVO, 22.2R3-EVO; * 22.3-EVO versions prior to 22.3R1-S2-EVO, 22.3R2-EVO.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44182]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44182') [MISC]('https://supportportal.juniper.net/JSA73149') [MISC]('https://www.juniper.net/documentation/en_US/junos/topics/concept/junos-software-user-interfaces-overview.html') [MISC]('https://www.juniper.net/documentation/us/en/software/junos/interfaces-telemetry/topics/concept/junos-telemetry-interface-grpc-sensors.html')[/TD] [/TR] [TR] [TD][LEFT]juniper_networks -- junos_os/os_evolved [/LEFT][/TD] [TD][LEFT]An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the management daemon (mgd) process of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated low-privileged attacker, by executing a specific command via NETCONF, to cause a CPU Denial of Service to the device's control plane. This issue affects: Juniper Networks Junos OS * All versions prior to 20.4R3-S7; * 21.2 versions prior to 21.2R3-S5; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S2; * 22.2 versions prior to 22.2R3; * 22.3 versions prior to 22.3R2-S1, 22.3R3; * 22.4 versions prior to 22.4R1-S2, 22.4R2. Juniper Networks Junos OS Evolved * All versions prior to 21.4R3-S4-EVO; * 22.1 versions prior to 22.1R3-S2-EVO; * 22.2 versions prior to 22.2R3-EVO; * 22.3 versions prior to 22.3R3-EVO; * 22.4 versions prior to 22.4R2-EVO. An indicator of compromise can be seen by first determining if the NETCONF client is logged in and fails to log out after a reasonable period of time and secondly reviewing the WCPU percentage for the mgd process by running the following command: mgd process example: user@device-re#> show system processes extensive | match "mgd|PID" | except last PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 92476 root 100 0 500M 89024K CPU3 3 57.5H 89.60% mgd <<<<<<<<< leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-242143. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5578]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5578') [MISC]('https://vuldb.com/?ctiid.242143') [MISC]('https://vuldb.com/?id.242143')[/TD] [/TR] [TR] [TD][LEFT]prestashop -- prestashop [/LEFT][/TD] [TD][LEFT]Multiple improper neutralization of SQL parameters in module AfterMail (aftermailpresta) for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection attacks via [ICODE]id_customer[/ICODE], [ICODE]id_conf[/ICODE], [ICODE]id_product[/ICODE] and [ICODE]token[/ICODE] parameters in `aftermailajax.php via the 'id_product' parameter in hooks DisplayRightColumnProduct and DisplayProductButtons.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-30154]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30154') [MISC]('https://security.friendsofpresta.org/modules/2023/10/10/aftermailpresta.html')[/TD] [/TR] [TR] [TD][LEFT]qbittorrent -- qbittorrent_client [/LEFT][/TD] [TD][LEFT]All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and execute arbitrary operating system commands using the "external program" feature in the web user interface. This was reportedly exploited in the wild in March 2023.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-30801]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30801') [MISC]('https://vulncheck.com/advisories/qbittorrent-default-creds') [MISC]('https://github.com/qbittorrent/qBittorrent/issues/18731')[/TD] [/TR] [TR] [TD][LEFT]qdPM -- qdPM [/LEFT][/TD] [TD][LEFT]qdPM 9.2 allows Directory Traversal to list files and directories by navigating to the /uploads URI.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45855]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45855') [MISC]('https://github.com/SunshineOtaku/Report-CVE/blob/main/qdPM/9.2/Directory%20Traversal.md') [MISC]('https://qdpm.net')[/TD] [/TR] [TR] [TD][LEFT]qdPM -- qdPM [/LEFT][/TD] [TD][LEFT]qdPM 9.2 allows remote code execution by using the Add Attachments feature of Edit Project to upload a .php file to the /uploads URI.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45856]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45856') [MISC]('https://github.com/SunshineOtaku/Report-CVE/blob/main/qdPM/9.2/RCE.md') [MISC]('https://qdpm.net')[/TD] [/TR] [TR] [TD][LEFT]qdocs -- smart_school [/LEFT][/TD] [TD][LEFT]A vulnerability was found in QDocs Smart School 6.4.1. It has been classified as critical. This affects an unknown part of the file /course/filterRecords/ of the component HTTP POST Request Handler. The manipulation of the argument searchdata[0][title]/searchdata[0][searchfield]/searchdata[0][searchvalue] leads to sql injection. It is possible to initiate the attack remotely. The associated identifier of this vulnerability is VDB-241647. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5495]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5495') [MISC]('https://vuldb.com/?id.241647') [MISC]('https://vuldb.com/?ctiid.241647') [MISC]('http://packetstormsecurity.com/files/175071/Smart-School-6.4.1-SQL-Injection.html')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- container_station [/LEFT][/TD] [TD][LEFT]An OS command injection vulnerability has been reported to affect Container Station. