CISA Bulletins - Vulnerability Summary for the Week of September 11, 2023

system · September 18, 2023, 7:12pm

High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]wibu -- codemeter_runtime [/LEFT][/TD] [TD][LEFT]A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][10]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3935&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3935]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3935') [MISC]('https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-230704-01-v3.0.pdf') [MISC]('https://cert.vde.com/en/advisories/VDE-2023-031/')[/TD] [/TR] [TR] [TD][LEFT]sap -- businessobjects_business_intelligence[/LEFT][/TD] [TD][LEFT]SAP BusinessObjects Business Intelligence Platform (Promotion Management) - versions 420, 430, under certain condition allows an authenticated attacker to view sensitive information which is otherwise restricted. On successful exploitation, the attacker can completely compromise the application causing high impact on confidentiality, integrity, and availability.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][9.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40622&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40622]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40622') [MISC]('https://me.sap.com/notes/3320355') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-619l_firmware[/LEFT][/TD] [TD][LEFT]Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19319&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-19319]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19319') [MISC]('https://github.com/hhhhu8045759/dir_619l-buffer-overflow')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-619l_firmware[/LEFT][/TD] [TD][LEFT]Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19320&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-19320]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19320') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('https://github.com/hhhhu8045759/dlink-619l-buffer_overflow')[/TD] [/TR] [TR] [TD][LEFT]mofinetwork -- mofi4500-4gxelte-v2_firmware[/LEFT][/TD] [TD][LEFT]An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to bypass the authentication and execute arbitrary code via crafted HTTP request.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-27715&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-27715]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-27715') [MISC]('https://www.nagarro.com/services/security/mofi-cve-security-advisory') [MISC]('http://mofi.com')[/TD] [/TR] [TR] [TD][LEFT]rockwell_automation -- factorytalk_view[/LEFT][/TD] [TD][LEFT]Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies user’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. The device has the functionality, through a CIP class, to execute exported functions from libraries. There is a routine that restricts it to execute specific functions from two dynamic link library files. By using a CIP class, an attacker can upload a self-made library to the device which allows the attacker to bypass the security check and execute any code written in the function.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-2071&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-2071]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2071') [MISC]('https://rockwellautomation.custhelp.com/app/answers/answer_view/a_id/1140724')[/TD] [/TR] [TR] [TD][LEFT]xxyopen -- novel-plus[/LEFT][/TD] [TD][LEFT]novel-plus 3.6.2 is vulnerable to SQL Injection.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30058&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30058]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30058') [MISC]('https://github.com/201206030/novel-plus') [MISC]('https://github.com/Rabb1tQ/HillstoneCVEs/tree/main/CVE-2023-30058')[/TD] [/TR] [TR] [TD][LEFT]tsplus -- tsplus_remote_access[/LEFT][/TD] [TD][LEFT]An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\Clients\www.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31067&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-31067]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31067') [MISC]('https://www.exploit-db.com/exploits/51679') [MISC]('http://packetstormsecurity.com/files/174275/TSPlus-16.0.2.14-Insecure-Permissions.html')[/TD] [/TR] [TR] [TD][LEFT]tsplus -- tsplus_remote_access[/LEFT][/TD] [TD][LEFT]An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31068&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-31068]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31068') [MISC]('https://www.exploit-db.com/exploits/51680') [MISC]('http://packetstormsecurity.com/files/174272/TSPlus-16.0.0.0-Insecure-Permissions.html')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In eatt_l2cap_reconfig_completed of eatt_impl.h, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35681&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35681]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35681') [MISC]('https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d8d95291f16a8f18f8ffbd6322c14686897c5730') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]phpjabbers -- cleaning_business_software[/LEFT][/TD] [TD][LEFT]In PHPJabbers Cleaning Business Software 1.0, there is no encryption on user passwords allowing an attacker to gain access to all user accounts.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36140&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36140]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36140') [MISC]('https://medium.com/@blakehodder/additional-vulnerabilities-in-php-jabbers-scripts-c6bbd89b24bb') [MISC]('https://www.phpjabbers.com/cleaning-business-software/')[/TD] [/TR] [TR] [TD][LEFT]trendylogics -- crypto_currency_tracker[/LEFT][/TD] [TD][LEFT]Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37759&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-37759]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37759') [MISC]('https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html') [MISC]('https://tregix.com/') [MISC]('https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008')[/TD] [/TR] [TR] [TD][LEFT]adobe -- coldfusion [/LEFT][/TD] [TD][LEFT]Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.[/LEFT][/TD] [TD][CENTER]2023-09-14[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38204&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38204]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38204') [MISC]('https://helpx.adobe.com/security/products/coldfusion/apsb23-47.html')[/TD] [/TR] [TR] [TD][LEFT]conemu_project -- conemu[/LEFT][/TD] [TD][LEFT]ConEmu before commit 230724 does not sanitize title responses correctly for control characters, potentially leading to arbitrary code execution. This is related to an incomplete fix for CVE-2022-46387.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39150&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39150]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39150') [MISC]('https://github.com/Maximus5/ConEmu/commit/60683a186628ffaa7689fcb64b3c38ced69287c1') [MISC]('https://gist.github.com/dgl/081cf503dc635df39d844e058a6d4c88')[/TD] [/TR] [TR] [TD][LEFT]golang -- go[/LEFT][/TD] [TD][LEFT]The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the "go" command was executed within the module. This applies to modules downloaded using the "go" command from the module proxy, as well as modules downloaded directly using VCS software.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39320&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39320]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39320') [MISC]('https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ') [MISC]('https://go.dev/cl/526158') [MISC]('https://pkg.go.dev/vuln/GO-2023-2042') [MISC]('https://go.dev/issue/62198')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-816_firmware[/LEFT][/TD] [TD][LEFT]D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39637&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39637]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39637') [MISC]('https://www.dlink.com/en/security-bulletin/') [MISC]('http://d-link.com') [MISC]('http://www.dlink.com.cn/techsupport/ProductInfo.aspx?m=DIR-816') [MISC]('https://github.com/mmmmmx1/dlink/blob/main/DIR-816/readme.md')[/TD] [/TR] [TR] [TD][LEFT]arris -- tg852g_firmware[/LEFT][/TD] [TD][LEFT]An issue was discovered on ARRIS TG852G, TG862G, and TG1672G devices. A remote attacker (in proximity to a Wi-Fi network) can derive the default WPA2-PSK value by observing a beacon frame.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40039&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40039]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40039') [MISC]('https://i.ebayimg.com/images/g/-UcAAOSwDe1kyD-Z/s-l1600.png') [MISC]('https://i.ebayimg.com/images/g/4P0AAOSwdhxkrZtt/s-l1600.jpg') [MISC]('https://github.com/actuator/cve/blob/main/Arris/CVE-2023-40039')[/TD] [/TR] [TR] [TD][LEFT]dedecms -- dedecms[/LEFT][/TD] [TD][LEFT]DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40784&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40784]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40784') [MISC]('https://www.cnblogs.com/SFYHAC/articles/17619123.html') [MISC]('https://vulmon.com/vulnerabilitydetails?qid=CVE-2023-40784')[/TD] [/TR] [TR] [TD][LEFT]opencart -- opencart[/LEFT][/TD] [TD][LEFT]OpenCart v4.0.2.2 is vulnerable to Brute Force Attack.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40834&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40834]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40834') [MISC]('https://packetstormsecurity.com/files/174525/OpenCart-CMS-4.0.2.2-Brute-Force.html') [MISC]('https://www.opencart.com/')[/TD] [/TR] [TR] [TD][LEFT]schoolmate -- schoolmate[/LEFT][/TD] [TD][LEFT]Schoolmate 1.3 is vulnerable to SQL Injection in the variable schoolname from Database at ~\header.php.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40944&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40944]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40944') [MISC]('https://github.com/KLSEHB/vulnerability-report/blob/main/Schoolmate_CVE-2023-40944')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- doctor_appointment_system[/LEFT][/TD] [TD][LEFT]Sourcecodester Doctor Appointment System 1.0 is vulnerable to SQL Injection in the variable $userid at doctors\myDetails.php.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40945&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40945]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40945') [MISC]('https://github.com/KLSEHB/vulnerability-report/blob/main/Doctormms_CVE-2023-40945')[/TD] [/TR] [TR] [TD][LEFT]schoolmate -- schoolmate[/LEFT][/TD] [TD][LEFT]Schoolmate 1.3 is vulnerable to SQL Injection in the variable $username from SESSION in ValidateLogin.php.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40946&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40946]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40946') [MISC]('https://github.com/KLSEHB/vulnerability-report/blob/main/Schoolmate_CVE-2023-40946')[/TD] [/TR] [TR] [TD][LEFT]zoo_management_system_project -- zoo_management_system[/LEFT][/TD] [TD][LEFT]Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41615&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41615]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41615') [MISC]('https://phpgurukul.com/student-management-system-using-php-and-mysql/') [MISC]('https://medium.com/@guravtushar231/sql-injection-in-login-field-a9073780f7e8') [MISC]('https://portswigger.net/web-security/sql-injection')[/TD] [/TR] [TR] [TD][LEFT]jeecg -- jeecg_boot[/LEFT][/TD] [TD][LEFT]Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vulnerability via the component /jeecg-boot/jmreport/show.