CISA Bulletins - Vulnerability Summary for the Week of September 4, 2023

High Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]canonical_ltd. -- snapd_for_linux[/LEFT][/TD] [TD][LEFT]Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][10]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1523&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-1523]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1523') [MISC]('https://ubuntu.com/security/notices/USN-6125-1') [MISC]('https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1523') [MISC]('https://github.com/snapcore/snapd/pull/12849') [MISC]('https://marc.info/?l=oss-security&m=167879021709955&w=2')[/TD] [/TR] [TR] [TD][LEFT]bmc -- server_automation[/LEFT][/TD] [TD][LEFT]BMC Server Automation before 8.9.01 patch 1 allows Process Spawner command execution because of authentication bypass.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2017-9453&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2017-9453]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2017-9453') [MISC]('https://docs.bmc.com/docs/serverautomation/2002/notification-of-critical-security-issue-in-bmc-server-automation-cve-2017-9453-1020706453.html')[/TD] [/TR] [TR] [TD][LEFT]mybb -- mybb[/LEFT][/TD] [TD][LEFT]Installer RCE on settings file write in MyBB before 1.8.22.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-22612&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-22612]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-22612') [MISC]('https://mybb.com/versions/1.8.22/')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- sd855[/LEFT][/TD] [TD][LEFT]A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g., from a remote source).[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28543&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28543]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28543') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory corruption while handling payloads from remote ESL.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28562&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28562]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28562') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- fastconnect_6800[/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN Firmware while parsing received GTK Keys in GTK KDE.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28581&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28581]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28581') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- health[/LEFT][/TD] [TD][LEFT]Improper input validation vulnerability in Samsung Health prior to version 6.24.2.011 allows attackers to write arbitrary file with Samsung Health privilege.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30723&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30723]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30723') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]open_automation_software -- oas_platform[/LEFT][/TD] [TD][LEFT]An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31242&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-31242]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31242') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1769') [MISC]('https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1769')[/TD] [/TR] [TR] [TD][LEFT]bookreen -- bookreen[/LEFT][/TD] [TD][LEFT]Incomplete List of Disallowed Inputs vulnerability in Unisign Bookreen allows Privilege Escalation.This issue affects Bookreen: before 3.0.0.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3374&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3374]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3374') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0489')[/TD] [/TR] [TR] [TD][LEFT]osoft -- paint_production_management [/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Osoft Paint Production Management allows SQL Injection. This issue affects Paint Production Management: before 2.1.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35065&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35065]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35065') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0490')[/TD] [/TR] [TR] [TD][LEFT]bma -- personnel_tracking_system [/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BMA Personnel Tracking System allows SQL Injection. This issue affects Personnel Tracking System: before 20230904.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35068&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35068]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35068') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0491')[/TD] [/TR] [TR] [TD][LEFT]coyav_travel -- proagent [/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Coyav Travel Proagent allows SQL Injection. This issue affects Proagent: before 20230904.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35072&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-35072]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35072') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0492')[/TD] [/TR] [TR] [TD][LEFT]pocketmanga -- smanga[/LEFT][/TD] [TD][LEFT]SQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36076&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36076]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36076') [MISC]('https://github.com/lkw199711/smanga/issues/100')[/TD] [/TR] [TR] [TD][LEFT]macwk -- icecms[/LEFT][/TD] [TD][LEFT]An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36100&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36100]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36100') [MISC]('https://github.com/Thecosy/IceCMS/issues/15')[/TD] [/TR] [TR] [TD][LEFT]mava -- hotel_management_system[/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mava Software Hotel Management System allows SQL Injection. This issue affects Hotel Management System: before 2.0.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3616&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3616]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3616') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0493')[/TD] [/TR] [TR] [TD][LEFT]netgear -- cbr40[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in NETGEAR R6400v2 before version 1.0.4.118, allows remote unauthenticated attackers to execute arbitrary code via crafted URL to httpd.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36187&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36187]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36187') [MISC]('https://kb.netgear.com/000065571/Security-Advisory-for-Pre-Authentication-Buffer-Overflow-on-Some-Routers-PSV-2020-0578')[/TD] [/TR] [TR] [TD][LEFT]relic -- relic[/LEFT][/TD] [TD][LEFT]Integer Overflow vulnerability in RELIC before commit 34580d840469361ba9b5f001361cad659687b9ab, allows attackers to execute arbitrary code, cause a denial of service, and escalate privileges when calling realloc function in bn_grow function.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36326&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36326]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36326') [MISC]('https://groups.google.com/g/relic-discuss/c/A_J2-ArVIAo/m/qgFiXsUJBQAJ?utm_medium=email&utm_source=footer') [MISC]('https://github.com/relic-toolkit/relic/commit/34580d840469361ba9b5f001361cad659687b9ab')[/TD] [/TR] [TR] [TD][LEFT]relic -- relic[/LEFT][/TD] [TD][LEFT]Integer Overflow vulnerability in RELIC before commit 421f2e91cf2ba42473d4d54daf24e295679e290e, allows attackers to execute arbitrary code and cause a denial of service in pos argument in bn_get_prime function.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36327&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36327]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36327') [MISC]('https://groups.google.com/g/relic-discuss/c/A_J2-ArVIAo/m/qgFiXsUJBQAJ?utm_medium=email&utm_source=footer') [MISC]('https://github.com/relic-toolkit/relic/commit/421f2e91cf2ba42473d4d54daf24e295679e290e')[/TD] [/TR] [TR] [TD][LEFT]libtom -- libtommath[/LEFT][/TD] [TD][LEFT]Integer Overflow vulnerability in mp_grow in libtom libtommath before commit beba892bc0d4e4ded4d667ab1d2a94f4d75109a9, allows attackers to execute arbitrary code and cause a denial of service (DoS).[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36328&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36328]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36328') [MISC]('https://github.com/libtom/libtommath/pull/546') [FEDORA]('https://lists.fedoraproject.org/archives/list/[email protected]/message/3H2PFUTBKQUDSOJXQQS7LUSZQWT3JTW2/')[/TD] [/TR] [TR] [TD][LEFT]web-audimex -- audimexee[/LEFT][/TD] [TD][LEFT]Audimexee v14.1.7 was discovered to contain a SQL injection vulnerability via the p_table_name parameter.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36361&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-36361]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36361') [MISC]('http://audimexee.com') [MISC]('https://gist.github.com/Cameleon037/40b3b6f6729d1d0984d6ce5b6837c46b') [MISC]('http://audimex.com')[/TD] [/TR] [TR] [TD][LEFT]proscend -- m357-5g[/LEFT][/TD] [TD][LEFT]Proscend Advice ICR Series routers FW version 1.76 - CWE-1392: Use of Default Credentials[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3703&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3703]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3703') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]synel -- synergy/a[/LEFT][/TD] [TD][LEFT]Synel Terminals - CWE-494: Download of Code Without Integrity Check[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37220&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-37220]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37220') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]asus -- rt-ax56u [/LEFT][/TD] [TD][LEFT]It is identified a format string vulnerability in ASUS RT-AX56U V2. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_svr.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39238&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39238]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39238') [MISC]('https://www.twcert.org.tw/tw/cp-132-7354-4e654-1.html')[/TD] [/TR] [TR] [TD][LEFT]asus -- rt-ax56u [/LEFT][/TD] [TD][LEFT]It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39239&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39239]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39239') [MISC]('https://https://www.twcert.org.tw/tw/cp-132-7355-0ce8d-1.html')[/TD] [/TR] [TR] [TD][LEFT]asus -- rt-ax56u [/LEFT][/TD] [TD][LEFT]It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. An unauthenticated remote attacker can exploit this vulnerability without privilege to perform remote arbitrary code execution, arbitrary system operation or disrupt service.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39240&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39240]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39240') [MISC]('https://www.twcert.org.tw/tw/cp-132-7356-021bf-1.html')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39361&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39361]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39361') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-6r43-q2fw-5wrg')[/TD] [/TR] [TR] [TD][LEFT]langchain -- langchain[/LEFT][/TD] [TD][LEFT]An issue in LanChain-ai Langchain v.0.0.245 allows a remote attacker to execute arbitrary code via the evaluate function in the numexpr library.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39631&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39631]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39631') [MISC]('https://github.com/pydata/numexpr/issues/442') [MISC]('https://github.com/langchain-ai/langchain/issues/8363')[/TD] [/TR] [TR] [TD][LEFT]abuquant -- abupy[/LEFT][/TD] [TD][LEFT]abupy up to v0.4.0 was discovered to contain a SQL injection vulnerability via the component abupy.MarketBu.ABuSymbol.search_to_symbol_dict.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39654&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39654') [MISC]('https://github.com/bbfamily/abu') [MISC]('https://github.com/Leeyangee/leeya_bug/blob/main/%5BWarning%5DSQL%20Injection%20in%20abupy%20%3C=%20v0.4.0.md')[/TD] [/TR] [TR] [TD][LEFT]cuppa_cms -- cuppa_cms[/LEFT][/TD] [TD][LEFT]Cuppa CMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the email_outgoing parameter at /Configuration.php. This vulnerability is triggered via a crafted payload.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39681&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39681]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39681') [MISC]('https://github.com/yanbochen97/CuppaCMS_RCE')[/TD] [/TR] [TR] [TD][LEFT]moxa -- mxsecurity[/LEFT][/TD] [TD][LEFT]There is a vulnerability in MXsecurity versions prior to 1.0.1 that can be exploited to bypass authentication. A remote attacker might access the system if the web service authenticator has insufficient random values. [/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39979&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39979]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39979') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]digitatek -- smartrise_document_management_system[/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digita Information Technology Smartrise Document Management System allows SQL Injection.This issue affects Smartrise Document Management System: before Hvl-2.0.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4034&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4034]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4034') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0494')[/TD] [/TR] [TR] [TD][LEFT]diaowen -- dwsurvey[/LEFT][/TD] [TD][LEFT]File Upload vulnerability in DWSurvey DWSurvey-OSS v.3.2.0 and before allows a remote attacker to execute arbitrary code via the saveimage method and savveFile in the action/UploadAction.java file.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40980&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40980]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40980') [MISC]('https://github.com/wkeyuan/DWSurvey/issues/107')[/TD] [/TR] [TR] [TD][LEFT]bolo-solo -- bolo-solo[/LEFT][/TD] [TD][LEFT]File Upload vulnerability in adlered bolo-solo v.2.6 allows a remote attacker to execute arbitrary code via a crafted script to the authorization field in the header.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41009&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41009]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41009') [MISC]('https://github.com/Rabb1tQ/HillstoneCVEs/blob/main/CVE-2023-41009/CVE-2023-41009.md') [MISC]('https://github.com/adlered/bolo-solo') [MISC]('http://adlered.com')[/TD] [/TR] [TR] [TD][LEFT]f-revocrm -- f-revocrm[/LEFT][/TD] [TD][LEFT]F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this vulnerability is exploited, an attacker who can access the product may execute an arbitrary OS command on the server where the product is running.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41149&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41149]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41149') [MISC]('https://f-revocrm.jp/2023/08/9394/') [MISC]('http://jvn.jp/en/jp/JVN78113802/')[/TD] [/TR] [TR] [TD][LEFT]metaways_infosystems_gmbh -- tine[/LEFT][/TD] [TD][LEFT]In tine through 2023.01.14.325, the sort parameter of the /index.php endpoint allows SQL Injection.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41364&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41364]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41364') [MISC]('https://www.tine-groupware.de/') [MISC]('https://herolab.usd.de/security-advisories/') [MISC]('https://herolab.usd.de/security-advisories/usd-2023-0002/')[/TD] [/TR] [TR] [TD][LEFT]super_store_finder -- super_store_finder[/LEFT][/TD] [TD][LEFT]Super Store Finder v3.6 was discovered to contain multiple SQL injection vulnerabilities in the store locator component via the products, distance, lat, and lng parameters.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41507&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41507]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41507') [MISC]('https://superstorefinder.net/support/forums/topic/super-store-finder-patch-notes/') [MISC]('https://github.com/redblueteam/CVE-2023-41507/')[/TD] [/TR] [TR] [TD][LEFT]neutron -- smart_vms[/LEFT][/TD] [TD][LEFT]Authentication Bypass by Spoofing vulnerability in Neutron Neutron Smart VMS allows Authentication Bypass.This issue affects Neutron Smart VMS: before b1130.1.0.1.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4178&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4178]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4178') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0496')[/TD] [/TR] [TR] [TD][LEFT]lldpd -- lldpd[/LEFT][/TD] [TD][LEFT]An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41910&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-41910]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41910') [MISC]('https://github.com/lldpd/lldpd/commit/a9aeabdf879c25c584852a0bb5523837632f099b') [MISC]('https://github.com/lldpd/lldpd/releases/tag/1.0.17')[/TD] [/TR] [TR] [TD][LEFT]mestav -- e-commerce_software[/LEFT][/TD] [TD][LEFT]Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mestav Software E-commerce Software allows SQL Injection. This issue affects E-commerce Software: before 20230901.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4531&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4531]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4531') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0495')[/TD] [/TR] [TR] [TD][LEFT]lg -- lg_led_assistant[/LEFT][/TD] [TD][LEFT]This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/settings/upload endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4613&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4613]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4613') [MISC]('https://lgsecurity.lge.com/bulletins/idproducts#updateDetails') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-23-1221/')[/TD] [/TR] [TR] [TD][LEFT]lg -- lg_led_assistant[/LEFT][/TD] [TD][LEFT]This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4614&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4614]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4614') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-23-1222/') [MISC]('https://lgsecurity.lge.com/bulletins/idproducts#updateDetails')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Media Library Assistant plugin for WordPress is vulnerable to Local File Inclusion and Remote Code Execution in versions up to, and including, 3.09. This is due to insufficient controls on file paths being supplied to the 'mla_stream_file' parameter from the ~/includes/mla-stream-image.php file, where images are processed via Imagick(). This makes it possible for unauthenticated attackers to supply files via FTP that will make directory lists, local file inclusion, and remote code execution possible.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4634&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4634]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4634') [MISC]('https://packetstormsecurity.com/files/174508/wpmla309-lfiexec.tgz') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2955933%40media-library-assistant&new=2955933%40media-library-assistant&sfp_email=&sfph_mail=#file4') [MISC]('https://github.com/Patrowl/CVE-2023-4634/') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/05c68377-feb6-442d-a3a0-1fbc246c7cbf?source=cve') [MISC]('https://patrowl.io/blog-wordpress-media-library-rce-cve-2023-4634/')[/TD] [/TR] [TR] [TD][LEFT]infosoftbd -- clcknshop[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been rated as critical. This issue affects some unknown processing of the file /collection/all of the component GET Parameter Handler. The manipulation of the argument tag leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-238571. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4708&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4708]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4708') [MISC]('https://vuldb.com/?id.238571') [MISC]('https://vuldb.com/?ctiid.238571') [MISC]('http://packetstormsecurity.com/files/174445/Clcknshop-1.0.0-SQL-Injection.html')[/TD] [/TR] [TR] [TD][LEFT]suntront -- smart_table_integrated_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in Xintian Smart Table Integrated Management System 5.6.9. This affects an unknown part of the file /SysManage/AddUpdateRole.aspx. The manipulation of the argument txtRoleName leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238575. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4712&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4712]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4712') [MISC]('https://vuldb.com/?id.238575') [MISC]('https://vuldb.com/?ctiid.238575') [MISC]('https://github.com/wpay65249519/cve/blob/main/SQL_injection.md')[/TD] [/TR] [TR] [TD][LEFT]byzoro -- smart_s85f_management_platform[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in Beijing Baichuo Smart S85F Management Platform up to 20230820 on Smart. Affected by this issue is some unknown functionality of the file /sysmanage/updateos.php. The manipulation of the argument 1_file_upload leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238628. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4739&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4739]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4739') [MISC]('https://github.com/Meizhi-hua/cve/blob/main/upload_file.md') [MISC]('https://vuldb.com/?ctiid.238628') [MISC]('https://vuldb.com/?id.238628')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac8[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Tenda AC8 16.03.34.06_cn_TDC01. It has been declared as critical. Affected by this vulnerability is the function formSetDeviceName. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238633 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4744&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4744]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4744') [MISC]('https://vuldb.com/?ctiid.238633') [MISC]('https://github.com/GleamingEyes/vul/blob/main/tenda_ac8/ac8_1.md') [MISC]('https://vuldb.com/?id.238633')[/TD] [/TR] [TR] [TD][LEFT]dedecms -- dedecms[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical was found in DedeCMS 5.7.110. This vulnerability affects unknown code of the file /uploads/tags.php. The manipulation of the argument tag_alias leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238636.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4747&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4747]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4747') [MISC]('https://github.com/laoquanshi/cve') [MISC]('https://vuldb.com/?ctiid.238636') [MISC]('https://vuldb.com/?id.238636') [MISC]('https://github.com/laoquanshi/cve/blob/main/dedecms%20%20sql%20%20injection')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- inventory_management_system[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file index.php. The manipulation of the argument page leads to file inclusion. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-238638 is the identifier assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][9.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4749&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4749]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4749') [MISC]('https://skypoc.wordpress.com/2023/09/03/%e3%80%90code-audit%e3%80%91open-source-ample-inventory-management-system-v1-0-by-mayuri_k-has-a-file-inclusion-vulnerability/') [MISC]('https://vuldb.com/?id.238638') [MISC]('https://vuldb.com/?ctiid.238638')[/TD] [/TR] [TR] [TD][LEFT]adobe -- adobe_commerce [/LEFT][/TD] [TD][LEFT]Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege could leverage this vulnerability to achieve remote code execution on the system.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36021&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-36021]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36021') [MISC]('https://helpx.adobe.com/security/products/magento/apsb21-64.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- adobe_commerce [/LEFT][/TD] [TD][LEFT]Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an XML Injection vulnerability in the Widgets Update Layout. An attacker with admin privileges can trigger a specially crafted script to achieve remote code execution.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36023&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-36023]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36023') [MISC]('https://helpx.adobe.com/security/products/magento/apsb21-64.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- adobe_commerce [/LEFT][/TD] [TD][LEFT]Magento versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier) and 2.3.7 (and earlier) are affected by an improper access control vulnerability within Magento's Media Gallery Upload workflow. By storing a specially crafted file in the website gallery, an authenticated attacker with administrative privilege can gain access to delete the .htaccess file. This could result in the attacker achieving remote code execution.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36036&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-36036]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36036') [MISC]('https://helpx.adobe.com/security/products/magento/apsb21-64.html')[/TD] [/TR] [TR] [TD][LEFT]ibm -- financial_transaction_manager[/LEFT][/TD] [TD][LEFT]IBM Financial Transaction Manager for SWIFT Services 3.2.4 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 258786.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35892&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-35892]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35892') [MISC]('https://www.ibm.com/support/pages/node/7030359') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/258786')[/TD] [/TR] [TR] [TD][LEFT]ahwx -- librey[/LEFT][/TD] [TD][LEFT]LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. LibreY is subject to a Server-Side Request Forgery (SSRF) vulnerability in the [ICODE]image_proxy.php[/ICODE] file of LibreY before commit 8f9b9803f231e2954e5b49987a532d28fe50a627. This vulnerability allows remote attackers to use the server as a proxy to send HTTP GET requests to arbitrary targets and retrieve information in the internal network or conduct Denial-of-Service (DoS) attacks via the [ICODE]url[/ICODE] parameter. Remote attackers can use the server as a proxy to send HTTP GET requests and retrieve information in the internal network. Remote attackers can also request the server to download large files or chain requests among multiple instances to reduce the performance of the server or even deny access from legitimate users. This issue has been addressed in https://github.com/Ahwxorg/LibreY/pull/31 . LibreY hosters are advised to use the latest commit. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][9.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41054&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-41054]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41054') [MISC]('https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-p4f9-h8x8-mpwf') [MISC]('https://github.com/Ahwxorg/LibreY/pull/31')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- aruba_airwave[/LEFT][/TD] [TD][LEFT]Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-1391&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2015-1391]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1391') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt')[/TD] [/TR] [TR] [TD][LEFT]nokia -- access_management_system[/LEFT][/TD] [TD][LEFT]An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-41763&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-41763]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-41763') [MISC]('https://www.gruppotim.it/it/footer/red-team.html')[/TD] [/TR] [TR] [TD][LEFT]phpfusion -- phpfusion[/LEFT][/TD] [TD][LEFT]There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a ‘require_once’ statement. This allows arbitrary files with the ‘.php’ extension for which the absolute path is known to be included and executed. There are no known means in PHPFusion through which an attacker can upload and target a ‘.php’ file payload.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-2453&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-2453]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2453') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-vulnerability-advisory-cve-2023-2453/')[/TD] [/TR] [TR] [TD][LEFT]apple -- pro_video_formats[/LEFT][/TD] [TD][LEFT]A logic issue was addressed with improved state management. This issue is fixed in Pro Video Formats 2.2.5. A user may be able to elevate privileges.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-29166&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-29166]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29166') [MISC]('https://support.apple.com/en-us/HT213882')[/TD] [/TR] [TR] [TD][LEFT]asus -- _rt-ac86u [/LEFT][/TD] [TD][LEFT]ASUS RT-AC86U Adaptive QoS - Web History function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38031&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38031]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38031') [MISC]('https://www.twcert.org.tw/tw/cp-132-7348-56989-1.html')[/TD] [/TR] [TR] [TD][LEFT]asus -- rt-ac86u [/LEFT][/TD] [TD][LEFT]ASUS RT-AC86U AiProtection security- related function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38032&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38032]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38032') [MISC]('https://www.twcert.org.tw/tw/cp-132-7349-7f8cd-1.html')[/TD] [/TR] [TR] [TD][LEFT]asus -- rt-ac86u [/LEFT][/TD] [TD][LEFT]ASUS RT-AC86U unused Traffic Analyzer legacy Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38033&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38033]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38033') [MISC]('https://www.twcert.org.tw/tw/cp-132-7350-ded5e-1.html')[/TD] [/TR] [TR] [TD][LEFT]asus -- rt-ac86u [/LEFT][/TD] [TD][LEFT]ASUS RT-AC86U Traffic Analyzer - Statistic function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39236&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39236]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39236') [MISC]('https://www.twcert.org.tw/tw/cp-132-7351-ec8fe-1.html')[/TD] [/TR] [TR] [TD][LEFT]asus -- rt-ac86u [/LEFT][/TD] [TD][LEFT]ASUS RT-AC86U Traffic Analyzer - Apps analysis function has insufficient filtering of special character. A remote attacker with regular user privilege can exploit this vulnerability to perform command injection attack to execute arbitrary commands, disrupt system or terminate services.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39237&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39237]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39237') [MISC]('https://www.twcert.org.tw/tw/cp-132-7352-bad68-1.html')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not perform prior validation of user input, leading to the existence of multiple SQL injection vulnerabilities in Cacti. This allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39357&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39357]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39357') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-6jhp-mgqg-fhqg')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the [ICODE]reports_user.php[/ICODE] file. In [ICODE]ajax_get_branches[/ICODE], the [ICODE]tree_id[/ICODE] parameter is passed to the [ICODE]reports_get_branch_select[/ICODE] function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39358&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39358]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39358') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-gj95-7xr8-9p7g')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the [ICODE]graphs.php[/ICODE] file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the [ICODE]site_id[/ICODE] parameter is greater than 0, it is directly reflected in the WHERE clause of the SQL statement. This creates an SQL injection vulnerability. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39359&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39359]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39359') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-q4wh-3f9w-836h')[/TD] [/TR] [TR] [TD][LEFT]startrinity -- softswitch[/LEFT][/TD] [TD][LEFT]StarTrinity Softswitch version 2023-02-16 - Multiple CSRF (CWE-352)[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39372&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39372]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39372') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]shirasagi -- shirasagi[/LEFT][/TD] [TD][LEFT]Path traversal vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to alter or create arbitrary files on the server, resulting in arbitrary code execution.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39448&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39448]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39448') [MISC]('https://jvn.jp/en/jp/JVN82758000/') [MISC]('https://www.ss-proj.org/support/954.html')[/TD] [/TR] [TR] [TD][LEFT]knowstreaming -- knowstreaming[/LEFT][/TD] [TD][LEFT]KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users can create a new user with an admin role.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40918&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40918]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40918') [MISC]('https://github.com/didi/KnowStreaming/issues/1128')[/TD] [/TR] [TR] [TD][LEFT]slims -- senayan_library_management_system[/LEFT][/TD] [TD][LEFT]Senayan Library Management Systems SLIMS 9 Bulian v 9.6.1 is vulnerable to SQL Injection via admin/modules/circulation/loan_rules.php.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40970&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40970]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40970') [MISC]('https://github.com/slims/slims9_bulian/issues/205') [MISC]('https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SQLI-loan_rules.md')[/TD] [/TR] [TR] [TD][LEFT]ibos -- ibos[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects the function addComment of the file ?r=weibo/comment/addcomment. The manipulation of the argument touid leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-238576. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4713&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4713]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4713') [MISC]('https://vuldb.com/?ctiid.238576') [MISC]('https://github.com/13aiZe1/cve/blob/main/sql.md') [MISC]('https://vuldb.com/?id.238576')[/TD] [/TR] [TR] [TD][LEFT]ibos -- ibos[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, was found in IBOS OA 4.5.5. This affects an unknown part of the file ?r=email/api/delDraft&archiveId=0 of the component Delete Draft Handler. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238629 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4740&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4740]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4740') [MISC]('https://vuldb.com/?ctiid.238629') [MISC]('https://vuldb.com/?id.238629') [MISC]('https://github.com/RCEraser/cve/blob/main/sql_inject.md')[/TD] [/TR] [TR] [TD][LEFT]ibos -- ibos[/LEFT][/TD] [TD][LEFT]A vulnerability has been found in IBOS OA 4.5.5 and classified as critical. This vulnerability affects unknown code of the file ?r=diary/default/del of the component Delete Logs Handler. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-238630 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4741&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4741]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4741') [MISC]('https://vuldb.com/?id.238630') [MISC]('https://vuldb.com/?ctiid.238630') [MISC]('https://github.com/wudidike/cve/blob/main/sql.md')[/TD] [/TR] [TR] [TD][LEFT]ibos -- ibos[/LEFT][/TD] [TD][LEFT]A vulnerability was found in IBOS OA 4.5.5 and classified as critical. This issue affects some unknown processing of the file ?r=dashboard/user/export&uid=X. The manipulation leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238631. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4742&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4742]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4742') [MISC]('https://vuldb.com/?ctiid.238631') [MISC]('https://vuldb.com/?id.238631') [MISC]('https://github.com/gatsby2003/cve/blob/main/sql.md')[/TD] [/TR] [TR] [TD][LEFT]totolink -- n200re-v5[/LEFT][/TD] [TD][LEFT]A vulnerability classified as critical has been found in TOTOLINK N200RE V5 9.3.5u.6437_B20230519. This affects the function Validity_check. The manipulation leads to format string. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238635.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4746&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4746]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4746') [MISC]('https://gist.github.com/dmknght/8f3b6aa65e9d08f45b5236c6e9ab8d80') [MISC]('https://vuldb.com/?ctiid.238635') [MISC]('https://vuldb.com/?id.238635')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4762&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4762]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4762') [MISC]('https://crbug.com/1473247') [MISC]('https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html') [MISC]('https://www.debian.org/security/2023/dsa-5491')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Use after free in Networks in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4763&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4763]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4763') [MISC]('https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html') [MISC]('https://crbug.com/1469928') [MISC]('https://www.debian.org/security/2023/dsa-5491')[/TD] [/TR] [TR] [TD][LEFT]open_automation_software -- oas_platform[/LEFT][/TD] [TD][LEFT]A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32615&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32615]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32615') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1771') [MISC]('https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1771')[/TD] [/TR] [TR] [TD][LEFT]open_automation_software -- oas_platform[/LEFT][/TD] [TD][LEFT]An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34998&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34998]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34998') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1770') [MISC]('https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1770')[/TD] [/TR] [TR] [TD][LEFT]moxa -- mxsecurity[/LEFT][/TD] [TD][LEFT]A vulnerability that allows the unauthorized disclosure of authenticated information has been identified in MXsecurity versions prior to v1.0.1. This vulnerability arises when special elements are not neutralized correctly, allowing remote attackers to alter SQL commands.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39980&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-39980]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39980') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]pkp -- pkb-lib[/LEFT][/TD] [TD][LEFT]Use of Predictable Algorithm in Random Number Generator in GitHub repository pkp/pkp-lib prior to 3.3.0-16.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4695&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4695]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4695') [MISC]('https://huntr.dev/bounties/887c7fc7-70c8-482d-b570-350533af4702') [MISC]('https://github.com/pkp/pkp-lib/commit/e5e7e543887fe77708aa31e07b18fe85f9b5a3b5')[/TD] [/TR] [TR] [TD][LEFT]d-link -- dar-8000-10[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in D-Link DAR-8000-10 up to 20230819. Affected by this issue is some unknown functionality of the file /log/decodmail.php. The manipulation of the argument file leads to os command injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-238574 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4711&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4711]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4711') [MISC]('https://vuldb.com/?id.238574') [MISC]('https://github.com/TinkAnet/cve/blob/main/rce.md') [MISC]('https://vuldb.com/?ctiid.238574')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Out of bounds memory access in FedCM in Google Chrome prior to 116.0.5845.179 allowed a remote attacker who had compromised the renderer process to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][8.