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following version: Container Station 2.6.7.44 and later[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32976]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32976') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-44')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- multiple_products [/LEFT][/TD] [TD][LEFT]A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to launch a denial-of-service (DoS) attack via a network. QES is not affected. We have already fixed the vulnerability in the following versions: QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2453 build 20230708 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32970]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32970') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-41')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- multiple_products [/LEFT][/TD] [TD][LEFT]A path traversal vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to read the contents of unexpected files and expose sensitive data via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.0.2444 build 20230629 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTScloud c5.1.0.2498 and later[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32974]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32974') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-42')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- qts [/LEFT][/TD] [TD][LEFT]A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h4.5.4.2476 build 20230728 and later QuTScloud c5.1.0.2498 and later[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32973]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32973') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-41')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- video_station [/LEFT][/TD] [TD][LEFT]A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34975]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34975') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-52')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- video_station [/LEFT][/TD] [TD][LEFT]A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.0 ( 2023/07/27 ) and later[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34976]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34976') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-52')[/TD] [/TR] [TR] [TD][LEFT]rockwell_automation -- factorytalk_linx [/LEFT][/TD] [TD][LEFT]FactoryTalk Linx, in the Rockwell Automation PanelView Plus, allows an unauthenticated threat actor to read data from memory via crafted malicious packets. Sending a size larger than the buffer size results in leakage of data from memory resulting in an information disclosure. If the size is large enough, it causes communications over the common industrial protocol to become unresponsive to any type of packet, resulting in a denial-of-service to FactoryTalk Linx over the common industrial protocol.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-29464]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29464') [MISC]('https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1141040')[/TD] [/TR] [TR] [TD][LEFT]sandbox -- sandbox [/LEFT][/TD] [TD][LEFT]A vulnerability was found in yhz66 Sandbox 6.1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /im/user/ of the component User Data Handler. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-242144.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5579]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5579') [MISC]('https://vuldb.com/?ctiid.242144') [MISC]('https://vuldb.com/?id.242144') [MISC]('https://github.com/cojoben/Sendbox/blob/main/README.md')[/TD] [/TR] [TR] [TD][LEFT]sap_se -- sap_netweaver_as_java [/LEFT][/TD] [TD][LEFT]SAP NetWeaver AS Java (GRMG Heartbeat application) - version 7.50, allows an attacker to send a crafted request from a vulnerable web application, causing limited impact on confidentiality and integrity of the application.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-42477]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42477') [MISC]('https://me.sap.com/notes/3333426') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]shenzhen_reachfar_technology_company_limited -- shenzhen_reachfar_v28 [/LEFT][/TD] [TD][LEFT]Information exposure vulnerability in Shenzhen Reachfar v28, the exploitation of which could allow a remote attacker to retrieve all the week's logs stored in the 'log2' directory. An attacker could retrieve sensitive information such as remembered wifi networks, sent messages, SOS device locations and device configurations.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5499') [MISC]('https://www.incibe.es/en/incibe-cert/notices/aviso/shenzhen-reachfar-v28-information-exposure')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn[/LEFT][/TD] [TD][LEFT]An integer underflow vulnerability exists in the vpnserver OvsProcessData functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-22308]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-22308') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1737')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn[/LEFT][/TD] [TD][LEFT]A denial of service vulnerability exists in the DCRegister DDNS_RPC_MAX_RECV_SIZE functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-22325]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-22325') [MISC]('https://www.softether.org/9-about/News/904-SEVPN202301') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1736')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn[/LEFT][/TD] [TD][LEFT]A denial-of-service vulnerability exists in the vpnserver EnSafeHttpHeaderValueStr functionality of SoftEther VPN 5.01.9674 and 5.02. A specially crafted network packet can lead to denial of service.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-23581]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23581') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1741')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn[/LEFT][/TD] [TD][LEFT]A denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of SoftEther VPN 5.02. A set of specially crafted network connections can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-25774]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25774') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1743')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn[/LEFT][/TD] [TD][LEFT]An information disclosure vulnerability exists in the ClientConnect() functionality of SoftEther VPN 5.01.9674. A specially crafted network packet can lead to a disclosure of sensitive information. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-31192]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31192') [MISC]('https://www.softether.org/9-about/News/904-SEVPN202301') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1768')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn [/LEFT][/TD] [TD][LEFT]A heap-based buffer overflow vulnerability exists in the vpnserver WpcParsePacket() functionality of SoftEther VPN 4.41-9782-beta, 5.01.9674 and 5.02. A specially crafted network packet can lead to arbitrary code execution. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-27395]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27395') [MISC]('https://www.softether.org/9-about/News/904-SEVPN202301') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1735')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn [/LEFT][/TD] [TD][LEFT]An authentication bypass vulnerability exists in the CiRpcAccepted() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. A specially crafted network packet can lead to unauthorized access. An attacker can send a network request to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-27516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27516') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1754') [MISC]('https://www.softether.org/9-about/News/904-SEVPN202301')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn [/LEFT][/TD] [TD][LEFT]An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32275]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32275') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1753') [MISC]('https://www.softether.org/9-about/News/904-SEVPN202301')[/TD] [/TR] [TR] [TD][LEFT]softether_vpn -- softether_vpn [/LEFT][/TD] [TD][LEFT]An authentication bypass vulnerability exists in the CiRpcServerThread() functionality of SoftEther VPN 5.01.9674 and 4.41-9782-beta. An attacker can perform a local man-in-the-middle attack to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32634]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32634') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1755') [MISC]('https://www.softether.org/9-about/News/904-SEVPN202301')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- library_system [/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in SourceCodester Library System 1.0. This affects an unknown part of the file index.php. The manipulation of the argument category leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-242145 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5580]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5580') [MISC]('https://github.com/GodRone/CVE/blob/main/SerBermz_SQL%20injection.md') [MISC]('https://vuldb.com/?ctiid.242145') [MISC]('https://vuldb.com/?id.242145')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- medicine_tracker_system [/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument page leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-242146 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5581]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5581') [MISC]('https://vuldb.com/?ctiid.242146') [MISC]('https://github.com/GodRone/MedicineTrackerSystem/blob/main/Medicine%20Tracker%20System_XSS.md') [MISC]('https://vuldb.com/?id.242146')[/TD] [/TR] [TR] [TD][LEFT]spa-cart -- spa-cart [/LEFT][/TD] [TD][LEFT]SPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allows a remote attacker to delete all accounts.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-43148]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43148') [MISC]('https://github.com/MinoTauro2020/CVE-2023-43148')[/TD] [/TR] [TR] [TD][LEFT]spa-cart -- spa-cart [/LEFT][/TD] [TD][LEFT]SPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows a remote attacker to add an admin user with role status.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-43149]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-43149') [MISC]('https://github.com/MinoTauro2020/CVE-2023-43149')[/TD] [/TR] [TR] [TD][LEFT]synapse -- synapse [/LEFT][/TD] [TD][LEFT]Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Prior to version 1.94.0, a malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service. Homeservers running on a closed federation (which presumably do not need to use server ACLs) are not affected. Server administrators are advised to upgrade to Synapse 1.94.0 or later. As a workaround, rooms with malicious server ACL events can be purged and blocked using the admin API.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45129]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45129') [MISC]('https://matrix-org.github.io/synapse/latest/admin_api/rooms.html#version-2-new-version') [MISC]('https://github.com/matrix-org/synapse/pull/16360') [MISC]('https://github.com/matrix-org/synapse/security/advisories/GHSA-5chr-wjw5-3gq4')[/TD] [/TR] [TR] [TD][LEFT]synaptics -- displaylink_usb_graphics_software_for_windows [/LEFT][/TD] [TD][LEFT]It is possible to sideload a compromised DLL during the installation at elevated privilege.