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42268&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42268]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42268') [MISC]('https://github.com/jeecgboot/jeecg-boot/issues/5311')[/TD] [/TR] [TR] [TD][LEFT]hutool -- hutool[/LEFT][/TD] [TD][LEFT]hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42276&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42276]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42276') [MISC]('https://github.com/dromara/hutool/issues/3286')[/TD] [/TR] [TR] [TD][LEFT]hutool -- hutool[/LEFT][/TD] [TD][LEFT]hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42277&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42277]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42277') [MISC]('https://github.com/dromara/hutool/issues/3285')[/TD] [/TR] [TR] [TD][LEFT]imoulife -- life[/LEFT][/TD] [TD][LEFT]The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code Execution via a crafted intent to an exported component. This relates to the com.mm.android.easy4ip.MainActivity activity. JavaScript execution is enabled in the WebView, and direct web content loading occurs.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42470&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42470]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42470') [MISC]('https://github.com/actuator/imou/blob/main/imou-life-6.8.0.md') [MISC]('https://github.com/actuator/imou/blob/main/poc.apk') [MISC]('https://github.com/actuator/cve/blob/main/CVE-2023-42470')[/TD] [/TR] [TR] [TD][LEFT]wave-ai -- wave[/LEFT][/TD] [TD][LEFT]The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbitrary JavaScript code via a crafted intent. It contains a manifest entry that exports the wave.ai.browser.ui.splash.SplashScreen activity. This activity uses a WebView component to display web content and doesn't adequately validate or sanitize the URI or any extra data passed in the intent by a third-party application (with no permissions).[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42471&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-42471]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42471') [MISC]('https://github.com/actuator/wave.ai.browser/blob/main/poc.apk') [MISC]('https://github.com/actuator/wave.ai.browser/blob/main/CWE-94.md') [MISC]('https://github.com/actuator/cve/blob/main/CVE-2023-42471')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- simple_membership_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file account_edit_query.php. The manipulation of the argument admin_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239254 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4845&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4845]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4845') [MISC]('https://vuldb.com/?ctiid.239254') [MISC]('https://vuldb.com/?id.239254') [MISC]('https://github.com/BigBaos/MemShipVul/blob/main/Simple-Membership-System%20account_edit_query.php%20has%20Sqlinjection.pdf')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- simple_book_catalog_app[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in SourceCodester Simple Book Catalog App 1.0. Affected by this vulnerability is an unknown functionality of the file delete_book.php. The manipulation of the argument delete leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239257 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-09[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4848&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4848]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4848') [MISC]('https://vuldb.com/?id.239257') [MISC]('https://skypoc.wordpress.com/2023/09/04/sourcecodester-simple-book-catalog-app-v1-0-has-multiple-vulnerabilities/') [MISC]('https://vuldb.com/?ctiid.239257')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- online_tours_\&_travels_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Online Tours & Travels Management System 1.0 and classified as critical. This issue affects the function exec of the file booking.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239351.[/LEFT][/TD] [TD][CENTER]2023-09-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4866&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4866]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4866') [MISC]('https://blog.csdn.net/weixin_43864034/article/details/132697070') [MISC]('https://vuldb.com/?id.239351') [MISC]('https://vuldb.com/?ctiid.239351')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- contact_manager_app[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in SourceCodester Contact Manager App 1.0. This vulnerability affects unknown code of the file delete.php. The manipulation of the argument contact/contactName leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-239356.[/LEFT][/TD] [TD][CENTER]2023-09-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4871&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4871]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4871') [MISC]('https://vuldb.com/?id.239356') [MISC]('https://vuldb.com/?ctiid.239356') [MISC]('https://skypoc.wordpress.com/2023/09/05/vuln1/')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- contact_manager_app[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in SourceCodester Contact Manager App 1.0. This issue affects some unknown processing of the file add.php. The manipulation of the argument contact/contactName leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239357 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4872&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4872]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4872') [MISC]('https://vuldb.com/?ctiid.239357') [MISC]('https://vuldb.com/?id.239357') [MISC]('https://skypoc.wordpress.com/2023/09/05/vuln1/')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s45f_firmware[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230906. Affected is an unknown function of the file /importexport.php. The manipulation of the argument sql leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-239358 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-10[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4873&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4873]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4873') [MISC]('https://vuldb.com/?ctiid.239358') [MISC]('https://vuldb.com/?id.239358') [MISC]('https://github.com/cugerQDHJ/cve/blob/main/rce.md')[/TD] [/TR] [TR] [TD][LEFT]mintplexlabs -- anythingllm[/LEFT][/TD] [TD][LEFT]Relative Path Traversal in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4897&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4897]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4897') [MISC]('https://github.com/mintplex-labs/anything-llm/commit/3c88aec034934bcbad30c5ef1cab62cbbdb98e64') [MISC]('https://huntr.dev/bounties/0631af48-84a3-4019-85db-f0f8b12cb0ab')[/TD] [/TR] [TR] [TD][LEFT]adobe -- commerce [/LEFT][/TD] [TD][LEFT]Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability. Exploitation of this issue does not require user interaction and could result in a post-authentication arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-24093&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-24093]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-24093') [MISC]('https://helpx.adobe.com/security/products/magento/apsb22-13.html')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_directory_server[/LEFT][/TD] [TD][LEFT]IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view or write to arbitrary files on the system. IBM X-Force ID: 228579.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33164&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2022-33164]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33164') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/228579') [MISC]('https://www.ibm.com/support/pages/node/7031021')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-605l_firmware[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19318&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-19318]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19318') [MISC]('https://github.com/hhhhu8045759/dir_605L-stack-overflow/blob/master/README.md')[/TD] [/TR] [TR] [TD][LEFT]redhat -- decision_manager[/LEFT][/TD] [TD][LEFT]A flaw was found where some utility classes in Drools core did not use proper safeguards when deserializing data. This flaw allows an authenticated attacker to construct malicious serialized objects (usually called gadgets) and achieve code execution on the server.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-1415&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-1415]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-1415') [MISC]('https://bugzilla.redhat.com/show_bug.cgi?id=2065505') [MISC]('https://access.redhat.com/errata/RHSA-2022:6813') [MISC]('https://access.redhat.com/security/cve/CVE-2022-1415')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_devops [/LEFT][/TD] [TD][LEFT]Azure DevOps Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33136&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-33136]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33136') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33136')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In gatt_process_prep_write_rsp of gatt_cl.cc, there is a possible privilege escalation due to a use after free. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35658&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35658]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35658') [MISC]('https://android.googlesource.com/platform/packages/modules/Bluetooth/+/d03a3020de69143b1fe8129d75e55f14951dd192') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In build_read_multi_rsp of gatt_sr.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35673&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35673]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35673') [MISC]('https://android.googlesource.com/platform/packages/modules/Bluetooth/+/8770c07c102c7fdc74626dc717acc8f6dd1c92cc') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to an integer overflow. This could lead to paired device escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35684&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35684]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35684') [MISC]('https://source.android.com/security/bulletin/2023-09-01') [MISC]('https://android.googlesource.com/platform/packages/modules/Bluetooth/+/668bbca29797728004d88db4c9b69102f3939008')[/TD] [/TR] [TR] [TD][LEFT]govee -- home[/LEFT][/TD] [TD][LEFT]Govee Home app has unprotected access to WebView component which can be opened by any app on the device. By sending an URL to a specially crafted site, the attacker can execute JavaScript in context of WebView or steal sensitive user data by displaying phishing content.