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4761&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4761]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4761') [MISC]('https://crbug.com/1476403') [MISC]('https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html') [MISC]('https://www.debian.org/security/2023/dsa-5491')[/TD] [/TR] [TR] [TD][LEFT]bmc -- patrol_agent[/LEFT][/TD] [TD][LEFT]BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-35593&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2020-35593]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-35593') [MISC]('https://webapps.bmc.com/support/faces/az/prodallversions.jsp?seqid=304517') [MISC]('https://community.bmc.com/s/article/SECURITY-Patrol-Agent-Local-Privilege-Escalation-in-BMC-PATROL-Agent-CVE-2020-35593') [MISC]('https://www.securifera.com/advisories/') [MISC]('https://www.securifera.com/blog/2021/03/08/bmc-patrol-agent-domain-user-to-domain-admin-part-2/') [MISC]('http://web.archive.org/web/20210106175128/https://community.bmc.com/s/article/SECURITY-Patrol-Agent-Local-Privilege-Escalation-in-BMC-PATROL-Agent-CVE-2020-35593')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_reader [/LEFT][/TD] [TD][LEFT]Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-21088&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-21088]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-21088') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb21-09.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_reader [/LEFT][/TD] [TD][LEFT]Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-28644&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-28644]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-28644') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb21-51.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_reader [/LEFT][/TD] [TD][LEFT]Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-35980&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-35980]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-35980') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb21-51.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- premiere_pro [/LEFT][/TD] [TD][LEFT]Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40795&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-40795]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40795') [MISC]('https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- premiere_pro [/LEFT][/TD] [TD][LEFT]Adobe Photoshop versions 23.0.2 and 22.5.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious JPG file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-43018&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-43018]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-43018') [MISC]('https://helpx.adobe.com/security/products/photoshop/apsb21-113.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- premiere_pro [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44188&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2021-44188]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44188') [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30637&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30637]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30637') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30638&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30638]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30638') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30639&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30639]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30639') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30640&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30640]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30640') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30641&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30641]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30641') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30642&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30642]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30642') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30643&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30643]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30643') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30644&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30644]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30644') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30645&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30645]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30645') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- illustrator[/LEFT][/TD] [TD][LEFT]Adobe Illustrator versions 26.0.2 (and earlier) and 25.4.5 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-30646&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-30646]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-30646') [MISC]('https://helpx.adobe.com/security/products/illustrator/apsb22-26.html')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- 315_5g_iot_modem[/LEFT][/TD] [TD][LEFT]Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33275&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-33275]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33275') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40524&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40524]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40524') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- wcn685x-5[/LEFT][/TD] [TD][LEFT]Memory corruption due to improper validation of array index in Audio.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-40534&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2022-40534]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-40534') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]saltstack -- salt[/LEFT][/TD] [TD][LEFT]Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20898&vector=CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20898]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20898') [MISC]('https://saltproject.io/security-announcements/2023-08-10-advisory/')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory Corruption due to improper validation of array index in Linux while updating adn record.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21636&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21636]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21636') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21644&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21644]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21644') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8096au[/LEFT][/TD] [TD][LEFT]Memory corruption in Audio during playback session with audio effects enabled.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21654&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21654]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21654') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- qca6391[/LEFT][/TD] [TD][LEFT]Memory corruption in Audio while validating and mapping metadata.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21655&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21655]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21655') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory corruption in Core Platform while printing the response buffer in log.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21662&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21662]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21662') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory Corruption while accessing metadata in Display.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21663&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21663]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21663') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory Corruption in Core Platform while printing the response buffer in log.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21664&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-21664]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21664') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]bludit -- bludit[/LEFT][/TD] [TD][LEFT]Permissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-24674&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-24674]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24674') [MISC]('https://cupc4k3.medium.com/cve-2023-24674-uncovering-a-privilege-escalation-vulnerability-in-bludit-cms-dcf86c41107') [MISC]('https://medium.com/@cupc4k3/privilege-scalation-in-bludit-cms-dcf86c41107')[/TD] [/TR] [TR] [TD][LEFT]dell -- alienware_command_center[/LEFT][/TD] [TD][LEFT]Dell Alienware Command Center, versions prior to 5.5.51.0, contain a deserialization of untrusted data vulnerability. A local malicious user could potentially send specially crafted requests to the .NET Remoting server to run arbitrary code on the system.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28072&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28072]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28072') [MISC]('https://www.dell.com/support/kbdoc/en-in/000212982/dsa-2023-158')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28209&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28209]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28209') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28210&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28210]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28210') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28211&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28211]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28211') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28212&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28212]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28212') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28213&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28213]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28213') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28214&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28214]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28214') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28215&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28215]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28215') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28538&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28538]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28538') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- 315_5g_iot_modem[/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN handler while processing PhyID in Tx status handler.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28558&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28558]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28558') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28559&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28559]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28559') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28564&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28564]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28564') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- 9205_lte[/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN HAL while handling command streams through WMI interfaces.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28565&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28565]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28565') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- 315_5g_iot[/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN HAL while handling command through WMI interfaces.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28567&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28567]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28567') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- 315_5g_iot[/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN HAL while parsing WMI command parameters.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28573&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-28573]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28573') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper input validation vulnerability in Knox AI prior to SMR Sep-2023 Release 1 allows local attackers to launch privileged activities.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30710&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30710') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30712&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30712]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30712') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- blockchain_keystore[/LEFT][/TD] [TD][LEFT]Protection Mechanism Failure in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.13.5 allows local attacker to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30722&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30722]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30722') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. This allows an attacker to escalate privilege from a normal user account to SYSTEM. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31132&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-31132]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31132') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-rf5w-pq3f-9876')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32356&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32356]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32356') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.4. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32379&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32379]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32379') [MISC]('https://support.apple.com/en-us/HT213758') [MISC]('https://support.apple.com/kb/HT213758')[/TD] [/TR] [TR] [TD][LEFT]apple -- multiple_products[/LEFT][/TD] [TD][LEFT]The issue was addressed with improved memory handling. This issue is fixed in iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain elevated privileges.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32425&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32425]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32425') [MISC]('https://support.apple.com/en-us/HT213757') [MISC]('https://support.apple.com/en-us/HT213764') [MISC]('https://support.apple.com/kb/HT213764') [MISC]('https://support.apple.com/kb/HT213757')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to gain root privileges.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32426&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32426]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32426') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- multiple_products[/LEFT][/TD] [TD][LEFT]This issue was addressed with improved file handling. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to gain root privileges.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32428&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32428]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32428') [MISC]('https://support.apple.com/en-us/HT213761') [MISC]('https://support.apple.com/en-us/HT213757') [MISC]('https://support.apple.com/en-us/HT213758') [MISC]('https://support.apple.com/en-us/HT213764') [MISC]('https://support.apple.com/kb/HT213758') [MISC]('https://support.apple.com/kb/HT213761') [MISC]('https://support.apple.com/kb/HT213764') [MISC]('https://support.apple.com/kb/HT213757')[/TD] [/TR] [TR] [TD][LEFT]canonical_ltd. -- ubuntu[/LEFT][/TD] [TD][LEFT]In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3297&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3297]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3297') [MISC]('https://securitylab.github.com/advisories/GHSL-2023-139_accountsservice/') [MISC]('https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3297') [MISC]('https://bugs.launchpad.net/ubuntu/+source/accountsservice/+bug/2024182') [MISC]('https://ubuntu.com/security/notices/USN-6190-1')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- apq8064au[/LEFT][/TD] [TD][LEFT]Memory corruption in Graphics while processing user packets for command submission.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33021&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-33021]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33021') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]soar_cloud_ltd._ -- hr_portal [/LEFT][/TD] [TD][LEFT]Soar Cloud Ltd. HR Portal has a weak Password Recovery Mechanism for Forgotten Password. The reset password link sent out through e-mail, and the link will remain valid after the password has been reset and after the expected expiration date. An attacker with access to the browser history or has the line can thus use the URL again to change the password in order to take over the account.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34357&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-34357]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34357') [MISC]('https://www.twcert.org.tw/tw/cp-132-7347-2653e-1.html')[/TD] [/TR] [TR] [TD][LEFT]panasonic -- kw_watcher[/LEFT][/TD] [TD][LEFT]Buffer overflow vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3471&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3471]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3471') [MISC]('https://www3.panasonic.biz/ac/j/fasys/software_info/eco/tol_kwwatcher.jsp') [MISC]('https://www3.panasonic.biz/ac/e/fasys/software_info/eco/kwwatcher_versioninfo.jsp')[/TD] [/TR] [TR] [TD][LEFT]panasonic -- kw_watcher[/LEFT][/TD] [TD][LEFT]Use after free vulnerability in Panasonic KW Watcher versions 1.00 through 2.82 may allow attackers to execute arbitrary code.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3472&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3472]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3472') [MISC]('https://www3.panasonic.biz/ac/j/fasys/software_info/eco/tol_kwwatcher.jsp') [MISC]('https://www3.panasonic.biz/ac/e/fasys/software_info/eco/kwwatcher_versioninfo.jsp')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38443&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38443]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38443') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38444&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38444]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38444') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38449&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38449]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38449') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38450&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38450]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38450') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38451&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38451]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38451') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38452&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38452]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38452') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38453&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38453]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38453') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38455&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38455]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38455') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38456&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38456]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38456') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38458&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38458]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38458') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38459&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38459]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38459') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38460&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38460]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38460') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38464&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38464]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38464') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]forescout -- secureconnector[/LEFT][/TD] [TD][LEFT]ForeScout NAC SecureConnector version 11.2 - CWE-427: Uncontrolled Search Path Element[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39374&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39374]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39374') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]ge -- cimplicity[/LEFT][/TD] [TD][LEFT]GE CIMPLICITY 2023 is by a process control vulnerability, which could allow a local attacker to insert malicious configuration files in the expected web server execution path to escalate privileges and gain full control of the HMI software.