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4936]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4936') [MISC]('https://www.synaptics.com/') [MISC]('https://www.synaptics.com/products/displaylink-graphics/downloads/windows') [MISC]('https://www.synaptics.com/sites/default/files/nr-154525-tc-synaptics_displaylink_windows_driver_security_brief_-_oct2023.pdf')[/TD] [/TR] [TR] [TD][LEFT]tencent_enterprise -- wechat_privatization [/LEFT][/TD] [TD][LEFT]There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-40829]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40829') [MISC]('https://gist.github.com/wwwziziyu/85bdf8d56b415974c4827a5668f493e9')[/TD] [/TR] [TR] [TD][LEFT]tibco_software_inc. -- spotfire_analyst [/LEFT][/TD] [TD][LEFT]The Spotfire Library component of TIBCO Software Inc.'s Spotfire Analyst and Spotfire Server contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute a Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s Spotfire Analyst: versions 11.4.7 and below, versions 11.5.0, 11.6.0, 11.7.0, 11.8.0, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4, versions 12.1.0 and 12.1.1 and Spotfire Server: versions 11.4.11 and below, versions 11.5.0, 11.6.0, 11.6.1, 11.6.2, 11.6.3, 11.7.0, 11.8.0, 11.8.1, 12.0.0, 12.0.1, 12.0.2, 12.0.3, 12.0.4, and 12.0.5, versions 12.1.0 and 12.1.1.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-26220]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26220') [MISC]('https://www.tibco.com/services/support/advisories')[/TD] [/TR] [TR] [TD][LEFT]tongda -- oa [/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in Tongda OA 2017 11.10. Affected is an unknown function of the file general/hr/salary/welfare_manage/delete.php. The manipulation of the argument WELFARE_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-241650 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5497]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5497') [MISC]('https://vuldb.com/?ctiid.241650') [MISC]('https://vuldb.com/?id.241650') [MISC]('https://github.com/RCEraser/cve/blob/main/sql_inject_4.md')[/TD] [/TR] [TR] [TD][LEFT]tracker-miners -- tracker-miners [/LEFT][/TD] [TD][LEFT]A flaw was found in the tracker-miners package. A weakness in the sandbox allows a maliciously-crafted file to execute code outside the sandbox if the tracker-extract process has first been compromised by a separate vulnerability.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5557]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5557') [MISC]('https://access.redhat.com/security/cve/CVE-2023-5557') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2243096')[/TD] [/TR] [TR] [TD][LEFT]translator -- poqdev_add-on [/LEFT][/TD] [TD][LEFT]A vulnerability was found in Translator PoqDev Add-On 1.0.11 on Firefox. It has been rated as problematic. This issue affects some unknown processing of the component Select Text Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-241649 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5496]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5496') [MISC]('https://vuldb.com/?id.241649') [MISC]('https://vuldb.com/?ctiid.241649') [MISC]('https://fastupload.io/en/G5tO8X1vM8ge4qJ/file')[/TD] [/TR] [TR] [TD][LEFT]tsmuxer -- tsmuxer [/LEFT][/TD] [TD][LEFT]tsMuxer version git-2539d07 was discovered to contain an alloc-dealloc-mismatch (operator new [] vs operator delete) error.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45510]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45510') [MISC]('https://github.com/justdan96/tsMuxer/issues/778') [MISC]('https://github.com/justdan96/tsMuxer')[/TD] [/TR] [TR] [TD][LEFT]tsmuxer -- tsmuxer [/LEFT][/TD] [TD][LEFT]A memory leak in tsMuxer version git-2539d07 allows attackers to cause a Denial of Service (DoS) via a crafted MP4 file.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45511]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45511') [MISC]('https://github.com/justdan96/tsMuxer') [MISC]('https://github.com/justdan96/tsMuxer/issues/780')[/TD] [/TR] [TR] [TD][LEFT]vantage6 -- vantage6 [/LEFT][/TD] [TD][LEFT]vantage6 is privacy preserving federated learning infrastructure. Prior to version 4.0.0, malicious users may try to get access to resources they are not allowed to see, by creating resources with integers as names. One example where this is a risk, is when users define which users are allowed to run algorithms on their node. This may be defined by username or user id. Now, for example, if user id 13 is allowed to run tasks, and an attacker creates a username with username '13', they would be wrongly allowed to run an algorithm. There may also be other places in the code where such a mixup of resource ID or name leads to issues. Version 4.0.0 contains a patch for this issue. The best solution is to check when resources are created or modified, that the resource name always starts with a character.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-28635]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28635') [MISC]('https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400') [MISC]('https://github.com/vantage6/vantage6/security/advisories/GHSA-7x94-6g2m-3hp2') [MISC]('https://github.com/vantage6/vantage6/pull/744')[/TD] [/TR] [TR] [TD][LEFT]vantage6 -- vantage6 [/LEFT][/TD] [TD][LEFT]vantage6 is privacy preserving federated learning infrastructure. When a collaboration is deleted, the linked resources (such as tasks from that collaboration) should be deleted. This is partly to manage data properly, but also to prevent a potential (but unlikely) side-effect that affects versions prior to 4.0.0, where if a collaboration with id=10 is deleted, and subsequently a new collaboration is created with id=10, the authenticated users in that collaboration could potentially see results of the deleted collaboration in some cases. Version 4.0.0 contains a patch for this issue. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41881]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41881') [MISC]('https://github.com/vantage6/vantage6/pull/748') [MISC]('https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400') [MISC]('https://github.com/vantage6/vantage6/security/advisories/GHSA-rf54-7qrr-96j6')[/TD] [/TR] [TR] [TD][LEFT]vantage6 -- vantage6 [/LEFT][/TD] [TD][LEFT]vantage6 is privacy preserving federated learning infrastructure. The endpoint /api/collaboration/{id}/task is used to collect all tasks from a certain collaboration. To get such tasks, a user should have permission to view the collaboration and to view the tasks in it. However, prior to version 4.0.0, it is only checked if the user has permission to view the collaboration. Version 4.0.0 contains a patch. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41882]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41882') [MISC]('https://github.com/vantage6/vantage6/blob/0682c4288f43fee5bcc72dc448cdd99bd7e57f76/docs/release_notes.rst#400') [MISC]('https://github.com/vantage6/vantage6/pull/711') [MISC]('https://github.com/vantage6/vantage6/security/advisories/GHSA-gc57-xhh5-m94r')[/TD] [/TR] [TR] [TD][LEFT]viessmann_manufacturing_co._inc. -- vitogate_300 [/LEFT][/TD] [TD][LEFT]In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45852]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45852') [MISC]('https://connectivity.viessmann.com/gb/mp-fp/vitogate/vitogate-300-bn-mb.html') [MISC]('https://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim [/LEFT][/TD] [TD][LEFT]Use After Free in GitHub repository vim/vim prior to v9.0.2010.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5535]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5535') [MISC]('https://github.com/vim/vim/commit/41e6f7d6ba67b61d911f9b1d76325cd79224753d') [MISC]('https://huntr.dev/bounties/2c2d85a7-1171-4014-bf7f-a2451745861f')[/TD] [/TR] [TR] [TD][LEFT]vriteio -- vriteio/vrite [/LEFT][/TD] [TD][LEFT]Improper Input Validation in GitHub repository vriteio/vrite prior to 0.3.0.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5571]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5571') [MISC]('https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23') [MISC]('https://huntr.dev/bounties/926ca25f-dd4a-40cf-8e6b-9d7b5938e95a')[/TD] [/TR] [TR] [TD][LEFT]vriteio -- vriteio/vrite [/LEFT][/TD] [TD][LEFT]Server-Side Request Forgery (SSRF) in GitHub repository vriteio/vrite prior to 0.3.0.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5572]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5572') [MISC]('https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23') [MISC]('https://huntr.dev/bounties/db649f1b-8578-4ef0-8df3-d320ab33f1be')[/TD] [/TR] [TR] [TD][LEFT]vriteio -- vriteio/vrite [/LEFT][/TD] [TD][LEFT]Allocation of Resources Without Limits or Throttling in GitHub repository vriteio/vrite prior to 0.3.0.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5573]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5573') [MISC]('https://huntr.dev/bounties/46a2bb2c-712a-4008-a147-b862e3af7d72') [MISC]('https://github.com/vriteio/vrite/commit/1877683b932bb33fb20d688e476284b70bb9fe23')[/TD] [/TR] [TR] [TD][LEFT]wargio -- naxsi [/LEFT][/TD] [TD][LEFT]NAXSI is an open-source maintenance web application firewall (WAF) for NGINX. An issue present starting in version 1.3 and prior to version 1.6 allows someone to bypass the WAF when a malicious [ICODE]X-Forwarded-For[/ICODE] IP matches [ICODE]IgnoreIP[/ICODE] [ICODE]IgnoreCIDR[/ICODE] rules. This old code was arranged to allow older NGINX versions to also support [ICODE]IgnoreIP[/ICODE] [ICODE]IgnoreCIDR[/ICODE] when multiple reverse proxies were present. The issue is patched in version 1.6. As a workaround, do not set any [ICODE]IgnoreIP[/ICODE] [ICODE]IgnoreCIDR[/ICODE] for older versions.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45132]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45132') [MISC]('https://github.com/wargio/naxsi/commit/1b712526ed3314dd6be7e8b0259eabda63c19537') [MISC]('https://github.com/wargio/naxsi/pull/103') [MISC]('https://github.com/wargio/naxsi/security/advisories/GHSA-7qjc-q4j9-pc8x')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. SQL Injection (SQLi) vulnerability in MainWP MainWP Broken Links Checker Extension plugin <= 4.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-23737]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23737') [MISC]('https://patchstack.com/database/vulnerability/mainwp-broken-links-checker-extension/wordpress-mainwp-broken-links-checker-extension-plugin-4-0-unauthenticated-sql-injection-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in OTWthemes Blog Manager Light plugin <= 1.20 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45102]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45102') [MISC]('https://patchstack.com/database/vulnerability/blog-manager-light/wordpress-blog-manager-light-plugin-1-20-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in ZAKSTAN WhitePage plugin <= 1.1.5 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45109]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45109') [MISC]('https://patchstack.com/database/vulnerability/white-page-publication/wordpress-whitepage-plugin-1-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Arul Prasad J Publish Confirm Message plugin <= 1.3.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32124]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32124') [MISC]('https://patchstack.com/database/vulnerability/publish-confirm-message/wordpress-publish-confirm-message-plugin-1-3-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Auth. Stored (contributor+) Cross-Site Scripting (XSS) vulnerability in WordPress core 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.1.3, from 6.0 through 6.0.5, from 5.9 through 5.9.7 and Gutenberg plugin <= 16.8.