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3612&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3612]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3612') [MISC]('https://www.sk-cert.sk/threat/sk-cert-bezpecnostne-varovanie-v20230811-10')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- sharepoint_server [/LEFT][/TD] [TD][LEFT]Microsoft SharePoint Server Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36764&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36764]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36764') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36764')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_11 [/LEFT][/TD] [TD][LEFT]Windows Themes Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38146&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38146]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38146') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38146')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows Miracast Wireless Display Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38147&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38147]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38147') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38147')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Internet Connection Sharing (ICS) Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38148&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38148]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38148') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38148')[/TD] [/TR] [TR] [TD][LEFT]netis-systems -- wf2409e_firmware[/LEFT][/TD] [TD][LEFT]An issue in NETIS SYSTEMS WF2409E v.3.6.42541 allows a remote attacker to execute arbitrary code via the ping and traceroute functions of the diagnostic tools component in the admin management interface.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38829&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38829]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38829') [MISC]('https://github.com/adhikara13/CVE-2023-38829-NETIS-WF2409E')[/TD] [/TR] [TR] [TD][LEFT]siemens -- qms_automotive [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application server responds with sensitive information about the server. This could allow an attacker to directly access the database.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40726&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40726]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40726') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf')[/TD] [/TR] [TR] [TD][LEFT]idreamsoft -- icms[/LEFT][/TD] [TD][LEFT]icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF).[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40953&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40953]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40953') [MISC]('https://www.icmsdev.com/') [MISC]('https://gist.github.com/ChubbyZ/e1e5c1858c389334dcf581a19c741308')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The BAN Users plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.5.3 due to a missing capability check on the 'w3dev_save_ban_user_settings_callback' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify the plugin settings to access the ban and unban functionality and set the role of the unbanned user.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4153&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4153]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4153') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/af6bd2db-47a4-4381-a881-d5f97a159f8d?source=cve') [MISC]('https://plugins.trac.wordpress.org/browser/ban-users/tags/1.5.3/include/ajax.php#L109') [MISC]('https://plugins.trac.wordpress.org/browser/ban-users/tags/1.5.3/include/ajax.php#L199')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Simplr Registration Form Plus+ plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 2.4.5. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with subscriber-level permissions or above to change user passwords and potentially take over administrator accounts.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4213&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4213]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4213') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/6ddf0452-3afe-4ada-bccc-30c818968a81?source=cve') [MISC]('https://plugins.trac.wordpress.org/browser/simplr-registration-form/trunk/lib/profile.php#L148')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- firefox[/LEFT][/TD] [TD][LEFT]Due to large allocation checks in Angle for glsl shaders being too lenient a buffer overflow could have occured when allocating too much private shader memory on mac OS. This bug only affects Firefox on macOS. Other operating systems are unaffected. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4582&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4582]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4582') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1773874') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- thunderbird[/LEFT][/TD] [TD][LEFT]Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4584&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4584]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4584') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-35/') [MISC]('https://bugzilla.mozilla.org/buglist.cgi?bug_id=1843968%2C1845205%2C1846080%2C1846526%2C1847529') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-37/')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- thunderbird[/LEFT][/TD] [TD][LEFT]Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4585&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4585]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4585') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/') [MISC]('https://bugzilla.mozilla.org/buglist.cgi?bug_id=1751583%2C1833504%2C1841082%2C1847904%2C1848999')[/TD] [/TR] [TR] [TD][LEFT]wibu -- codemeter_runtime [/LEFT][/TD] [TD][LEFT]A Improper Privilege Management vulnerability through an incorrect use of privileged APIs in CodeMeter Runtime versions prior to 7.60c allow a local, low privileged attacker to use an API call for escalation of privileges in order gain full admin access on the host system.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4701&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4701]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4701') [MISC]('https://cdn.wibu.com/fileadmin/wibu_downloads/security_advisories/AdvisoryWIBU-230704-01-v3.0.pdf') [MISC]('https://cert.vde.com/en/advisories/VDE-2023-031/')[/TD] [/TR] [TR] [TD][LEFT]hitachi_energy -- asset_suite[/LEFT][/TD] [TD][LEFT]A vulnerability exists in the Equipment Tag Out authentication, when configured with Single Sign-On (SSO) with password validation in T214. This vulnerability can be exploited by an authenticated user per-forming an Equipment Tag Out holder action (Accept, Release, and Clear) for another user and entering an arbitrary password in the holder action confirmation dialog box. Despite entering an arbitrary password in the confirmation box, the system will execute the selected holder action.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4816&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4816]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4816') [MISC]('https://images.go.hitachienergy.com/Web/ABBEnterpriseSoftware/%7B70b3d323-4866-42e1-8a75-58996729c1d4%7D_8DBD000172-VU-2023-23_Asset_Suite_Tagout_vulnerability_Rev1.pdf')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- take-note_app[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in SourceCodester Take-Note App 1.0 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-239350 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-09[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4865&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4865]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4865') [MISC]('https://skypoc.wordpress.com/2023/09/05/sourcecodester-take-note-app-v1-0-has-multiple-vulnerabilities/') [MISC]('https://vuldb.com/?ctiid.239350') [MISC]('https://vuldb.com/?id.239350')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- contact_manager_app[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file add.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239353 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4868&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4868]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4868') [MISC]('https://vuldb.com/?ctiid.239353') [MISC]('https://vuldb.com/?id.239353') [MISC]('https://skypoc.wordpress.com/2023/09/05/vuln1/')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- contact_manager_app[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Contact Manager App 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file update.php. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-239354 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-10[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4869&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4869]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4869') [MISC]('https://vuldb.com/?ctiid.239354') [MISC]('https://vuldb.com/?id.239354') [MISC]('https://skypoc.wordpress.com/2023/09/05/vuln1/')[/TD] [/TR] [TR] [TD][LEFT]mintplexlabs -- anything-llm[/LEFT][/TD] [TD][LEFT]SQL Injection in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4899&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4899]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4899') [MISC]('https://github.com/mintplex-labs/anything-llm/commit/dc3dfbf31495fe316b21ee184b9317b38101d30e') [MISC]('https://huntr.dev/bounties/70a2fb18-f030-4abb-9ddc-13f94107ac9d')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Login with phone number plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.4.8. This is due to missing nonce validation on the 'lwp_update_password_action' function. This makes it possible for unauthenticated attackers to change user password via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4916&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4916]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4916') [MISC]('https://plugins.trac.wordpress.org/browser/login-with-phone-number/trunk/login-with-phonenumber.php#L2953') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/71083db7-377b-47a1-ac8b-83d8974a2654?source=cve')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- firefox[/LEFT][/TD] [TD][LEFT]On Windows, an integer overflow could occur in [ICODE]RecordedSourceSurfaceCreation[/ICODE] which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *This bug only affects Firefox on Windows. Other operating systems are unaffected. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4576&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4576]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4576') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-35/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1846694') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-37/')[/TD] [/TR] [TR] [TD][LEFT]siemens -- spectrum_power_7 [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Spectrum Power 7 (All versions < V23Q3). The affected product assigns improper access rights to the update script. This could allow an authenticated local attacker to inject arbitrary code and escalate privileges.[/LEFT][/TD] [TD][CENTER]2023-09-14[/CENTER][/TD] [TD][CENTER][8.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38557&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38557]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38557') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-357182.pdf')[/TD] [/TR] [TR] [TD][LEFT]hichip -- shenzhen_hichip_vision_technology_firmware[/LEFT][/TD] [TD][LEFT]Shenzhen Hichip Vision Technology IP Camera Firmware V11.4.8.1.1-20170926 has a denial of service vulnerability through sending a crafted multicast message in a local network.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-23382&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-23382]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-23382') [MISC]('http://lackylab.pl/articles/CVE-2022-23382.html')[/TD] [/TR] [TR] [TD][LEFT]openpmix -- openpmix[/LEFT][/TD] [TD][LEFT]OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.