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4487&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4487]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4487') [MISC]('https://www.cisa.gov/news-events/ics-advisories/icsa-23-243-02') [MISC]('https://digitalsupport.ge.com/s/article/GE-Digital-CIMPLICITY-Privilege-Escalation-Vulnerability')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Use After Free in GitHub repository vim/vim prior to 9.0.1840.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4733&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4733]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4733') [MISC]('https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217') [MISC]('https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4734&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4734]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4734') [MISC]('https://github.com/vim/vim/commit/4c6fe2e2ea62469642ed1d80b16d39e616b25cf5') [MISC]('https://huntr.dev/bounties/688e4382-d2b6-439a-a54e-484780f82217')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4735&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4735]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4735') [MISC]('https://huntr.dev/bounties/fc83bde3-f621-42bd-aecb-8c1ae44cba51') [MISC]('https://github.com/vim/vim/commit/889f6af37164775192e33b233a90e86fd3df0f57')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Untrusted Search Path in GitHub repository vim/vim prior to 9.0.1833.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4736&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4736]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4736') [MISC]('https://github.com/vim/vim/commit/816fbcc262687b81fc46f82f7bbeb1453addfe0c') [MISC]('https://huntr.dev/bounties/e1ce0995-4df4-4dec-9cd7-3136ac3e8e71')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4738&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4738]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4738') [MISC]('https://github.com/vim/vim/commit/ced2c7394aafdc90fb7845e09b3a3fee23d48cb1') [MISC]('https://huntr.dev/bounties/9fc7dced-a7bb-4479-9718-f956df20f612')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Use After Free in GitHub repository vim/vim prior to 9.0.1857.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4750&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4750]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4750') [MISC]('https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea') [MISC]('https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4751&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4751]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4751') [MISC]('https://huntr.dev/bounties/db7be8d6-6cb7-4ae5-9c4e-805423afa378') [MISC]('https://github.com/vim/vim/commit/e1121b139480f53d1b06f84f3e4574048108fa0b')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Use After Free in GitHub repository vim/vim prior to 9.0.1858.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4752&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4752]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4752') [MISC]('https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757') [MISC]('https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/') [MISC]('https://lists.fedoraproject.org/archives/list/[email protected]/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/')[/TD] [/TR] [TR] [TD][LEFT]vim -- vim[/LEFT][/TD] [TD][LEFT]Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4781&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-4781]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4781') [MISC]('https://huntr.dev/bounties/c867eb0a-aa8b-4946-a621-510350673883') [MISC]('https://github.com/vim/vim/commit/f6d28fe2c95c678cc3202cc5dc825a3fcc709e93')[/TD] [/TR] [TR] [TD][LEFT]elsys -- ers_1.5[/LEFT][/TD] [TD][LEFT]ELSYS ERS 1.5 Sound v2.3.8 was discovered to contain a buffer overflow via the NFC data parser.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-46527&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-46527]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-46527') [MISC]('https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2022-46527.pdf') [MISC]('https://www.elsys.se/en/ers-sound/')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- ar8035[/LEFT][/TD] [TD][LEFT]Transient DOS in Modem while processing invalid System Information Block 1.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21646&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-21646]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21646') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- ar8035[/LEFT][/TD] [TD][LEFT]Transient DOS in Modem while processing RRC reconfiguration message.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21653&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-21653]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21653') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]eclipse -- mosquitto[/LEFT][/TD] [TD][LEFT]The broker in Eclipse Mosquitto 1.3.2 through 2.x before 2.0.16 has a memory leak that can be abused remotely when a client sends many QoS 2 messages with duplicate message IDs and fails to respond to PUBREC commands. This occurs because of mishandling of EAGAIN from the libc send function.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28366&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-28366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28366') [CONFIRM]('https://github.com/eclipse/mosquitto/commit/6113eac95a9df634fbc858be542c4a0456bfe7b9') [MISC]('https://www.compass-security.com/fileadmin/Research/Advisories/2023_02_CSNC-2023-001_Eclipse_Mosquitto_Memory_Leak.txt') [MISC]('https://github.com/eclipse/mosquitto/compare/v2.0.15...v2.0.16') [CONFIRM]('https://mosquitto.org/blog/2023/08/version-2-0-16-released/')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement (CSA).[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28584&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-28584]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28584') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper authentication in SecSettings prior to SMR Sep-2023 Release 1 allows attacker to access Captive Portal Wi-Fi in Reactivation Lock status.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30708&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30708]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30708') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- email[/LEFT][/TD] [TD][LEFT]Improper Certificate Validation in Samsung Email prior to version 6.1.82.0 allows remote attacker to intercept the network traffic including sensitive information.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30729&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30729]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30729') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]roundcube -- roundcube[/LEFT][/TD] [TD][LEFT]Vulnerability in the password recovery mechanism of Password Recovery plugin for Roundcube, in its 1.2 version, which could allow a remote attacker to change an existing user´s password by adding a 6-digit numeric token. An attacker could create an automatic script to test all possible values because the platform has no limit on the number of requests.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3222&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-3222]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3222') [MISC]('https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- 315_5g[/LEFT][/TD] [TD][LEFT]Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33015&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-33015]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33015') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- csr8811[/LEFT][/TD] [TD][LEFT]Transient DOS in WLAN firmware while parsing MLO (multi-link operation).[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33016&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-33016]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33016') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- 9206_lte[/LEFT][/TD] [TD][LEFT]Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33019&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-33019]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33019') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- 9206_lte[/LEFT][/TD] [TD][LEFT]Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33020&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-33020]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33020') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In NIA0 algorithm in Security Mode Command, there is a possible missing verification incorrect input. This could lead to remote information disclosure no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33914&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-33914]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33914') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In LTE protocol stack, there is a possible missing permission check. This could lead to remote information disclosure no additional execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33915&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-33915]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33915') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]open_automation_software -- oas_platform[/LEFT][/TD] [TD][LEFT]An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34353&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-34353]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34353') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1776') [MISC]('https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1776')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex[/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 could allow a remote attacked to bypass IP restrictions due to improper access controls. IBM X-Force ID: 259649.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35906&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-35906]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35906') [MISC]('https://www.ibm.com/support/pages/node/7029681') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/259649')[/TD] [/TR] [TR] [TD][LEFT]vesoft -- nebulagraph_studio[/LEFT][/TD] [TD][LEFT]Server Side Request Forgery (SSRF) vulnerability in NebulaGraph Studio version 3.7.0, allows remote attackers to gain sensitive information.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36088&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-36088]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36088') [MISC]('http://nebulagraph.com') [MISC]('https://github.com/vesoft-inc/nebula-studio/issues/571') [MISC]('https://github.com/vesoft-inc/nebula-studio')[/TD] [/TR] [TR] [TD][LEFT]hjson-java -- hjson-java[/LEFT][/TD] [TD][LEFT]An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted JSON string.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39685&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-39685]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39685') [MISC]('https://github.com/hjson/hjson-java/issues/27')[/TD] [/TR] [TR] [TD][LEFT]moxa -- mxsecurity[/LEFT][/TD] [TD][LEFT]A vulnerability that allows for unauthorized access has been discovered in MXsecurity versions prior to v1.0.1. This vulnerability arises from inadequate authentication measures, potentially leading to the disclosure of device information by a remote attacker.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39981&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39981]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39981') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]lexmark -- c2132[/LEFT][/TD] [TD][LEFT]Certain Lexmark devices (such as CS310) before 2023-08-25 allow XXE attacks, leading to information disclosure. The fixed firmware version is LW80.[I].P246, i.e., '[/I]' indicates that the full version specification varies across product model family, but firmware level P246 (or higher) is required to remediate the vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40239&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40239]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40239') [MISC]('https://publications.lexmark.com/publications/security-alerts/CVE-2023-40239.pdf')[/TD] [/TR] [TR] [TD][LEFT]dataease -- dataease[/LEFT][/TD] [TD][LEFT]SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40771&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-40771]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40771') [MISC]('https://github.com/dataease/dataease/issues/5861')[/TD] [/TR] [TR] [TD][LEFT]timg -- timg[/LEFT][/TD] [TD][LEFT]Buffer Overflow vulnerability in hzeller timg v.1.5.2 and before allows a remote attacker to cause a denial of service via the 0x61200000045c address.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40968&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-40968]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40968') [MISC]('https://github.com/hzeller/timg/issues/115')[/TD] [/TR] [TR] [TD][LEFT]ahwx -- librey[/LEFT][/TD] [TD][LEFT]LibreY is a fork of LibreX, a framework-less and javascript-free privacy respecting meta search engine. LibreY is subject to a Server-Side Request Forgery (SSRF) vulnerability in the [ICODE]engines/google/text.php[/ICODE] and [ICODE]engines/duckduckgo/text.php[/ICODE] files in versions before commit be59098abd119cda70b15bf3faac596dfd39a744. This vulnerability allows remote attackers to request the server to send HTTP GET requests to arbitrary targets and conduct Denial-of-Service (DoS) attacks via the [ICODE]wikipedia_language[/ICODE] cookie. Remote attackers can request the server to download large files to reduce the performance of the server or even deny access from legitimate users. This issue has been patched in https://github.com/Ahwxorg/LibreY/pull/9 . LibreY hosters are advised to use the latest commit. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41055&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-41055]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41055') [MISC]('https://github.com/Ahwxorg/LibreY/pull/9') [MISC]('https://github.com/Ahwxorg/LibreY/security/advisories/GHSA-xfj6-4vp9-8rgc')[/TD] [/TR] [TR] [TD][LEFT]parse_platform -- parse-server[/LEFT][/TD] [TD][LEFT]Parse Server is an open-source backend server. In affected versions the Parse Cloud trigger [ICODE]beforeFind[/ICODE] is not invoked in certain conditions of [ICODE]Parse.Query[/ICODE]. This can pose a vulnerability for deployments where the [ICODE]beforeFind[/ICODE] trigger is used as a security layer to modify the incoming query. The vulnerability has been fixed by refactoring the internal query pipeline for a more concise code structure and implementing a patch to ensure the [ICODE]beforeFind[/ICODE] trigger is invoked. This fix was introduced in commit [ICODE]be4c7e23c6[/ICODE] and has been included in releases 6.2.2 and 5.5.5. Users are advised to upgrade. Users unable to upgrade should make use of parse server's security layers to manage access levels with Class-Level Permissions and Object-Level Access Control that should be used instead of custom security layers in Cloud Code triggers.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41058&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-41058]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41058') [MISC]('https://docs.parseplatform.org/parse-server/guide/#security') [MISC]('https://github.com/parse-community/parse-server/commit/be4c7e23c63a2fb690685665cebed0de26be05c5') [MISC]('https://github.com/parse-community/parse-server/releases/tag/6.2.2') [MISC]('https://github.com/parse-community/parse-server/security/advisories/GHSA-fcv6-fg5r-jm9q') [MISC]('https://github.com/parse-community/parse-server/releases/tag/5.5.5')[/TD] [/TR] [TR] [TD][LEFT]jira -- o-ran_software_community[/LEFT][/TD] [TD][LEFT]O-RAN Software Community ric-plt-lib-rmr v4.9.0 does not validate the source of the routing tables it receives, potentially allowing attackers to send forged routing tables to the device.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41627&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-41627]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41627') [MISC]('https://jira.o-ran-sc.org/browse/RIC-1001')[/TD] [/TR] [TR] [TD][LEFT]jira -- o-ran_software_community[/LEFT][/TD] [TD][LEFT]An issue in O-RAN Software Community E2 G-Release allows attackers to cause a Denial of Service (DoS) by incorrectly initiating the messaging procedure between the E2Node and E2Term components.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41628&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-41628]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41628') [MISC]('https://jira.o-ran-sc.org/browse/RIC-1002')[/TD] [/TR] [TR] [TD][LEFT]frrouting -- frrouting[/LEFT][/TD] [TD][LEFT]An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41909&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-41909]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41909') [MISC]('https://github.com/FRRouting/frr/pull/13222/commits/cfd04dcb3e689754a72507d086ba3b9709fc5ed8')[/TD] [/TR] [TR] [TD][LEFT]juniper -- junos[/LEFT][/TD] [TD][LEFT]An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When certain specific crafted BGP UPDATE messages are received over an established BGP session, one BGP session may be torn down with an UPDATE message error, or the issue may propagate beyond the local system which will remain non-impacted, but may affect one or more remote systems. This issue is exploitable remotely as the crafted UPDATE message can propagate through unaffected systems and intermediate BGP speakers. Continuous receipt of the crafted BGP UPDATE messages will create a sustained Denial of Service (DoS) condition for impacted devices. This issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations. This issue requires a remote attacker to have at least one established BGP session.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4481&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4481]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4481') [MISC]('https://www.rfc-editor.org/rfc/rfc4271') [MISC]('https://kb.juniper.net/JSA72510') [MISC]('https://www.juniper.net/documentation/us/en/software/junos/bgp/topics/topic-map/bgp-error-messages.html') [MISC]('https://www.rfc-editor.org/rfc/rfc7606')[/TD] [/TR] [TR] [TD][LEFT]daurnimator -- lua-http[/LEFT][/TD] [TD][LEFT]Improper Handling of Exceptional Conditions vulnerability in Daurnimator lua-http library allows Excessive Allocation and a denial of service (DoS) attack to be executed by sending a properly crafted request to the server. This issue affects lua-http: all versions before commit ddab283.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4540&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4540]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4540') [MISC]('https://github.com/daurnimator/lua-http/commit/ddab2835c583d45dec62680ca8d3cbde55e0bae6') [MISC]('https://cert.pl/posts/2023/09/CVE-2023-4540/')[/TD] [/TR] [TR] [TD][LEFT]lg -- lg_led_assistant[/LEFT][/TD] [TD][LEFT]This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4615&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4615]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4615') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-23-1224/') [MISC]('https://lgsecurity.lge.com/bulletins/idproducts#updateDetails')[/TD] [/TR] [TR] [TD][LEFT]lg -- lg_led_assistant[/LEFT][/TD] [TD][LEFT]This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/thumbnail endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4616&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4616]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4616') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-23-1223/') [MISC]('https://lgsecurity.lge.com/bulletins/idproducts#updateDetails')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which the projects API pagination can be skipped, potentially leading to DoS on certain instances.