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38000]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38000') [MISC]('https://patchstack.com/database/vulnerability/wordpress/wordpress-core-6-3-2-contributor-stored-xss-in-navigation-links-block-vulnerability?_s_id=cve') [MISC]('https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve') [MISC]('https://patchstack.com/database/vulnerability/gutenberg/wordpress-gutenberg-plugin-16-8-0-contributor-stored-xss-in-navigation-links-block-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 through 4.6.26, from 4.5 through 4.5.29, from 4.4 through 4.4.30, from 4.3 through 4.3.31, from 4.2 through 4.2.35, from 4.1 through 4.1.38.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39999]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39999') [MISC]('https://patchstack.com/database/vulnerability/wordpress/wordpress-wordpress-core-core-6-3-2-contributor-comment-read-on-private-and-password-protected-post-vulnerability?_s_id=cve') [MISC]('https://patchstack.com/articles/wordpress-core-6-3-2-security-update-technical-advisory?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Jonk @ Follow me Darling Sp*tify Play Button for WordPress plugin <= 2.10 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-41131]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41131') [MISC]('https://patchstack.com/database/vulnerability/spotify-play-button-for-wordpress/wordpress-sp-tify-play-button-for-wordpress-plugin-2-10-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Nitin Rathod WP Forms Puzzle Captcha plugin <= 4.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44997]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44997') [MISC]('https://patchstack.com/database/vulnerability/wp-forms-puzzle-captcha/wordpress-wp-forms-puzzle-captcha-plugin-4-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in josecoelho, Randy Hoyt, steveclarkcouk, Vitaliy Kukin, Eric Le Bail, Tom Ransom Category Meta plugin plugin <= 1.2.8 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44998]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44998') [MISC]('https://patchstack.com/database/vulnerability/wp-category-meta/wordpress-category-meta-plugin-1-2-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Igor Buyanov WP Power Stats plugin <= 2.2.3 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45011]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45011') [MISC]('https://patchstack.com/database/vulnerability/wp-power-stats/wordpress-wp-power-stats-plugin-2-2-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Repuso Social proof testimonials and reviews by Repuso plugin <= 5.00 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45048]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45048') [MISC]('https://patchstack.com/database/vulnerability/social-testimonials-and-reviews-widget/wordpress-social-proof-testimonials-and-reviews-by-repuso-plugin-4-97-cross-site-request-forgery-csrf?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in dan009 WP Bing Map Pro plugin < 5.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45052]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45052') [MISC]('https://patchstack.com/database/vulnerability/api-bing-map-2018/wordpress-wp-bing-map-pro-plugin-5-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in KaizenCoders Short URL plugin <= 1.6.8 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45058]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45058') [MISC]('https://patchstack.com/database/vulnerability/shorten-url/wordpress-short-url-plugin-1-6-8-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Fla-shop.Com Interactive World Map plugin <= 3.2.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45060]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45060') [MISC]('https://patchstack.com/database/vulnerability/interactive-world-map/wordpress-interactive-world-map-plugin-3-2-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in ReCorp AI Content Writing Assistant (Content Writer, GPT 3 & 4, ChatGPT, Image Generator) All in One plugin <= 1.1.5 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45063]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45063') [MISC]('https://patchstack.com/database/vulnerability/ai-content-writing-assistant/wordpress-ai-content-writing-assistant-content-writer-chatgpt-image-generator-all-in-one-plugin-1-1-5-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Contact Form by Supsystic plugin <= 1.7.27 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45068]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45068') [MISC]('https://patchstack.com/database/vulnerability/contact-form-by-supsystic/wordpress-contact-form-by-supsystic-plugin-1-7-24-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in YAS Global Team Permalinks Customizer plugin <= 2.8.2 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45103]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45103') [MISC]('https://patchstack.com/database/vulnerability/permalinks-customizer/wordpress-permalinks-customizer-plugin-2-8-2-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Fedor Urvanov, Aram Kocharyan Urvanov Syntax Highlighter plugin <= 2.8.33 versions.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45106]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45106') [MISC]('https://patchstack.com/database/vulnerability/urvanov-syntax-highlighter/wordpress-urvanov-syntax-highlighter-plugin-2-8-33-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in GoodBarber plugin <= 1.0.22 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45107]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45107') [MISC]('https://patchstack.com/database/vulnerability/goodbarber/wordpress-goodbarber-plugin-1-0-22-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Mailrelay plugin <= 2.1.