[/LEFT][/TD] [TD][CENTER]2023-09-09[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41915&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41915]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41915') [MISC]('https://docs.openpmix.org/en/latest/security.html') [CONFIRM]('https://github.com/openpmix/openpmix/releases/tag/v5.0.1') [CONFIRM]('https://github.com/openpmix/openpmix/releases/tag/v4.2.6')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server [/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36744&vector=CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36744]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36744') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36744')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server [/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36745&vector=CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36745]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36745') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36745')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server [/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36756&vector=CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36756]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36756') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36756')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- exchange_server [/LEFT][/TD] [TD][LEFT]Microsoft Exchange Server Spoofing Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36757&vector=CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36757]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36757') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36757')[/TD] [/TR] [TR] [TD][LEFT]foxconn -- live_update_utility[/LEFT][/TD] [TD][LEFT]An issue was discovered in MmMapIoSpace routine in Foxconn Live Update Utility 2.1.6.26, allows local attackers to escalate privileges.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-24088&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-24088]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-24088') [MISC]('https://github.com/rjt-gupta/CVE-2020-24088') [MISC]('http://dronesec.pw/blog/2018/05/17/dell-supportassist-local-privilege-escalation/') [MISC]('http://blog.rewolf.pl/blog/?p=1630')[/TD] [/TR] [TR] [TD][LEFT]adobe -- indesign[/LEFT][/TD] [TD][LEFT]Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28831&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-28831]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28831') [MISC]('https://helpx.adobe.com/security/products/indesign/apsb22-23.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- indesign[/LEFT][/TD] [TD][LEFT]Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28832&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-28832]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28832') [MISC]('https://helpx.adobe.com/security/products/indesign/apsb22-23.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- indesign[/LEFT][/TD] [TD][LEFT]Adobe InDesign versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28833&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-28833]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28833') [MISC]('https://helpx.adobe.com/security/products/indesign/apsb22-23.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- incopy[/LEFT][/TD] [TD][LEFT]Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28834&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-28834]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28834') [MISC]('https://helpx.adobe.com/security/products/incopy/apsb22-28.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- incopy[/LEFT][/TD] [TD][LEFT]Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28835&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-28835]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28835') [MISC]('https://helpx.adobe.com/security/products/incopy/apsb22-28.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- incopy[/LEFT][/TD] [TD][LEFT]Adobe InCopy versions 17.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-28836&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-28836]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-28836') [MISC]('https://helpx.adobe.com/security/products/incopy/apsb22-28.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_reader[/LEFT][/TD] [TD][LEFT]Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34224&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-34224]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34224') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb22-32.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_reader[/LEFT][/TD] [TD][LEFT]Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-34227&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-34227]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-34227') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb22-32.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_reader [/LEFT][/TD] [TD][LEFT]Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-26369&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-26369]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-26369') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb23-34.html')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35355&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35355]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35355') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35355')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In multiple files, there is a possible way to import a contact from another user due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35665&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35665]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35665') [MISC]('https://source.android.com/security/bulletin/2023-09-01') [MISC]('https://android.googlesource.com/platform/packages/services/Telephony/+/674039e70e1c5bf29b808899ac80c709acc82290')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In bta_av_rc_msg of bta_av_act.cc, there is a possible use after free due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35666&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35666]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35666') [MISC]('https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b7ea57f620436c83a9766f928437ddadaa232e3a') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In updateList of NotificationAccessSettings.java, there is a possible way to hide approved notification listeners in the settings due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35667&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35667]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35667') [MISC]('https://android.googlesource.com/platform/packages/apps/Settings/+/d8355ac47e068ad20c6a7b1602e72f0585ec0085') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In checkKeyIntentParceledCorrectly of AccountManagerService.java, there is a possible way to control other running activities due to unsafe deserialization. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35669&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35669]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35669') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/f810d81839af38ee121c446105ca67cb12992fc6') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In computeValuesFromData of FileUtils.java, there is a possible way to insert files to other apps' external private directories due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35670&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35670]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35670') [MISC]('https://source.android.com/security/bulletin/2023-09-01') [MISC]('https://android.googlesource.com/platform/packages/providers/MediaProvider/+/db3c69afcb0a45c8aa2f333fcde36217889899fe')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35674&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35674') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/7428962d3b064ce1122809d87af65099d1129c9e') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In createQuickShareAction of SaveImageInBackgroundTask.java, there is a possible way to trigger a background activity launch due to an unsafe PendingIntent. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35676&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35676]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35676') [MISC]('https://android.googlesource.com/platform/frameworks/base/+/109e58b62dc9fedcee93983678ef9d4931e72afa') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In hasPermissionForActivity of PackageManagerHelper.java, there is a possible way to start arbitrary components due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35682&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35682]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35682') [MISC]('https://android.googlesource.com/platform/packages/apps/Launcher3/+/09f8b0e52e45a0b39bab457534ba2e5ae91ffad0') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35687&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35687]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35687') [MISC]('https://android.googlesource.com/platform/frameworks/av/+/ea6131efa76a0b2a12724ffd157909e2c6fb4036') [MISC]('https://source.android.com/security/bulletin/2023-09-01')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 3d_viewer [/LEFT][/TD] [TD][LEFT]3D Viewer Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36739&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36739]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36739') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36739')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 3d_viewer [/LEFT][/TD] [TD][LEFT]3D Viewer Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36740&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36740]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36740') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36740')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visual_studio [/LEFT][/TD] [TD][LEFT]Visual Studio Code Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36742&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36742]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36742') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36742')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visual_studio [/LEFT][/TD] [TD][LEFT]Visual Studio Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36758&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36758]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36758') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36758')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 3d_viewer [/LEFT][/TD] [TD][LEFT]3D Viewer Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36760&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36760]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36760') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36760')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- office [/LEFT][/TD] [TD][LEFT]Microsoft Office Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36765&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36765]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36765') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36765')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- excel [/LEFT][/TD] [TD][LEFT]Microsoft Excel Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36766&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36766]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36766') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36766')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 3d_builder [/LEFT][/TD] [TD][LEFT]3D