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4647&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4647]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4647') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/414502')[/TD] [/TR] [TR] [TD][LEFT]playtube -- playtube[/LEFT][/TD] [TD][LEFT]A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely. The identifier VDB-238577 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4714&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4714]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4714') [MISC]('https://vuldb.com/?ctiid.238577') [MISC]('https://vuldb.com/?id.238577') [MISC]('http://packetstormsecurity.com/files/174446/PlayTube-3.0.1-Information-Disclosure.html')[/TD] [/TR] [TR] [TD][LEFT]yongyou -- ufida-nc[/LEFT][/TD] [TD][LEFT]A vulnerability, which was classified as critical, has been found in Yongyou UFIDA-NC up to 20230807. This issue affects some unknown processing of the file PrintTemplateFileServlet.java. The manipulation of the argument filePath leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238637 was assigned to this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4748&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4748]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4748') [MISC]('https://github.com/houseoforange/mybugs/blob/main/Yongyou-UFIDA-NC-Arbitrary-File-Read.pdf') [MISC]('https://vuldb.com/?id.238637') [MISC]('https://vuldb.com/?ctiid.238637')[/TD] [/TR] [TR] [TD][LEFT]adobe -- coldfusion [/LEFT][/TD] [TD][LEFT]ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an Use of Inherently Dangerous Function vulnerability that can lead to a security feature bypass??. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40698&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2021-40698]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40698') [MISC]('https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- coldfusion [/LEFT][/TD] [TD][LEFT]ColdFusion version 2021 update 1 (and earlier) and versions 2018.10 (and earlier) are impacted by an improper access control vulnerability when checking permissions in the CFIDE path. An authenticated attacker could leverage this vulnerability to access and manipulate arbitrary data on the environment.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][7.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40699&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2021-40699]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40699') [MISC]('https://helpx.adobe.com/security/products/coldfusion/apsb21-75.html')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- aruba_airwave[/LEFT][/TD] [TD][LEFT]Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows VisualRF remote OS command execution and file disclosure by administrative users.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-2201&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2015-2201]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2201') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- aruba_airwave[/LEFT][/TD] [TD][LEFT]Aruba AirWave before 7.7.14.2 and 8.x before 8.0.7 allows administrative users to escalate privileges to root on the underlying OS.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-2202&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2015-2202]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-2202') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt')[/TD] [/TR] [TR] [TD][LEFT]openwrt -- openwrt[/LEFT][/TD] [TD][LEFT]In wlan service, there is a possible command injection due to improper input validation. This could lead to remote code execution with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00244189; Issue ID: WCNCR00244189.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20820&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20820]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20820') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]bookreen -- bookreen[/LEFT][/TD] [TD][LEFT]Unrestricted Upload of File with Dangerous Type vulnerability in Unisign Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3375&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-3375]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3375') [MISC]('https://www.usom.gov.tr/bildirim/tr-23-0489')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open source operational monitoring and fault management framework. In Cacti 1.2.24, under certain conditions, an authenticated privileged user, can use a malicious string in the SNMP options of a Device, performing command injection and obtaining remote code execution on the underlying server. The [ICODE]lib/snmp.php[/ICODE] file has a set of functions, with similar behavior, that accept in input some variables and place them into an [ICODE]exec[/ICODE] call without a proper escape or validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][7.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39362&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-39362]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39362') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-g6ff-58cj-x3cp')[/TD] [/TR] [TR] [TD][LEFT]msamsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper input validation vulnerability in FileProviderStatusReceiver in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows local attackers to delete arbitrary files with Samsung Keyboard privilege.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][7.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30707&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30707]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30707') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Medium Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In nvram, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937113; Issue ID: ALPS07937113.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20821&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20821]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20821') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In netdagent, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944012; Issue ID: ALPS07944012.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20822&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20822]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20822') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014144.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20828&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20828]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20828') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014148.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20829&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20829]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20829') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014156.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20830&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20830]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20830') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08014162.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20831&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20831]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20831') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20832&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20832]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20832') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In seninf, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07992786; Issue ID: ALPS07992786.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20837&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20837]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20837') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper access control in Dual Messenger prior to SMR Sep-2023 Release 1 allows local attackers launch activity with system privilege.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30709&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-30709]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30709') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441589; Issue ID: ALPS07441589.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32806&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32806]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32806') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32811&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32811]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32811') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local esclation of privileges with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017365; Issue ID: ALPS08017365.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32812&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32812]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32812') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In gnss service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38553&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-38553]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38553') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]solarwinds_ -- serv-u [/LEFT][/TD] [TD][LEFT]A vulnerability has been identified within Serv-U 15.4 and 15.4 Hotfix 1 that, if exploited, allows an actor to bypass multi-factor/two-factor authentication. The actor must have administrator-level access to Serv-U to perform this action. 15.4. SolarWinds found that the issue was not completely fixed in 15.4 Hotfix 1. [/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][6.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40060&vector=CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-40060]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40060') [MISC]('https://www.solarwinds.com/trust-center/security-advisories/CVE-2023-40060') [MISC]('https://support.solarwinds.com/SuccessCenter/s/article/Serv-U-15-4-0-Hotfix-2?language=en_US')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_guardium[/LEFT][/TD] [TD][LEFT]IBM Security Guardium 10.6, 11.3, and 11.4 could allow an authenticated user to cause a denial of service due to due to improper input validation. IBM X-Force ID: 240894.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-43903&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-43903]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-43903') [MISC]('https://www.ibm.com/support/pages/node/7030110') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/240894')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys, there is a possible out of bounds read and write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326430; Issue ID: ALPS07326430.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20840&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20840]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20840') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20841&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20841]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20841') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354259; Issue ID: ALPS07340477.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20842&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20842]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20842') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT] yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340433.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20848&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20848]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20848') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys_cmdq, there is a possible use after free due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340350.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20849&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20849]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20849') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20850&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20850]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20850') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- qca6390[/LEFT][/TD] [TD][LEFT]Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-21667&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-21667]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-21667') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos[/LEFT][/TD] [TD][LEFT]This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3. A user may be able to cause a denial-of-service.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28187&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-28187]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28187') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos[/LEFT][/TD] [TD][LEFT]A denial-of-service issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. A remote user may be able to cause a denial-of-service.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28188&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-28188]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28188') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]open_automation_software -- oas_platform[/LEFT][/TD] [TD][LEFT]An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32271&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32271]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32271') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1774') [MISC]('https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1774')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]Error handling was changed to not reveal sensitive information. This issue is fixed in macOS Ventura 13.3. A website may be able to track sensitive user information.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32362&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32362]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32362') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In power, there is a possible out of bounds write due to an insecure default value. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08102892; Issue ID: ALPS08102892.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32805&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-32805]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32805') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]open_automation_software -- oas_platform[/LEFT][/TD] [TD][LEFT]An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34317&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-34317]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34317') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1772') [MISC]('https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1772')[/TD] [/TR] [TR] [TD][LEFT]hyundai -- hyundai_2017[/LEFT][/TD] [TD][LEFT] A Hyundai model (2017) - CWE-294: Authentication Bypass by Capture-replay.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39373&vector=CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-39373]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39373') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]google -- chrome[/LEFT][/TD] [TD][LEFT]Incorrect security UI in BFCache in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: High)[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4764&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-4764]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4764') [MISC]('https://crbug.com/1447237') [MISC]('https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop.html') [MISC]('https://www.debian.org/security/2023/dsa-5491')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ims service, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07937105; Issue ID: ALPS07937105.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20827&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20827]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20827') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In pda, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07608514; Issue ID: ALPS07608514.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20834&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20834]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20834') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In camsys, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07326570.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20835&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20835]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20835') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Newsletter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'newsletter_form' shortcode in versions up to, and including, 7.8.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4772&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4772]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4772') [MISC]('https://plugins.trac.wordpress.org/changeset/2955097/newsletter#file21') [MISC]('https://plugins.trac.wordpress.org/browser/newsletter/tags/7.8.9/subscription/subscription.php#L1653') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/87da5300-1add-44fc-a3e0-e8912f946c84?source=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The WordPress Social Login plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wordpress_social_login_meta' shortcode in versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4773&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4773]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4773') [MISC]('https://plugins.trac.wordpress.org/browser/wordpress-social-login/tags/3.0.4/includes/widgets/wsl.auth.widgets.php#L413') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/b987822d-2b1b-4f79-988b-4bd731864b63?source=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The User Submitted Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's [usp_gallery] shortcode in versions up to, and including, 20230811 due to insufficient input sanitization and output escaping on user supplied attributes like 'before'. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4779&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4779]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4779') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/d21ca709-183f-4dd1-849c-f1b2a4f7ec43?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset/2961841')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Simple Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes like 'before' and 'after'. This makes it possible for authenticated attackers, with contributor-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-09-09[/CENTER][/TD] [TD][CENTER][6.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4838&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4838]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4838') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/aa5f7f2a-c7b7-4339-a608-51fd684c18bf?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset/2963794')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In stc, there is a possible out of bounds read due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08048635; Issue ID: ALPS08048635.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20851&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H')[/CENTER][/TD] [TD][CVE-2023-20851]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20851') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open source operational monitoring and fault management framework. Issues with Cacti Regular Expression validation combined with the external links feature can lead to limited SQL Injections and subsequent data leakage. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39365&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2023-39365]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39365') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-v5w7-hww7-2f22')[/TD] [/TR] [TR] [TD][LEFT]xwiki -- xwiki_platform[/LEFT][/TD] [TD][LEFT]XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. It is possible in XWiki to execute Velocity code without having script right by creating an XClass with a property of type "TextArea" and content type "VelocityCode" or "VelocityWiki". For the former, the syntax of the document needs to be set the [ICODE]xwiki/1.0[/ICODE] (this syntax doesn't need to be installed). In both cases, when adding the property to an object, the Velocity code is executed regardless of the rights of the author of the property (edit right is still required, though). In both cases, the code is executed with the correct context author so no privileged APIs can be accessed. However, Velocity still grants access to otherwise inaccessible data and APIs that could allow further privilege escalation. At least for "VelocityCode", this behavior is most likely very old but only since XWiki 7.2, script right is a separate right, before that version all users were allowed to execute Velocity and thus this was expected and not a security issue. This has been patched in XWiki 14.10.10 and 15.4 RC1. Users are advised to upgrade. There are no known workarounds.