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45108]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45108') [MISC]('https://patchstack.com/database/vulnerability/mailrelay/wordpress-mailrelay-plugin-2-1-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Zizou1988 IRivYou plugin <= 2.2.1 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45267]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45267') [MISC]('https://patchstack.com/database/vulnerability/wooreviews-importer/wordpress-irivyou-add-reviews-from-aliexpress-and-amazon-to-woocommerce-plugin-2-2-1-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in Hitsteps Hitsteps Web Analytics plugin <= 5.86 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45268]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45268') [MISC]('https://patchstack.com/database/vulnerability/hitsteps-visitor-manager/wordpress-hitsteps-web-analytics-plugin-5-85-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <= 2.0.23 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45269]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45269') [MISC]('https://patchstack.com/database/vulnerability/cds-simple-seo/wordpress-simple-seo-plugin-2-0-23-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <= 2.9.9.4.0 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45270]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45270') [MISC]('https://patchstack.com/database/vulnerability/booking-system/wordpress-pinpoint-booking-system-plugin-2-9-9-4-0-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]Cross-Site Request Forgery (CSRF) vulnerability in automatededitor.Com Automated Editor plugin <= 1.3 versions.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45276]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45276') [MISC]('https://patchstack.com/database/vulnerability/automated-editor/wordpress-automated-editor-plugin-1-3-cross-site-request-forgery-csrf-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]xiaomi -- xiaomi_router [/LEFT][/TD] [TD][LEFT]Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-26318]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26318') [MISC]('https://trust.mi.com/misrc/bulletins/advisory?cveId=539')[/TD] [/TR] [TR] [TD][LEFT]xiaomi -- xiaomi_router [/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-26319]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26319') [MISC]('https://trust.mi.com/misrc/bulletins/advisory?cveId=536')[/TD] [/TR] [TR] [TD][LEFT]xiaomi -- xiaomi_router [/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-26320]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26320') [MISC]('https://trust.mi.com/misrc/bulletins/advisory?cveId=540')[/TD] [/TR] [TR] [TD][LEFT]xinje -- xd5e-30r-e [/LEFT][/TD] [TD][LEFT]A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Modbus Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-241585 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5462]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5462') [MISC]('https://vuldb.com/?ctiid.241585') [MISC]('https://vuldb.com/?id.241585') [MISC]('https://drive.google.com/drive/folders/1jik8hRjD8N2IkxOHP5wsJUEya09jCv2n')[/TD] [/TR] [TR] [TD][LEFT]xinje -- xdppro [/LEFT][/TD] [TD][LEFT]A vulnerability was found in XINJE XDPPro up to 3.7.17a. It has been rated as critical. Affected by this issue is some unknown functionality in the library cfgmgr32.dll. The manipulation leads to uncontrolled search path. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. VDB-241586 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-10-09[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5463]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5463') [MISC]('https://drive.google.com/drive/folders/1mpRxWOPjxVS980r0qu1IY_Hf0irKO-cu') [MISC]('https://vuldb.com/?ctiid.241586') [MISC]('https://vuldb.com/?id.241586')[/TD] [/TR] [TR] [TD][LEFT]xwiki-contrib -- application-changerequest [/LEFT][/TD] [TD][LEFT]Change Request is an application allowing users to request changes on a wiki without publishing the changes directly. Starting in version 0.11 and prior to version 1.9.2, it's possible for a user without any specific right to perform script injection and remote code execution just by inserting an appropriate title when creating a new Change Request. This vulnerability is particularly critical as Change Request aims at being created by user without any particular rights. The vulnerability has been fixed in Change Request 1.9.2. It's possible to work around the issue without upgrading by editing the document [ICODE]ChangeRequest.Code.ChangeRequestSheet[/ICODE] and by performing the same change as in the fix commit.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45138]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45138') [MISC]('https://jira.xwiki.org/browse/CRAPP-298') [MISC]('https://github.com/xwiki-contrib/application-changerequest/commit/7565e720117f73102f5a276239eabfe85e15cff4') [MISC]('https://github.com/xwiki-contrib/application-changerequest/security/advisories/GHSA-f776-w9v2-7vfj')[/TD] [/TR] [TR] [TD][LEFT]zabbix -- zabbix [/LEFT][/TD] [TD][LEFT]Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g., "var a = {{.}}"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template. Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitinterp=1, with the caveat that backticks will now be escaped. This should be used with caution.