Builder Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36770&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36770]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36770') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36770')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 3d_builder [/LEFT][/TD] [TD][LEFT]3D Builder Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36771&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36771]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36771') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36771')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 3d_builder [/LEFT][/TD] [TD][LEFT]3D Builder Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36772&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36772]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36772') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36772')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- 3d_builder[/LEFT][/TD] [TD][LEFT]3D Builder Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36773&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36773]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36773') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36773')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- .net [/LEFT][/TD] [TD][LEFT].NET Framework Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36788&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36788]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36788') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36788')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visual_studio [/LEFT][/TD] [TD][LEFT]Visual Studio Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36792&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36792]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36792') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36792')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visual_studio [/LEFT][/TD] [TD][LEFT]Visual Studio Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36793&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36793]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36793') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36793')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visual_studio [/LEFT][/TD] [TD][LEFT]Visual Studio Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36794&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36794]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36794') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36794')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visual_studio [/LEFT][/TD] [TD][LEFT]Visual Studio Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36796&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36796]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36796') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36796')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36802&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36802]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36802') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36802')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows GDI Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36804&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36804]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36804') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36804')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1). The affected application is vulnerable to stack-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20818)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38070&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38070]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38070') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20824)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38071&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38071]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38071') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20825)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38072&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38072]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38072') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20826)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38073&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38073]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38073') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1). The affected application contains a type confusion vulnerability while parsing WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-20840)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38074&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38074]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38074') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1). The affected application contains a use-after-free vulnerability that could be triggered while parsing specially crafted WRL files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-20842)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38075&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38075]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38075') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- teamcenter_visualization [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter Visualization V14.1 (All versions < V14.1.0.11), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions < V14.3.0.1). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21041)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38076&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38076]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38076') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-278349.pdf')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows Kernel Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38139&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38139]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38139') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38139')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows Kernel Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38141&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38141]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38141') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38141')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows Kernel Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38142&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38142]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38142') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38142')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows Common Log File System Driver Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38143&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38143]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38143') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38143')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows Common Log File System Driver Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38144&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38144]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38144') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38144')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_11 [/LEFT][/TD] [TD][LEFT]Windows Kernel Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38150&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38150]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38150') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38150')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows GDI Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38161&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38161]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38161') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38161')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- windows_defender_security_intelligence_updates[/LEFT][/TD] [TD][LEFT]Windows Defender Attack Surface Reduction Security Feature Bypass[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38163&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38163]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38163') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38163')[/TD] [/TR] [TR] [TD][LEFT]ibm -- qradar_wincollect[/LEFT][/TD] [TD][LEFT]IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38736&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38736]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38736') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/262542') [MISC]('https://www.ibm.com/support/pages/node/7030703')[/TD] [/TR] [TR] [TD][LEFT]raidenftpd -- raidenftpd[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39063&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39063]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39063') [MISC]('https://github.com/AndreGNogueira/CVE-2023-39063')[/TD] [/TR] [TR] [TD][LEFT]siemens -- qms_automotive [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application uses weak outdated application signing mechanism. This could allow an attacker to tamper the application code.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40727&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40727]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40727') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All versions < V36.0.142). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21263)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41032&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41032]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41032') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-190839.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260), Parasolid V35.1 (All versions < V35.1.246), Parasolid V36.0 (All versions < V36.0.156). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21266)[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41033&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41033]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41033') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-190839.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- parasolid [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulnerable to memory corruption while parsing specially crafted SPP files. This could allow an attacker to execute code in the context of the current process.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41846&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41846]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41846') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-764801.pdf')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos[/LEFT][/TD] [TD][LEFT]The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13.2, iOS 15.7.8 and iPadOS 15.7.8, watchOS 9.3, tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.9, macOS Monterey 12.6.8. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41990&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41990]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41990') [MISC]('https://support.apple.com/en-us/HT213605') [MISC]('https://support.apple.com/en-us/HT213606') [MISC]('https://support.apple.com/en-us/HT213845') [MISC]('https://support.apple.com/en-us/HT213601') [MISC]('https://support.apple.com/en-us/HT213844') [MISC]('https://support.apple.com/en-us/HT213599') [MISC]('https://support.apple.com/en-us/HT213842')[/TD] [/TR] [TR] [TD][LEFT]hashicorp -- terraform[/LEFT][/TD] [TD][LEFT]Terraform version 1.0.8 through 1.5.6 allows arbitrary file write during the [ICODE]init[/ICODE] operation if run on maliciously crafted Terraform configuration. This vulnerability is fixed in Terraform 1.5.7.