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41046&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L')[/CENTER][/TD] [TD][CVE-2023-41046]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41046') [MISC]('https://jira.xwiki.org/browse/XWIKI-20847') [MISC]('https://jira.xwiki.org/browse/XWIKI-20848') [MISC]('https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-m5m2-h6h9-p2c8') [MISC]('https://github.com/xwiki/xwiki-platform/commit/edc52579eeaab1b4514785c134044671a1ecd839')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- aruba_airwave[/LEFT][/TD] [TD][LEFT]Aruba AirWave before 8.0.7 allows XSS attacks agsinat an administrator.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2015-1390&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2015-1390]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1390') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2015-005.txt')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An issue has been discovered in GitLab affecting all versions starting from 4.1 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 where it was possible to create a URL that would redirect to a different project.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1279&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-1279]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1279') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/395437') [MISC]('https://hackerone.com/reports/1889230')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Robert Heller WebLibrarian plugin <= 3.5.8.1 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-29441&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-29441]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29441') [MISC]('https://patchstack.com/database/vulnerability/weblibrarian/wordpress-weblibrarian-plugin-3-5-8-1-multiple-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Solwin Infotech Responsive WordPress Slider – Avartan Slider Lite plugin <= 1.5.3 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30485&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-30485]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30485') [MISC]('https://patchstack.com/database/vulnerability/avartan-slider-lite/wordpress-avartan-slider-lite-plugin-1-5-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <= 3.1.10 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30494&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-30494]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30494') [MISC]('https://patchstack.com/database/vulnerability/imagerecycle-pdf-image-compression/wordpress-imagerecycle-pdf-image-compression-plugin-3-1-10-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Simon Chuang WP LINE Notify plugin <= 1.4.4 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30497&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-30497]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30497') [MISC]('https://patchstack.com/database/vulnerability/wp-line-notify/wordpress-wordpress-line-notify-plugin-1-4-2-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP-EXPERTS.IN TEAM WP Categories Widget plugin <= 2.2 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-31220&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-31220]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31220') [MISC]('https://patchstack.com/database/vulnerability/wp-categories-widget/wordpress-wp-categories-widget-plugin-2-2-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Kangu para WooCommerce plugin <= 2.2.9 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32296&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32296]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32296') [MISC]('https://patchstack.com/database/vulnerability/kangu/wordpress-kangu-para-woocommerce-plugin-2-2-9-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]shirasagi -- shirasagi[/LEFT][/TD] [TD][LEFT]Reflected cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote unauthenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36492&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36492]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36492') [MISC]('https://jvn.jp/en/jp/JVN82758000/') [MISC]('https://www.ss-proj.org/support/954.html')[/TD] [/TR] [TR] [TD][LEFT]7twenty -- bot[/LEFT][/TD] [TD][LEFT]7Twenty BOT - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37221&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37221]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37221') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]general_solutions_steiner_gmbh -- contwise_case2[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fieldname parameter.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37826&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37826]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37826') [MISC]('https://case.contwise.com/php/portal_case.php') [MISC]('https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37826')[/TD] [/TR] [TR] [TD][LEFT]general_solutions_steiner_gmbh -- contwise_case2[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the executionBlockName parameter.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37827&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37827]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37827') [MISC]('https://case.contwise.com/php/portal_case.php') [MISC]('https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37827')[/TD] [/TR] [TR] [TD][LEFT]general_solutions_steiner_gmbh -- contwise_case2[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Tasktyp parameter.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37828&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37828]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37828') [MISC]('https://case.contwise.com/php/portal_case.php') [MISC]('https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37828')[/TD] [/TR] [TR] [TD][LEFT]general_solutions_steiner_gmbh -- contwise_case2[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the notification.message parameter.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37829&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37829]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37829') [MISC]('https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37829') [MISC]('https://case.contwise.com/php/portal_case.php')[/TD] [/TR] [TR] [TD][LEFT]general_solutions_steiner_gmbh -- contwise_case2[/LEFT][/TD] [TD][LEFT]A cross-site scripting (XSS) vulnerability in General Solutions Steiner GmbH CASE 3 Taskmanagement V 3.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the name parameter.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37830&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37830]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37830') [MISC]('https://github.com/Popeye-ITSec/CVEs/blob/main/CVE-2023-37830') [MISC]('https://case.contwise.com/php/portal_case.php')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Chop-Chop Coming Soon Chop Chop plugin <= 2.2.4 versions.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37893&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37893]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37893') [MISC]('https://patchstack.com/database/vulnerability/cc-coming-soon/wordpress-coming-soon-chop-chop-plugin-2-2-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Dharmesh Patel Post List With Featured Image plugin <= 1.2 versions.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37997&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37997]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37997') [MISC]('https://patchstack.com/database/vulnerability/post-list-with-featured-image/wordpress-post-list-with-featured-image-plugin-1-2-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XLPlugins User Email Verification for WooCommerce plugin <= 3.5.0 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39162&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39162]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39162') [MISC]('https://patchstack.com/database/vulnerability/woo-confirmation-email/wordpress-user-email-verification-for-woocommerce-plugin-3-5-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Molongui Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors – Molongui plugin <= 4.6.19 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39164&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39164]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39164') [MISC]('https://patchstack.com/database/vulnerability/molongui-authorship/wordpress-molongui-plugin-4-6-18-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data. The vulnerability is found in [ICODE]graphs_new.php[/ICODE]. Several validations are performed, but the [ICODE]returnto[/ICODE] parameter is directly passed to [ICODE]form_save_button[/ICODE]. In order to bypass this validation, returnto must contain [ICODE]host.php[/ICODE]. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39360&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39360]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39360') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-gx8c-xvjh-9qh4')[/TD] [/TR] [TR] [TD][LEFT]startrinity -- softswitch[/LEFT][/TD] [TD][LEFT]StarTrinity Softswitch version 2023-02-16 - Multiple Reflected XSS (CWE-79)[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39369&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39369]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39369') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]startrinity -- softswitch[/LEFT][/TD] [TD][LEFT]StarTrinity Softswitch version 2023-02-16 - Open Redirect (CWE-601)[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39371&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39371]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39371') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]typora -- typora[/LEFT][/TD] [TD][LEFT]A cross site scripting (XSS) vulnerability in the Markdown Editor component of Typora v1.6.7 allows attackers to execute arbitrary code via uploading a crafted Markdown file.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39703&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39703]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39703') [MISC]('https://c0olw.github.io/2023/07/31/Typora-XSS-Vulnerability/')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_and_open_source_inventory_management_system[/LEFT][/TD] [TD][LEFT]Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add Customer section.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39710&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39710') [MISC]('https://www.sourcecodester.com/') [MISC]('https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html') [MISC]('https://gist.github.com/Arajawat007/dc6e4dd231accf777dae30d890a4e7df#file-cve-2023-39710')[/TD] [/TR] [TR] [TD][LEFT]sourcecodester -- free_and_open_source_inventory_management_system[/LEFT][/TD] [TD][LEFT]Multiple cross-site scripting (XSS) vulnerabilities in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name, Address, and Company parameters under the Add New Member section.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39714&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39714]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39714') [MISC]('https://www.sourcecodester.com/') [MISC]('https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html') [MISC]('https://gist.github.com/Arajawat007/141e68161014e832e30d39b1979a8a6c#file-cve-2023-39714')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SAASPROJECT Booking Package Booking Package plugin <= 1.6.01 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39918&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39918]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39918') [MISC]('https://patchstack.com/database/vulnerability/booking-package/wordpress-booking-package-plugin-1-6-01-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]i-pro_co._ltd. -- video_insight[/LEFT][/TD] [TD][LEFT]Reflected cross-site scripting vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to inject an arbitrary script.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39938&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39938]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39938') [MISC]('https://downloadvi.com/downloads/IPServer/v7.9/796232/v796232RN.pdf') [MISC]('https://jvn.jp/en/jp/JVN60140221/')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blindside Networks BigBlueButton plugin <= 3.0.0-beta.4 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39991&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39991]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39991') [MISC]('https://patchstack.com/database/vulnerability/bigbluebutton/wordpress-bigbluebutton-plugin-3-0-0-beta-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in vCita.Com Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.3.2 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39992&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39992]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39992') [MISC]('https://patchstack.com/database/vulnerability/meeting-scheduler-by-vcita/wordpress-online-booking-scheduling-calendar-for-wordpress-by-vcita-plugin-4-3-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in ImageRecycle ImageRecycle pdf & image compression plugin <= 3.1.11 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40196&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40196]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40196') [MISC]('https://patchstack.com/database/vulnerability/imagerecycle-pdf-image-compression/wordpress-imagerecycle-pdf-image-compression-plugin-3-1-11-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Pixelgrade PixTypes plugin <= 1.4.15 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40205&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40205]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40205') [MISC]('https://patchstack.com/database/vulnerability/pixtypes/wordpress-pixtypes-plugin-1-4-15-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Aleksandar Uroševi? Stock Ticker plugin <= 3.23.3 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40208&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40208]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40208') [MISC]('https://patchstack.com/database/vulnerability/stock-ticker/wordpress-stock-ticker-plugin-3-23-3-unauth-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Vathemes Business Pro theme <= 1.10.4 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40214&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40214]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40214') [MISC]('https://patchstack.com/database/vulnerability/business-pro/wordpress-business-pro-theme-1-10-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Plausible.Io Plausible Analytics plugin <= 1.3.3 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40553&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40553]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40553') [MISC]('https://patchstack.com/database/vulnerability/plausible-analytics/wordpress-plausible-analytics-plugin-1-3-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]awordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin <= 7.2.0 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40554&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40554]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40554') [MISC]('https://patchstack.com/database/vulnerability/blog2social/wordpress-blog2social-plugin-7-2-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Estatik Estatik Mortgage Calculator plugin <= 2.0.7 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40601&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40601]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40601') [MISC]('https://patchstack.com/database/vulnerability/estatik-mortgage-calculator/wordpress-mortgage-calculator-estatik-plugin-2-0-7-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]senayan_library_management_system -- slims_9_bulian[/LEFT][/TD] [TD][LEFT]Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to Server Side Request Forgery (SSRF) via admin/modules/bibliography/pop_p2p.php.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40969&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40969]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40969') [MISC]('https://github.com/slims/slims9_bulian/issues/204') [MISC]('https://github.com/komangsughosa/CVE-ID-not-yet/blob/main/slims/slims9_bulian-9.6.1-SSRF-pop_p2p.md')[/TD] [/TR] [TR] [TD][LEFT]decentraland -- single_sign_on_client[/LEFT][/TD] [TD][LEFT]@dcl/single-sign-on-client is an open source npm library which deals with single sign on authentication flows. Improper input validation in the [ICODE]init[/ICODE] function allows arbitrary javascript to be executed using the [ICODE]javascript:[/ICODE] prefix. This vulnerability has been patched on version [ICODE]0.1.0[/ICODE]. Users are advised to upgrade. Users unable to upgrade should limit untrusted user input to the [ICODE]init[/ICODE] function.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41049&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-41049]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41049') [MISC]('https://github.com/decentraland/single-sign-on-client/security/advisories/GHSA-vp4f-wxgw-7x8x') [MISC]('https://github.com/decentraland/single-sign-on-client/commit/bd20ea9533d0cda30809d929db85b1b76cef855a')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Store Locator WordPress plugin before 1.4.13 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4151&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4151]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4151') [MISC]('https://wpscan.com/vulnerability/c9d80aa4-a26d-4b3f-b7bf-9d2fb0560d7b')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Post Timeline WordPress plugin before 2.2.6 does not sanitise and escape an invalid nonce before outputting it back in an AJAX response, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4284&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4284]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4284') [MISC]('https://wpscan.com/vulnerability/1c126869-0afa-456f-94cc-10334964e5f9')[/TD] [/TR] [TR] [TD][LEFT]infosoftbd -- clcknshop[/LEFT][/TD] [TD][LEFT]A vulnerability was found in Infosoftbd Clcknshop 1.0.0. It has been declared as problematic. This vulnerability affects unknown code of the file /collection/all. The manipulation of the argument q leads to cross site scripting. The attack can be initiated remotely. VDB-238570 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4707&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4707]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4707') [MISC]('https://vuldb.com/?id.238570') [MISC]('https://vuldb.com/?ctiid.238570') [MISC]('http://packetstormsecurity.com/files/174444/Clcknshop-1.0.0-Cross-Site-Scripting.html')[/TD] [/TR] [TR] [TD][LEFT]totvs -- rm[/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic has been found in TOTVS RM 12.1. Affected is an unknown function of the file Login.aspx of the component Portal. The manipulation of the argument VIEWSTATE leads to cross site scripting. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-238572. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4709&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4709]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4709') [MISC]('https://vuldb.com/?ctiid.238572') [MISC]('https://vuldb.com/?id.238572')[/TD] [/TR] [TR] [TD][LEFT]totvs -- rm[/LEFT][/TD] [TD][LEFT]A vulnerability classified as problematic was found in TOTVS RM 12.1. Affected by this vulnerability is an unknown functionality of the component Portal. The manipulation of the argument d leads to cross site scripting. The attack can be launched remotely. The identifier VDB-238573 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4710&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4710]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4710') [MISC]('https://vuldb.com/?ctiid.238573') [MISC]('https://vuldb.com/?id.238573')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Simple Membership plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the [ICODE]list_type[/ICODE] parameter in versions up to, and including, 4.3.5 due to insufficient input sanitization and output escaping. Using this vulnerability, unauthenticated attackers could inject arbitrary web scripts into pages that are being executed if they can successfully trick a user into taking an action, such as clicking a malicious link.