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-29453]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29453') [MISC]('https://support.zabbix.com/browse/ZBX-23388')[/TD] [/TR] [TR] [TD][LEFT]zabbix -- zabbix [/LEFT][/TD] [TD][LEFT]A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32721]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32721') [MISC]('https://support.zabbix.com/browse/ZBX-23389')[/TD] [/TR] [TR] [TD][LEFT]zabbix -- zabbix [/LEFT][/TD] [TD][LEFT]The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32722]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32722') [MISC]('https://support.zabbix.com/browse/ZBX-23390')[/TD] [/TR] [TR] [TD][LEFT]zabbix -- zabbix [/LEFT][/TD] [TD][LEFT]Request to LDAP is sent before user permissions are checked.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32723]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32723') [MISC]('https://support.zabbix.com/browse/ZBX-23230')[/TD] [/TR] [TR] [TD][LEFT]zabbix -- zabbix [/LEFT][/TD] [TD][LEFT]Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.[/LEFT][/TD] [TD][CENTER]2023-10-12[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32724') [MISC]('https://support.zabbix.com/browse/ZBX-23391')[/TD] [/TR] [TR] [TD][LEFT]zebra_technologies -- ztc_zt410 [/LEFT][/TD] [TD][LEFT]A vulnerability of authentication bypass has been found on a Zebra Technologies ZTC ZT410-203dpi ZPL printer. This vulnerability allows an attacker that is in the same network as the printer, to change the username and password for the Web Page by sending a specially crafted POST request to the setvarsResults.cgi file. For this vulnerability to be exploitable, the printers protected mode must be disabled.[/LEFT][/TD] [TD][CENTER]2023-10-11[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4957]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4957') [MISC]('https://www.incibe.es/en/incibe-cert/notices/aviso-sci/authentication-bypass-zebra-ztc')[/TD] [/TR] [TR] [TD][LEFT]zephyr -- zephyr [/LEFT][/TD] [TD][LEFT]Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4257]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4257') [MISC]('https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-853q-q69w-gf5j')[/TD] [/TR] [TR] [TD][LEFT]zephyr -- zephyr [/LEFT][/TD] [TD][LEFT]Potential buffer overflow vulnerability in the Zephyr IEEE 802.15.4 nRF 15.4 driver[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-4263]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4263') [MISC]('https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-rf6q-rhhp-pqhf')[/TD] [/TR] [TR] [TD][LEFT]zephyr -- zephyr [/LEFT][/TD] [TD][LEFT]The SJA1000 CAN controller driver backend automatically attempt to recover from a bus-off event when built with CONFIG_CAN_AUTO_BUS_OFF_RECOVERY=y. This results in calling k_sleep() in IRQ context, causing a fatal exception.[/LEFT][/TD] [TD][CENTER]2023-10-13[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5563]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5563') [MISC]('https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-98mc-rj7w-7rpv')[/TD] [/TR] [TR] [TD][LEFT]zitadel -- zitadel [/LEFT][/TD] [TD][LEFT]ZITADEL provides identity infrastructure. In versions 2.37.2 and prior, ZITADEL administrators can enable a setting called "Ignoring unknown usernames" which helps mitigate attacks that try to guess/enumerate usernames. While this setting was properly working during the authentication process it did not work correctly on the password reset flow. This meant that even if this feature was active that an attacker could use the password reset function to verify if an account exists within ZITADEL. This bug has been patched in versions 2.37.3 and 2.38.0. No known workarounds are available.[/LEFT][/TD] [TD][CENTER]2023-10-10[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44399]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44399') [MISC]('https://github.com/zitadel/zitadel/releases/tag/v2.38.0') [MISC]('https://github.com/zitadel/zitadel/security/advisories/GHSA-v683-rcxx-vpff') [MISC]('https://github.com/zitadel/zitadel/releases/tag/v2.37.3')[/TD] [/TR] [TR] [TD][LEFT]zlib -- zlib [/LEFT][/TD] [TD][LEFT]MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-45853]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-45853') [MISC]('https://www.winimage.com/zLibDll/minizip.html') [MISC]('https://github.com/madler/zlib/pull/843') [MISC]('https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356') [MISC]('https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61') [MISC]('https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4')[/TD] [/TR] [TR] [TD][LEFT]zpe_systems,_inc -- nodegrid_os [/LEFT][/TD] [TD][LEFT]An issue in ZPE Systems, Inc Nodegrid OS v.5.8.10 thru v.5.8.13 and v.5.10.3 thru v.5.10.5 allows a remote attacker to obtain sensitive information via the TACACS+ server component.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-44037]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-44037') [CONFIRM]('https://psirt.zpesystems.com/portal/en/kb/articles/security-advisory-zpe-ng-2023-002')[/TD] [/TR] [TR] [TD][LEFT]zzzcms -- zzzcms [/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as problematic, has been found in ZZZCMS 2.2.0. This issue affects some unknown processing of the component Personal Profile Page. The manipulation leads to basic cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-242147.[/LEFT][/TD] [TD][CENTER]2023-10-14[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-5582]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-5582') [MISC]('https://github.com/Jacky-Y/vuls/blob/main/vul8.md') [MISC]('https://vuldb.com/?ctiid.242147') [MISC]('https://vuldb.com/?id.242147')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Continue reading…