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4782&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4782]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4782') [MISC]('https://discuss.hashicorp.com/t/hcsec-2023-27-terraform-allows-arbitrary-file-write-during-init-operation/58082')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- dynamics_265_for_finance_and_operations [/LEFT][/TD] [TD][LEFT]Dynamics Finance and Operations Cross-site Scripting Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36800&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36800]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36800') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36800')[/TD] [/TR] [TR] [TD][LEFT]dlink -- dir-619l_firmware[/LEFT][/TD] [TD][LEFT]An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-19323&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2020-19323]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-19323') [MISC]('https://github.com/hhhhu8045759/619L_upnpd_heapoverflow') [MISC]('https://www.dlink.com/en/security-bulletin/')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex[/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to supply sensitive information. IBM X-Force ID: 222567.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-22401&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-22401]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22401') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/222567') [MISC]('https://www.ibm.com/support/pages/node/7029681')[/TD] [/TR] [TR] [TD][LEFT]siemens -- multiple_products [/LEFT][/TD] [TD][LEFT]The ANSI C OPC UA SDK contains an integer overflow vulnerability that could cause the application to run into an infinite loop during certificate validation. This could allow an unauthenticated remote attacker to create a denial of service condition by sending a specially crafted certificate.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28831&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-28831]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28831') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-711309.pdf')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- azure_kubernetes_service [/LEFT][/TD] [TD][LEFT]Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-29332&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-29332]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29332') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29332')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex[/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30995&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-30995]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30995') [MISC]('https://www.ibm.com/support/pages/node/7029681') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/254268')[/TD] [/TR] [TR] [TD][LEFT]tsplus -- tsplus_remote_access[/LEFT][/TD] [TD][LEFT]An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31069&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-31069]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31069') [MISC]('http://packetstormsecurity.com/files/174271/TSPlus-16.0.0.0-Insecure-Credential-Storage.html') [MISC]('https://www.exploit-db.com/exploits/51681')[/TD] [/TR] [TR] [TD][LEFT]quboworld -- smart_plug_10a_firmware[/LEFT][/TD] [TD][LEFT]An issue was discovered in Qubo Smart Plug 10A version HSP02_01_01_14_SYSTEM-10A, allows attackers to cause a denial of service (DoS) via Wi-Fi deauthentication.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36161&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36161]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36161') [MISC]('https://github.com/Yashodhanvivek/Qubo_smart_switch_security_assessment/blob/main/Qubo_Smart_Plug_10A_Security_Assessment.pdf')[/TD] [/TR] [TR] [TD][LEFT]aptosfoundation -- aptos[/LEFT][/TD] [TD][LEFT]CMysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component /spec/openrpc.json.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36184&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36184]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36184') [MISC]('https://github.com/move-language/move/issues/1059') [MISC]('https://medium.com/@Beosin_com/critical-vulnerability-in-move-vm-can-cause-total-network-shutdown-and-potential-hard-fork-in-sui-49d0d942801c') [MISC]('https://github.com/MystenLabs/sui/commit/8b681515c0cf435df2a54198a28ab4ef574d202b') [MISC]('https://github.com/aptos-labs/aptos-core/commit/47a0391c612407fe0b1051ef658a29e35d986963')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- outlook [/LEFT][/TD] [TD][LEFT]Microsoft Outlook Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36763&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36763]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36763') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36763')[/TD] [/TR] [TR] [TD][LEFT]samsung -- exynos_9810_firmware[/LEFT][/TD] [TD][LEFT]An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37368&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-37368]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37368') [MISC]('https://semiconductor.samsung.com/support/quality-support/product-security-updates/')[/TD] [/TR] [TR] [TD][LEFT]samsung -- exynos_980_firmware[/LEFT][/TD] [TD][LEFT]An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37377&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-37377]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37377') [MISC]('https://semiconductor.samsung.com/support/quality-support/product-security-updates/')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Windows TCP/IP Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38149&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38149]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38149') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38149')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]DHCP Server Service Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38162&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38162]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38162') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-38162')[/TD] [/TR] [TR] [TD][LEFT]adobe -- coldfusion [/LEFT][/TD] [TD][LEFT]Adobe ColdFusion versions 2018u18 (and earlier), 2021u8 (and earlier) and 2023u2 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.[/LEFT][/TD] [TD][CENTER]2023-09-14[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38205&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38205]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38205') [MISC]('https://helpx.adobe.com/security/products/coldfusion/apsb23-47.html')[/TD] [/TR] [TR] [TD][LEFT]golang -- go[/LEFT][/TD] [TD][LEFT]Processing an incomplete post-handshake message for a QUIC connection can cause a panic.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39321&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39321]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39321') [MISC]('https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ') [MISC]('https://go.dev/cl/523039') [MISC]('https://pkg.go.dev/vuln/GO-2023-2044') [MISC]('https://go.dev/issue/62266')[/TD] [/TR] [TR] [TD][LEFT]golang -- go[/LEFT][/TD] [TD][LEFT]QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39322&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39322]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39322') [MISC]('https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ') [MISC]('https://go.dev/cl/523039') [MISC]('https://go.dev/issue/62266') [MISC]('https://pkg.go.dev/vuln/GO-2023-2045')[/TD] [/TR] [TR] [TD][LEFT]hexo -- hexo[/LEFT][/TD] [TD][LEFT]Hexo up to v7.0.0 (RC2) was discovered to contain an arbitrary file read vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39584&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39584]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39584') [MISC]('https://github.com/hexojs/hexo/blob/a3e68e7576d279db22bd7481914286104e867834/lib/plugins/tag/include_code.js#L49') [MISC]('https://github.com/hexojs/hexo/issues/5250') [MISC]('https://www.gem-love.com/2023/07/25/hexo%E5%8D%9A%E5%AE%A2%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E5%92%8C%E4%BB%A3%E7%A0%81%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E/#undefined')[/TD] [/TR] [TR] [TD][LEFT]buffalo -- terastation_nas_5410r_firmware[/LEFT][/TD] [TD][LEFT]An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote attacker to obtain sensitive information via the guest account function.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39620&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39620]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39620') [MISC]('https://github.com/bcross520/bcross520.github.io/wiki/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration.') [MISC]('https://github.com/bcross520/bcross520.github.io/wiki/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration')[/TD] [/TR] [TR] [TD][LEFT]arm -- trusted_firmware-m[/LEFT][/TD] [TD][LEFT]In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40271&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-40271]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40271') [MISC]('https://git.trustedfirmware.org/TF-M/trusted-firmware-m.git/tree/docs/security/security_advisories/cc3xx_partial_tag_compare_on_chacha20_poly1305.rst') [MISC]('https://tf-m-user-guide.trustedfirmware.org/releases/index.html')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos[/LEFT][/TD] [TD][LEFT]This issue was addressed with improved state management of S/MIME encrypted emails. This issue is fixed in macOS Monterey 12.6.8. A S/MIME encrypted email may be inadvertently sent unencrypted.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40440&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40440]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40440') [MISC]('https://support.apple.com/en-us/HT213844')[/TD] [/TR] [TR] [TD][LEFT]jeecg -- jeecg_boot[/LEFT][/TD] [TD][LEFT]Jeecg boot up to v3.5.3 was discovered to contain an arbitrary file read vulnerability via the interface /testConnection.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41578&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-41578]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41578') [MISC]('https://github.com/Snakinya/Bugs/issues/1')[/TD] [/TR] [TR] [TD][LEFT]dairy_farm_shop_management_system -- dairy_farm_shop_management_system[/LEFT][/TD] [TD][LEFT]Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41594&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-41594]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41594') [MISC]('https://www.acunetix.com/vulnerabilities/web/sql-injection/') [MISC]('https://github.com/MATRIXDEVIL/CVE/blob/main/CVE-2023-41594') [MISC]('https://portswigger.net/web-security/sql-injection')[/TD] [/TR] [TR] [TD][LEFT]hutool -- hutool[/LEFT][/TD] [TD][LEFT]hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse().[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42278&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-42278]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42278') [MISC]('https://github.com/dromara/hutool/issues/3289')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- multiple_products[/LEFT][/TD] [TD][LEFT]When checking if the Browsing Context had been discarded in [ICODE]HttpBaseChannel[/ICODE], if the load group was not available then it was assumed to have already been discarded which was not always the case for private channels after the private session had ended. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4583&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-4583]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4583') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1842030') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- simple_membership_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been classified as critical. This affects an unknown part of the file club_edit_query.php. The manipulation of the argument club_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-239253 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4844&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4844]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4844') [MISC]('https://vuldb.com/?id.239253') [MISC]('https://vuldb.com/?ctiid.239253') [MISC]('https://github.com/Meizhi-hua/cve/blob/main/Simple-Membership-System%20club_edit_query.php%20has%20Sqlinjection.pdf')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- simple_membership_system[/LEFT][/TD] [TD][LEFT]A vulnerability was found in SourceCodester Simple Membership System 1.0. It has been rated as critical. This issue affects some unknown processing of the file delete_member.php. The manipulation of the argument mem_id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239255.[/LEFT][/TD] [TD][CENTER]2023-09-09[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4846&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4846]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4846') [MISC]('https://vuldb.com/?ctiid.239255') [MISC]('https://github.com/Swpan2018/Vulhub/blob/main/Simple-Membership-System%20delete_member.php%20has%20Sqlinjection.pdf') [MISC]('https://vuldb.com/?id.239255')[/TD] [/TR] [TR] [TD][LEFT]inure -- inure[/LEFT][/TD] [TD][LEFT]Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92.[/LEFT][/TD] [TD][CENTER]2023-09-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4876&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4876]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4876') [MISC]('https://huntr.dev/bounties/f729d2c8-a62e-4f30-ac24-e187b0a7892a') [MISC]('https://github.com/hamza417/inure/commit/7db5511753089c3cf477475f1f3b62a6e6ede4a8')[/TD] [/TR] [TR] [TD][LEFT]inure -- inure[/LEFT][/TD] [TD][LEFT]Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository hamza417/inure prior to build92.[/LEFT][/TD] [TD][CENTER]2023-09-10[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4877&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4877]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4877') [MISC]('https://github.com/hamza417/inure/commit/09762e8c059be5983ca55e6424b2b5992fa740e7') [MISC]('https://huntr.dev/bounties/168e9299-f8ff-40d6-9def-d097b38bad84')[/TD] [/TR] [TR] [TD][LEFT]mintplexlabs -- anything-llm[/LEFT][/TD] [TD][LEFT]Authentication Bypass by Primary Weakness in GitHub repository mintplex-labs/anything-llm prior to 0.0.1.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4898&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4898]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4898') [MISC]('https://huntr.dev/bounties/a3dda692-7e8a-44a9-bd96-24cfd3f721d2') [MISC]('https://github.com/mintplex-labs/anything-llm/commit/dc3dfbf31495fe316b21ee184b9317b38101d30e')[/TD] [/TR] [TR] [TD][LEFT]cecil -- cecil[/LEFT][/TD] [TD][LEFT]Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7.47.1.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4914&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4914]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4914') [MISC]('https://huntr.dev/bounties/cdd995b2-c983-428b-a73a-827b61b7c06b') [MISC]('https://github.com/cecilapp/cecil/commit/00dc79f10ce723034b7140d79f4ac731d1d902eb')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_dc[/LEFT][/TD] [TD][LEFT]Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2019-16470&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2019-16470]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-16470') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb19-55.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_dc[/LEFT][/TD] [TD][LEFT]Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2019-16471&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2019-16471]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2019-16471') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb19-55.html')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- multiple_products [/LEFT][/TD] [TD][LEFT]Microsoft Word Remote Code Execution Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36762&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L')[/CENTER][/TD] [TD][CVE-2023-36762]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36762') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36762')[/TD] [/TR] [TR] [TD][LEFT]siemens -- qms_automotive [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in QMS Automotive (All versions < V12.39). User credentials are found in memory as plaintext. An attacker could perform a memory dump, and get access to credentials, and use it for impersonation.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40724&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L')[/CENTER][/TD] [TD][CVE-2023-40724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40724') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- qms_automotive [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service condition.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40728&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L')[/CENTER][/TD] [TD][CVE-2023-40728]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40728') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf')[/TD] [/TR] [TR] [TD][LEFT]siemens -- qms_automotive [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in QMS Automotive (All versions < V12.39). The affected application lacks security control to prevent unencrypted communication without HTTPS. An attacker who managed to gain machine-in-the-middle position could manipulate or steal confidential information.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40729&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-40729]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40729') [MISC]('https://cert-portal.siemens.com/productcert/pdf/ssa-147266.pdf')[/TD] [/TR] [TR] [TD][LEFT]sap -- businessobjects_business_intelligence_platform[/LEFT][/TD] [TD][LEFT]Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system into the report over the network. When uploading the image file, an authenticated attacker could intercept the request, modify the content type and the extension to read and modify sensitive data causing a high impact on confidentiality and integrity of the application.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][7.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-42472&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-42472]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-42472') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html') [MISC]('https://me.sap.com/notes/3370490')[/TD] [/TR] [TR] [TD][LEFT] microsoft -- azure_hdinsights [/LEFT][/TD]

[TD][LEFT]Azure HDInsight Apache Ambari Elevation of Privilege Vulnerability[/LEFT][/TD]
[TD][CENTER]2023-09-12[/CENTER][/TD]
[TD][CENTER]7.2[/CENTER][/TD]
[TD]CVE-2023-38156
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]zohocorp – manageengine_admanager_plus[/LEFT][/TD]
[TD][LEFT]Zoho ManageEngine ADManager Plus before Build 7200 allows admin users to execute commands on the host machine.[/LEFT][/TD]
[TD][CENTER]2023-09-11[/CENTER][/TD]
[TD][CENTER]7.2[/CENTER][/TD]
[TD]CVE-2023-38743
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]insyde – iscflashx64.sys[/LEFT][/TD]
[TD][LEFT]An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.[/LEFT][/TD]
[TD][CENTER]2023-09-08[/CENTER][/TD]
[TD][CENTER]7.1[/CENTER][/TD]
[TD]CVE-2021-33834
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]sap – businessobjects[/LEFT][/TD]
[TD][LEFT]SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. On successful exploitation the attacker can delete all the operating system files causing a limited impact on integrity and completely compromising the availability of the system.[/LEFT][/TD]
[TD][CENTER]2023-09-12[/CENTER][/TD]
[TD][CENTER]7.1[/CENTER][/TD]
[TD]CVE-2023-40623
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]siemens – qms_automotive
[/LEFT][/TD]
[TD][LEFT]A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application lacks sufficient authorization checks. This could allow an attacker to access confidential information, perform administrative functions, or lead to a denial-of-service condition.[/LEFT][/TD]
[TD][CENTER]2023-09-12[/CENTER][/TD]
[TD][CENTER]7.1[/CENTER][/TD]
[TD]CVE-2023-40730
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]linux – kernel[/LEFT][/TD]
[TD][LEFT]A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the [ICODE]nft_exthdr_eval[/ICODE] family of functions writes 4 NULL bytes past the end of the [ICODE]regs[/ICODE] argument, leading to stack corruption and potential information disclosure or a denial of service.[/LEFT][/TD]
[TD][CENTER]2023-09-11[/CENTER][/TD]
[TD][CENTER]7.1[/CENTER][/TD]
[TD]CVE-2023-4881
MISC
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]n-able – take_control[/LEFT][/TD]
[TD][LEFT]BASupSrvcUpdater.exe in N-able Take Control Agent through 7.0.41.1141 before 7.0.43 has a TOCTOU Race Condition via a pseudo-symlink at %PROGRAMDATA%\GetSupportService_N-Central\PushUpdates, leading to arbitrary file deletion.[/LEFT][/TD]
[TD][CENTER]2023-09-11[/CENTER][/TD]
[TD][CENTER]7[/CENTER][/TD]
[TD]CVE-2023-27470
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]microsoft – windows_server_2012[/LEFT][/TD]
[TD][LEFT]Windows MSHTML Platform Security Feature Bypass Vulnerability[/LEFT][/TD]
[TD][CENTER]2023-09-12[/CENTER][/TD]
[TD][CENTER]7[/CENTER][/TD]
[TD]CVE-2023-36805
MISC[/TD]
[/TR]
[TR]
[TD][LEFT]microsoft – azure_devops
[/LEFT][/TD]
[TD][LEFT]Azure DevOps Server Remote Code Execution Vulnerability[/LEFT][/TD]
[TD][CENTER]2023-09-12[/CENTER][/TD]
[TD][CENTER]7[/CENTER][/TD]
[TD]CVE-2023-38155
MISC[/TD]
[/TR]
[/TABLE][/CENTER]

Back to top