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][6.1]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4719&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4719]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4719') [MISC]('https://wordpress.org/plugins/simple-membership/') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/e4b10172-7e54-4ff8-9fbb-41d160ce49e4?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2962730%40simple-membership&new=2962730%40simple-membership&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex[/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 transmits sensitive information in cleartext which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 244121.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-22870&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-22870]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-22870') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/244121') [MISC]('https://www.ibm.com/support/pages/node/7029681')[/TD] [/TR] [TR] [TD][LEFT]moxa -- mxsecurity[/LEFT][/TD] [TD][LEFT]A vulnerability has been identified in MXsecurity versions prior to v1.0.1. The vulnerability may put the confidentiality and integrity of SSH communications at risk on the affected device. This vulnerability is attributed to a hard-coded SSH host key, which might facilitate man-in-the-middle attacks and enable the decryption of SSH traffic.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39982&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39982]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39982') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_nifi_minifi_c_plus_plus[/LEFT][/TD] [TD][LEFT]Incorrect certificate validation in InvokeHTTP on Apache NiFi MiNiFi C++ versions 0.13 to 0.14 allows an intermediary to present a forged certificate during TLS handshake negotation. The Disable Peer Verification property of InvokeHTTP was effectively flipped, disabling verification by default, when using HTTPS. Mitigation: Set the Disable Peer Verification property of InvokeHTTP to true when using MiNiFi C++ versions 0.13.0 or 0.14.0. Upgrading to MiNiFi C++ 0.15.0 corrects the default behavior.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41180&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-41180]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41180') [MISC]('https://lists.apache.org/thread/b51f8csysg1pvgs6xjjrq5hrjrvfot1y')[/TD] [/TR] [TR] [TD][LEFT]apollo_router -- apollo_router[/LEFT][/TD] [TD][LEFT]The Apollo Router is a configurable, high-performance graph router written in Rust to run a federated supergraph that uses Apollo Federation 2. Affected versions are subject to a Denial-of-Service (DoS) type vulnerability which causes the Router to panic and terminate when GraphQL Subscriptions are enabled. It can be triggered when [B]all of the following conditions are met[/B]: 1. Running Apollo Router v1.28.0, v1.28.1 or v1.29.0 ("impacted versions"); [B]and[/B] 2. The Supergraph schema provided to the Router (either via Apollo Uplink or explicitly via other configuration) [B]has a [ICODE]subscription[/ICODE] type[/B] with root-fields defined; [B]and[/B] 3. The YAML configuration provided to the Router [B]has subscriptions enabled[/B] (they are [I]disabled[/I] by default), either by setting [ICODE]enabled: true[/ICODE] [I]or[/I] by setting a valid [ICODE]mode[/ICODE] within the [ICODE]subscriptions[/ICODE] object (as seen in [subscriptions' documentation](https://www.apollographql.com/docs/router/executing-operations/subscription-support/#router-setup)); [B]and[/B] 4. An [anonymous](https://spec.graphql.org/draft/#sec-Anonymous-Operation-Definitions) (i.e., un-named) [ICODE]subscription[/ICODE] operation (e.g., [ICODE]subscription { ... }[/ICODE]) is received by the Router If [B]all four[/B] of these criteria are met, the impacted versions will panic and terminate. There is no data-privacy risk or sensitive-information exposure aspect to this vulnerability. This is fixed in Apollo Router v1.29.1. Users are advised to upgrade. Updating to v1.29.1 should be a clear and simple upgrade path for those running impacted versions. However, if Subscriptions are [B]not[/B] necessary for your Graph – but are enabled via configuration — then disabling subscriptions is another option to mitigate the risk.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41317&vector=CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-41317]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41317') [MISC]('https://github.com/apollographql/router/commit/b295c103dd86c57c848397d32e8094edfa8502aa') [MISC]('https://github.com/apollographql/router/security/advisories/GHSA-w8vq-3hf9-xppx') [MISC]('https://github.com/apollographql/router/releases/tag/v1.29.1')[/TD] [/TR] [TR] [TD][LEFT]adobe -- media_encoder [/LEFT][/TD] [TD][LEFT]Adobe Media Encoder version 15.2 (and earlier) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-36060&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-36060]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36060') [MISC]('https://helpx.adobe.com/security/products/media-encoder/apsb21-43.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_reader [/LEFT][/TD] [TD][LEFT]Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-39859&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-39859]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-39859') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb21-55.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- acrobat_reader [/LEFT][/TD] [TD][LEFT]Acrobat Reader DC versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40723&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-40723]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40723') [MISC]('https://helpx.adobe.com/security/products/acrobat/apsb21-09.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- premiere_pro [/LEFT][/TD] [TD][LEFT]Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40790&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-40790]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40790') [MISC]('https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- premiere_pro [/LEFT][/TD] [TD][LEFT]Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40791&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-40791]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40791') [MISC]('https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- premiere_pro [/LEFT][/TD] [TD][LEFT]Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-42265&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-42265]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-42265') [MISC]('https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- premiere_pro [/LEFT][/TD] [TD][LEFT]Adobe Photoshop version 22.5.1 ?and earlier?versions???are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-42734&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-42734]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-42734') [MISC]('https://helpx.adobe.com/security/products/photoshop/apsb21-109.html')[/TD] [/TR] [TR] [TD][LEFT]apple -- xcode[/LEFT][/TD] [TD][LEFT]The issue was addressed with improved checks. This issue is fixed in Xcode 14.0. Parsing a file may lead to disclosure of user information.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-32920&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-32920]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-32920') [MISC]('https://support.apple.com/en-us/HT213883')[/TD] [/TR] [TR] [TD][LEFT]qualcomm -- aqt1000[/LEFT][/TD] [TD][LEFT]Information disclosure in Automotive multimedia due to buffer over-read.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-33220&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-33220]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33220') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951402.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20824&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20824]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20824') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In duraspeed, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07951402; Issue ID: ALPS07951413.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20825&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20825]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20825') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In cta, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction is not needed for exploitation. Patch ID: ALPS07978550; Issue ID: ALPS07978550.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20826&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20826]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20826') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos[/LEFT][/TD] [TD][LEFT]An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3. Processing an image may result in disclosure of process memory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-27950&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-27950]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27950') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]ibm -- sterling_external_authentication_server[/LEFT][/TD] [TD][LEFT]IBM Sterling Secure Proxy 6.0.3 and 6.1.0 could allow a local user with specific information about the system to obtain privileged information due to inadequate memory clearing during operations. IBM X-Force ID: 252139.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-29261&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-29261]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29261') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/252139') [MISC]('https://https://www.ibm.com/support/pages/node/7029765') [MISC]('https://www.ibm.com/support/pages/node/7029765')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper privilege management vulnerability in FolderLockNotifier in One UI Home prior to SMR Sep-2023 Release 1 allows local attackers to change some settings of the folder lock.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30713&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-30713]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30713') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to trigger certain commands.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30716&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-30716]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30716') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]PendingIntent hijacking in LmsAssemblyTrackerCTC prior to SMR Sep-2023 Release 1 allows local attacker to gain arbitrary file access.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30720&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30720]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30720') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- gallery[/LEFT][/TD] [TD][LEFT]Improper authentication in LocalProvier of Gallery prior to version 14.5.01.2 allows attacker to access the data in content provider.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30725&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30725]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30725') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]PendingIntent hijacking vulnerability in GameLauncher prior to version 4.2.59.5 allows local attackers to access data.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30726&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30726]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30726') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Intent redirection vulnerability in PackageInstallerCHN prior to version 13.1.03.00 allows local attacker to access arbitrary file. This vulnerability requires user interaction.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30728&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30728]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30728') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Implicit intent hijacking vulnerability in Camera prior to versions 11.0.16.43 in Android 11, 12.1.00.30, 12.0.07.53, 12.1.03.10 in Android 12, and 13.0.01.43, 13.1.00.83 in Android 13 allows local attacker to access specific file.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30730&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30730]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30730') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]ibm -- sterling_secure_proxy[/LEFT][/TD] [TD][LEFT]IBM Sterling Secure Proxy and IBM Sterling External Authentication Server 6.0.3 and 6.1.0 stores user credentials in plain clear text which can be read by a local user with container access. IBM X-Force ID: 255585.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32338&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32338]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32338') [MISC]('https://www.ibm.com/support/pages/node/7029766') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/255585') [MISC]('https://https://www.ibm.com/support/pages/node/7029765') [MISC]('https://www.ibm.com/support/pages/node/7029765')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos[/LEFT][/TD] [TD][LEFT]A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An app may be able to access user-sensitive data.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32432&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32432]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32432') [MISC]('https://support.apple.com/en-us/HT213761') [MISC]('https://support.apple.com/en-us/HT213757') [MISC]('https://support.apple.com/en-us/HT213758') [MISC]('https://support.apple.com/en-us/HT213764') [MISC]('https://support.apple.com/kb/HT213758') [MISC]('https://support.apple.com/kb/HT213761') [MISC]('https://support.apple.com/kb/HT213764') [MISC]('https://support.apple.com/kb/HT213757')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos[/LEFT][/TD] [TD][LEFT]This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in tvOS 16.3, macOS Ventura 13.2, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32438&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32438]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32438') [MISC]('https://support.apple.com/en-us/HT213605') [MISC]('https://support.apple.com/en-us/HT213606') [MISC]('https://support.apple.com/en-us/HT213601') [MISC]('https://support.apple.com/en-us/HT213599')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33916&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-33916]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33916') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33917&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-33917]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33917') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-33918&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-33918]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-33918') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38436&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38436]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38436') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38437&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38437]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38437') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38438&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38438]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38438') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38439&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38439]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38439') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38440&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38440]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38440') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38441&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38441]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38441') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38442&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38442]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38442') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38445&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38445]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38445') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38446&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38446]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38446') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38447&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38447]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38447') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38448&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38448]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38448') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifi service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38454&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38454]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38454') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38457&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38457]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38457') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38461&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38461]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38461') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38462&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38462]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38462') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vowifiservice, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38463&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38463]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38463') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38465&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38465]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38465') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38466&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-38466]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38466') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In wcn bsp driver, there is a possible out of bounds write due to a missing bounds check.This could lead to local denial of service with no additional execution privileges[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38554&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38554]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38554') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]hyper_bump_it -- hyper_bump_it[/LEFT][/TD] [TD][LEFT]hyper-bump-it is a command line tool for updating the version in project files.[ICODE]hyper-bump-it[/ICODE] reads a file glob pattern from the configuration file. That is combined with the project root directory to construct a full glob pattern that is used to find files that should be edited. These matched files should be contained within the project root directory, but that is not checked. This could result in changes being written to files outside of the project. The default behaviour of [ICODE]hyper-bump-it[/ICODE] is to display the planned changes and prompt the user for confirmation before editing any files. However, the configuration file provides a field that can be used cause files to be edited without displaying the prompt. This issue has been fixed in release version 0.5.1. Users are advised to upgrade. Users that are unable to update from vulnerable versions, executing [ICODE]hyper-bump-it[/ICODE] with the [ICODE]--interactive[/ICODE] command line argument will ensure that all planned changes are displayed and prompt the user for confirmation before editing any files, even if the configuration file contains [ICODE]show_confirm_prompt=true[/ICODE].[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41057&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-41057]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41057') [MISC]('https://github.com/plannigan/hyper-bump-it/pull/307') [MISC]('https://github.com/plannigan/hyper-bump-it/security/advisories/GHSA-xc27-f9q3-4448')[/TD] [/TR] [TR] [TD][LEFT]catdoc -- catdoc[/LEFT][/TD] [TD][LEFT]Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/fileutil.c.