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]solarwinds -- solarwinds_platform [/LEFT][/TD] [TD][LEFT]The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23840&vector=CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-23840]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23840') [MISC]('https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23840') [MISC]('https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm')[/TD] [/TR] [TR] [TD][LEFT]solarwinds -- solarwinds_platform [/LEFT][/TD] [TD][LEFT]The SolarWinds Platform was susceptible to the Incorrect Comparison Vulnerability. This vulnerability allows users with administrative access to SolarWinds Web Console to execute arbitrary commands with NETWORK SERVICE privileges.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][6.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23845&vector=CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-23845]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23845') [MISC]('https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-23845') [MISC]('https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/solarwinds_platform_2023-3-1_release_notes.htm')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- visual_studio [/LEFT][/TD] [TD][LEFT]Visual Studio Elevation of Privilege Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36759&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36759]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36759') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36759')[/TD] [/TR] [TR] [TD][LEFT]xpand-it -- write-back_manager[/LEFT][/TD] [TD][LEFT]Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27169&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-27169]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27169') [MISC]('https://www.xpand-it.com') [MISC]('https://balwurk.com') [MISC]('https://writeback4t.com') [MISC]('https://balwurk.com/cve-use-of-hard-coded-cryptographic-key/')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- .net/visual_studio [/LEFT][/TD] [TD][LEFT].NET Core and Visual Studio Denial of Service Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36799&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-36799]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36799') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36799')[/TD] [/TR] [TR] [TD][LEFT]apache -- airflow[/LEFT][/TD] [TD][LEFT]Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allows authenticated users who have access to see the task/dag in the UI, to craft a URL, which could lead to unmasking the secret configuration of the task that otherwise would be masked in the UI. Users are strongly advised to upgrade to version 2.7.1 or later which has removed the vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40712&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40712]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40712') [MISC]('https://github.com/apache/airflow/pull/33516') [MISC]('https://github.com/apache/airflow/pull/33512') [MISC]('https://lists.apache.org/thread/jw1yv4lt6hpowqbb0x4o3tdp0jhx2bts')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- thunderbird[/LEFT][/TD] [TD][LEFT]When receiving rendering data over IPC [ICODE]mStream[/ICODE] could have been destroyed when initialized, which could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4573&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4573]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4573') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-35/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1846687') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-37/')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- thunderbird[/LEFT][/TD] [TD][LEFT]When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4574&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4574]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4574') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-35/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1846688') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-37/')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- thunderbird[/LEFT][/TD] [TD][LEFT]When creating a callback over IPC for showing the File Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4575&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4575]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4575') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-35/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1846689') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-37/')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- thunderbird[/LEFT][/TD] [TD][LEFT]When [ICODE]UpdateRegExpStatics[/ICODE] attempted to access [ICODE]initialStringHeap[/ICODE] it could already have been garbage collected prior to entering the function, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4577&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4577]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4577') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1847397') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- thunderbird[/LEFT][/TD] [TD][LEFT]When calling [ICODE]JS::CheckRegExpSyntax[/ICODE] a Syntax Error could have been set which would end in calling [ICODE]convertToRuntimeErrorAndClear[/ICODE]. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4578&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4578]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4578') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1839007') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/')[/TD] [/TR] [TR] [TD][LEFT]mozilla -- thunderbird[/LEFT][/TD] [TD][LEFT]Push notifications stored on disk in private browsing mode were not being encrypted potentially allowing the leak of sensitive information. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4580&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4580]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4580') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-34/') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-36/') [MISC]('https://bugzilla.mozilla.org/show_bug.cgi?id=1843046') [MISC]('https://www.mozilla.org/security/advisories/mfsa2023-38/')[/TD] [/TR] [TR] [TD][LEFT]mutt -- mutt[/LEFT][/TD] [TD][LEFT]Null pointer dereference when viewing a specially crafted email in Mutt >1.5.2 <2.2.12[/LEFT][/TD] [TD][CENTER]2023-09-09[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4874&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4874]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4874') [MISC]('https://gitlab.com/muttmua/mutt/-/commit/a4752eb0ae0a521eec02e59e51ae5daedf74fda0.patch') [MISC]('https://gitlab.com/muttmua/mutt/-/commit/452ee330e094bfc7c9a68555e5152b1826534555.patch') [MISC]('https://www.debian.org/security/2023/dsa-5494')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Feeds for YouTube for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'youtube-feed' shortcode in versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-09-14[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4841&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4841]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4841') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/376e2638-a873-4142-ad7d-067ae3333709?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset/2966017/feeds-for-youtube#file564') [MISC]('https://plugins.trac.wordpress.org/browser/feeds-for-youtube/tags/2.1/templates/feed.php#L33')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Crayon Syntax Highlighter plugin for WordPress is vulnerable to Server Side Request Forgery via the 'crayon' shortcode in versions up to, and including, 2.8.4. This can allow authenticated attackers with contributor-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4893&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4893]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4893') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/527f75f1-6361-4e16-8ae4-d38ca4589811?source=cve') [MISC]('https://plugins.trac.wordpress.org/browser/crayon-syntax-highlighter/trunk/crayon_highlighter.class.php#L83')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Awesome Weather Widget for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'awesome-weather' shortcode in versions up to, and including, 3.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-09-14[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4944&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4944]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4944') [MISC]('https://plugins.trac.wordpress.org/browser/awesome-weather/tags/3.0.2/awesome-weather.php#L133') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/3bf77988-370b-437f-83a0-18a147e3e087?source=cve') [MISC]('https://plugins.trac.wordpress.org/browser/awesome-weather/tags/3.0.2/awesome-weather.php#L117')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Booster for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple shortcodes in versions up to, and including, 7.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-09-14[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4945&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4945]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4945') [MISC]('https://plugins.trac.wordpress.org/browser/woocommerce-jetpack/tags/7.1.0/includes/shortcodes/class-wcj-general-shortcodes.php#L1035') [MISC]('https://plugins.trac.wordpress.org/changeset/2966325/woocommerce-jetpack') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/981639a3-63c4-4b3f-827f-4d770bd44806?source=cve')[/TD] [/TR] [TR] [TD][LEFT]sap -- powerdesigner[/LEFT][/TD] [TD][LEFT]SAP PowerDesigner Client - version 16.7, allows an unauthenticated attacker to inject VBScript code in a document and have it opened by an unsuspecting user, to have it executed by the application on behalf of the user. The application has a security option to disable or prompt users before untrusted scripts are executed, but this is not set as default.[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][6.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40621&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2023-40621]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40621') [MISC]('https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html') [MISC]('https://me.sap.com/notes/3357163')[/TD] [/TR] [TR] [TD][LEFT]microsoft -- word [/LEFT][/TD] [TD][LEFT]Microsoft Word Information Disclosure Vulnerability[/LEFT][/TD] [TD][CENTER]2023-09-12[/CENTER][/TD] [TD][CENTER][6.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36761&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36761]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36761') [MISC]('https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36761')[/TD] [/TR] [TR] [TD][LEFT]adobe -- connect [/LEFT][/TD] [TD][LEFT]Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-29305&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-29305]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29305') [MISC]('https://helpx.adobe.com/security/products/connect/apsb23-33.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- connect [/LEFT][/TD] [TD][LEFT]Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.[/LEFT][/TD] [TD][CENTER]2023-09-13[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-29306&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-29306]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29306') [MISC]('https://helpx.adobe.com/security/products/connect/apsb23-33.html')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The tagDiv Composer WordPress plugin before 4.2, used as a companion by the Newspaper and Newsmag themes from tagDiv, does not have authorisation in a REST route and does not validate as well as escape some parameters when outputting them back, which could allow unauthenticated users to perform Stored Cross-Site Scripting attacks.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3169&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-3169]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3169') [MISC]('https://wpscan.com/vulnerability/e6d8216d-ace4-48ba-afca-74da0dc5abb5')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]A reflected cross-site scripting (XSS) vulnerability in DevCode OpenSTAManager versions 2.4.24 to 2.4.47 may allow a remote attacker to execute arbitrary JavaScript in the web browser of a victim by injecting a malicious payload into the 'error' and 'error_description' parameters of 'oauth2.php'.[/LEFT][/TD] [TD][CENTER]2023-09-11[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38878&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38878]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38878') [MISC]('https://github.com/devcode-it/openstamanager') [MISC]('https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-38878') [MISC]('https://openstamanager.com/')[/TD] [/TR] [TR] [TD][LEFT]golang -- go[/LEFT][/TD] [TD][LEFT]The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39318&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39318]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39318') [MISC]('https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ') [MISC]('https://pkg.go.dev/vuln/GO-2023-2041') [MISC]('https://go.dev/cl/526156') [MISC]('https://go.dev/issue/62196')[/TD] [/TR] [TR] [TD][LEFT]golang -- go[/LEFT][/TD] [TD][LEFT]The html/template package does not apply the proper rules for handling occurrences of "