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41633&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-41633]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41633') [MISC]('https://rycbar77.github.io/2023/08/29/catdoc-0-95-nullptr-dereference/') [MISC]('https://gist.github.com/rycbar77/3da455382f88cfb6d6798572f34378bd')[/TD] [/TR] [TR] [TD][LEFT]phpfusion -- phpfusion[/LEFT][/TD] [TD][LEFT]Due to an out-of-date dependency in the “Fusion File Manager” component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the application’s mime-type and file extension validation. [/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4480&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4480]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4480') [MISC]('https://www.synopsys.com/blogs/software-security/cyrc-vulnerability-advisory-cve-2023-2453/')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Floating Point Comparison with Incorrect Operator in GitHub repository gpac/gpac prior to 2.3-DEV.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4720&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4720]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4720') [MISC]('https://huntr.dev/bounties/1dc2954c-8497-49fa-b2af-113e1e9381ad') [MISC]('https://github.com/gpac/gpac/commit/e396648e48c57e2d53988d3fd4465b068b96c89a')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4721&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4721]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4721') [MISC]('https://github.com/gpac/gpac/commit/3ec93d73d048ed7b46fe6e9f307cc7a0cc13db63') [MISC]('https://huntr.dev/bounties/f457dc62-3cff-47bd-8fd2-1cb2b4a832fc')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Integer Overflow or Wraparound in GitHub repository gpac/gpac prior to 2.3-DEV.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4722&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4722]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4722') [MISC]('https://github.com/gpac/gpac/commit/de7f3a852bef72a52825fd307cf4e8f486401a76') [MISC]('https://huntr.dev/bounties/ddfdb41d-e708-4fec-afe5-68ff1f88f830')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Out-of-bounds Write in GitHub repository gpac/gpac prior to 2.3-DEV.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4754&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4754]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4754') [MISC]('https://huntr.dev/bounties/b7ed24ad-7d0b-40b7-8f4d-3c18a906620c') [MISC]('https://github.com/gpac/gpac/commit/7e2e92feb1b30fac1d659f6620d743b5a188ffe0')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Use After Free in GitHub repository gpac/gpac prior to 2.3-DEV.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4755&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4755]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4755') [MISC]('https://huntr.dev/bounties/463474b7-a4e8-42b6-8b30-e648a77ee6b3') [MISC]('https://github.com/gpac/gpac/commit/895ac12da168435eb8db3f96978ffa4c69d66c3a')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Stack-based Buffer Overflow in GitHub repository gpac/gpac prior to 2.3-DEV.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4756&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4756]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4756') [MISC]('https://github.com/gpac/gpac/commit/6914d016e2b540bac2c471c4aea156ddef8e8e01') [MISC]('https://huntr.dev/bounties/2342da0e-f097-4ce7-bfdc-3ec0ba446e05')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Buffer Over-read in GitHub repository gpac/gpac prior to 2.3-DEV.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4758&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4758]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4758') [MISC]('https://github.com/gpac/gpac/commit/193633b1648582444fc99776cd741d7ba0125e86') [MISC]('https://huntr.dev/bounties/2f496261-1090-45ac-bc89-cc93c82090d6')[/TD] [/TR] [TR] [TD][LEFT]gpac -- gpac[/LEFT][/TD] [TD][LEFT]Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.5]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4778&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-4778]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4778') [MISC]('https://huntr.dev/bounties/abb450fb-4ab2-49b0-90da-3d878eea5397') [MISC]('https://github.com/gpac/gpac/commit/d553698050af478049e1a09e44a15ac884f223ed')[/TD] [/TR] [TR] [TD][LEFT]searchblox -- searchblox[/LEFT][/TD] [TD][LEFT]SearchBlox product with version before 9.2.1 is vulnerable to stored cross-site scripting at multiple user input parameters. In SearchBlox products multiple parameters are not sanitized/validate properly which allows an attacker to inject malicious JavaScript.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2020-10128&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2020-10128]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10128') [MISC]('https://developer.searchblox.com/v9.2/changelog/version-921')[/TD] [/TR] [TR] [TD][LEFT]navblue -- s.a.s_n-ops_&_crew[/LEFT][/TD] [TD][LEFT]NAVBLUE S.A.S N-Ops & Crew 22.5-rc.50 is vulnerable to Cross Site Scripting (XSS).[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-44349&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-44349]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-44349') [MISC]('https://github.com/MVRC-ITSEC/CVEs/blob/main/CVE-2022-44349') [MISC]('https://www.navblue.aero/product/n-crew-planning/')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Pexle Chris Library Viewer plugin <= 2.0.6 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32102&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32102]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32102') [MISC]('https://patchstack.com/database/vulnerability/library-viewer/wordpress-library-viewer-plugin-2-0-6-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Twinpictures Column-Matic plugin <= 1.3.3 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32578&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32578]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32578') [MISC]('https://patchstack.com/database/vulnerability/column-matic/wordpress-column-matic-plugin-1-3-3-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Artem Abramovich Art Decoration Shortcode plugin <= 1.5.6 versions.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37994&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37994]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37994') [MISC]('https://patchstack.com/database/vulnerability/art-decoration-shortcode/wordpress-art-decoration-shortcode-plugin-1-5-6-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WP OnlineSupport, Essential Plugin Audio Player with Playlist Ultimate plugin <= 1.2.2 versions.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38516&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38516') [MISC]('https://patchstack.com/database/vulnerability/audio-player-with-playlist-ultimate/wordpress-audio-player-with-playlist-ultimate-plugin-1-2-2-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]shirasagi -- shirasagi[/LEFT][/TD] [TD][LEFT]Stored cross-site scripting vulnerability in SHIRASAGI prior to v1.18.0 allows a remote authenticated attacker to execute an arbitrary script on the web browser of the user who is logging in to the product.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38569&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38569]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38569') [MISC]('https://jvn.jp/en/jp/JVN82758000/') [MISC]('https://www.ss-proj.org/support/954.html')[/TD] [/TR] [TR] [TD][LEFT]startrinity -- softswitch[/LEFT][/TD] [TD][LEFT]StarTrinity Softswitch version 2023-02-16 - Persistent XSS (CWE-79)[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39370&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39370]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39370') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the [I]cacti[/I]'s database. These data will be viewed by administrative [I]cacti[/I] accounts and execute JavaScript code in the victim's browser at view-time. The script under [ICODE]host.php[/ICODE] is used to monitor and manage hosts in the [I]cacti[/I] app, hence displays useful information such as data queries and verbose logs. [I]CENSUS[/I] found that an adversary that is able to configure a data-query template with malicious code appended in the template path, in order to deploy a stored XSS attack against any user with the [I]General Administration>Sites/Devices/Data[/I] privileges. A user that possesses the [I]Template Editor>Data Queries[/I] permissions can configure the data query template path in [I]cacti[/I]. Please note that such a user may be a low privileged user. This configuration occurs through [ICODE]http:///cacti/data_queries.php[/ICODE] by editing an existing or adding a new data query template. If a template is linked to a device, then the formatted template path will be rendered in the device's management page, when a [I]verbose data query[/I] is requested. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39513&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39513]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39513') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-9fj7-8f2j-2rw2')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the [I]cacti[/I]'s database. These data will be viewed by administrative [I]cacti[/I] accounts and execute JavaScript code in the victim's browser at view-time. The script under [ICODE]graphs.php[/ICODE] displays graph details such as data-source paths, data template information and graph related fields. [I]CENSUS[/I] found that an adversary that is able to configure either a data-source template with malicious code appended in the data-source name or a device with a malicious payload injected in the device name, may deploy a stored XSS attack against any user with [I]General Administration>Graphs[/I] privileges. A user that possesses the [I]Template Editor>Data Templates[/I] permissions can configure the data-source name in [I]cacti[/I]. Please note that this may be a [I]low privileged[/I] user. This configuration occurs through [ICODE]http:///cacti/data_templates.php[/ICODE] by editing an existing or adding a new data template. If a template is linked to a graph, then the formatted template name will be rendered in the graph's management page. A user that possesses the [I]General Administration>Sites/Devices/Data[/I] permissions can configure the device name in [I]cacti[/I]. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should add manual HTML escaping.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39514&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39514]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39514') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-6hrc-2cfc-8hm7')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ???(std.Cloud) WxSync plugin <= 2.7.23 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39988&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39988]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39988') [MISC]('https://patchstack.com/database/vulnerability/wxsync/wordpress-wxsync-plugin-2-7-23-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Devaldi Ltd flowpaper plugin <= 1.9.9 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40197&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40197]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40197') [MISC]('https://patchstack.com/database/vulnerability/flowpaper-lite-pdf-flipbook/wordpress-flowpaper-plugin-1-9-9-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]i-pro_co._ltd. -- video_insight[/LEFT][/TD] [TD][LEFT]Stored cross-site scripting vulnerability in View setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40535&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40535]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40535') [MISC]('https://downloadvi.com/downloads/IPServer/v7.9/796232/v796232RN.pdf') [MISC]('https://jvn.jp/en/jp/JVN60140221/')[/TD] [/TR] [TR] [TD][LEFT]i-pro_co._ltd. -- video_insight[/LEFT][/TD] [TD][LEFT]Stored cross-site scripting vulnerability in Map setting page of VI Web Client prior to 7.9.6 allows a remote authenticated attacker to inject an arbitrary script.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40705&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40705]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40705') [MISC]('https://downloadvi.com/downloads/IPServer/v7.9/796232/v796232RN.pdf') [MISC]('https://jvn.jp/en/jp/JVN60140221/')[/TD] [/TR] [TR] [TD][LEFT]f-revocrm -- f-revocrm[/LEFT][/TD] [TD][LEFT]F-RevoCRM 7.3 series prior to version7.3.8 contains a cross-site scripting vulnerability. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is using the product.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41150&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-41150]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41150') [MISC]('https://f-revocrm.jp/2023/08/9394/') [MISC]('http://jvn.jp/en/jp/JVN78113802/')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Font Awesome 4 Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fa' and 'fa-stack' shortcodes in versions up to, and including, 4.7.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][5.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4718&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4718]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4718') [MISC]('https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L214') [MISC]('https://plugins.trac.wordpress.org/browser/font-awesome-4-menus/trunk/n9m-font-awesome-4.php?rev=1526295#L197') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/dc59510c-6eaf-4526-8acb-c07e39923ad9?source=cve')[/TD] [/TR] [TR] [TD][LEFT]saltstack -- salt[/LEFT][/TD] [TD][LEFT]Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20897&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2023-20897]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20897') [MISC]('https://saltproject.io/security-announcements/2023-08-10-advisory/')[/TD] [/TR] [TR] [TD][LEFT]github -- enterprise_server[/LEFT][/TD] [TD][LEFT]An authorization/sensitive information disclosure vulnerability was identified in GitHub Enterprise Server that allowed a fork to retain read access to an upstream repository after its visibility was changed to private. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.10.0 and was fixed in versions 3.9.4, 3.8.9, 3.7.16 and 3.6.18. This vulnerability was reported via the GitHub Bug Bounty program.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-23763&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-23763]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23763') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.6.18-security-fixes') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.9.4-security-fixes') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.8.9-security-fixes') [MISC]('https://docs.github.com/en/[email protected]/admin/release-notes#3.7.16-security-fixes')[/TD] [/TR] [TR] [TD][LEFT]password_recovery -- password_recovery[/LEFT][/TD] [TD][LEFT]User enumeration vulnerability in Password Recovery plugin 1.2 version for Roundcube, which could allow a remote attacker to create a test script against the password recovery function to enumerate all users in the database.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3221&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-3221]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3221') [MISC]('https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-roundcube-password-recovery-plugin')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A logic issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.3. Content Security Policy to block domains with wildcards may fail.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32370&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-32370]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32370') [MISC]('https://support.apple.com/en-us/HT213670')[/TD] [/TR] [TR] [TD][LEFT]apple -- multiple_products[/LEFT][/TD] [TD][LEFT]A permissions issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.4, tvOS 16.5, iOS 16.5 and iPadOS 16.5, watchOS 9.5. An attacker may be able to leak user account emails.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34352&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-34352]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34352') [MISC]('https://support.apple.com/en-us/HT213761') [MISC]('https://support.apple.com/en-us/HT213757') [MISC]('https://support.apple.com/en-us/HT213758') [MISC]('https://support.apple.com/en-us/HT213764') [MISC]('https://support.apple.com/kb/HT213758') [MISC]('https://support.apple.com/kb/HT213761') [MISC]('https://support.apple.com/kb/HT213764') [MISC]('https://support.apple.com/kb/HT213757')[/TD] [/TR] [TR] [TD][LEFT]moxa -- mxsecurity[/LEFT][/TD] [TD][LEFT]A vulnerability that poses a potential risk of polluting the MXsecurity sqlite database and the nsm-web UI has been identified in MXsecurity versions prior to v1.0.1. This vulnerability might allow an unauthenticated remote attacker to register or add devices via the nsm-web application.[/LEFT][/TD] [TD][CENTER]2023-09-02[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39983&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39983]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39983') [MISC]('https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230403-mxsecurity-series-multiple-vulnerabilities')[/TD] [/TR] [TR] [TD][LEFT]vyperlang -- vyper[/LEFT][/TD] [TD][LEFT]Vyper is a Pythonic Smart Contract Language. For the following (probably non-exhaustive) list of expressions, the compiler evaluates the arguments from right to left instead of left to right. [ICODE]unsafe_add, unsafe_sub, unsafe_mul, unsafe_div, pow_mod256, |, &, ^ (bitwise operators), bitwise_or (deprecated), bitwise_and (deprecated), bitwise_xor (deprecated), raw_call, <, >, <=, >=, ==, !=, in, not in (when lhs and rhs are enums)[/ICODE]. This behaviour becomes a problem when the evaluation of one of the arguments produces side effects that other arguments depend on. The following expressions can produce side-effect: state modifying external call , state modifying internal call, [ICODE]raw_call[/ICODE], [ICODE]pop()[/ICODE] when used on a Dynamic Array stored in the storage, [ICODE]create_minimal_proxy_to[/ICODE], [ICODE]create_copy_of[/ICODE], [ICODE]create_from_blueprint[/ICODE]. This issue has not yet been patched. Users are advised to make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40015&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40015]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40015') [MISC]('https://github.com/vyperlang/vyper/security/advisories/GHSA-g2xh-c426-v8mf')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An issue has been discovered in GitLab affecting all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to create model experiments in public projects.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4018&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4018]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4018') [MISC]('https://hackerone.com/reports/2083440') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/420301')[/TD] [/TR] [TR] [TD][LEFT]vyperlang -- vyper[/LEFT][/TD] [TD][LEFT]Vyper is a Pythonic Smart Contract Language. In affected versions the order of evaluation of the arguments of the builtin functions [ICODE]uint256_addmod[/ICODE], [ICODE]uint256_mulmod[/ICODE], [ICODE]ecadd[/ICODE] and [ICODE]ecmul[/ICODE] does not follow source order. This behaviour is problematic when the evaluation of one of the arguments produces side effects that other arguments depend on. A patch is currently being developed on pull request #3583. When using builtins from the list above, users should make sure that the arguments of the expression do not produce side effects or, if one does, that no other argument is dependent on those side effects.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41052&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-41052]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41052') [MISC]('https://github.com/vyperlang/vyper/pull/3583') [MISC]('https://github.com/vyperlang/vyper/security/advisories/GHSA-4hg4-9mf5-wxxq')[/TD] [/TR] [TR] [TD][LEFT]cerebrate -- cerebrate[/LEFT][/TD] [TD][LEFT]Cerebrate before 1.15 lacks the Secure attribute for the session cookie.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][5.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41908&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-41908]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41908') [MISC]('https://github.com/cerebrate-project/cerebrate/commit/9be81055651649658243b5aa274b175064bfc6db') [MISC]('https://github.com/cerebrate-project/cerebrate/compare/v1.14...v1.15')[/TD] [/TR] [TR] [TD][LEFT]tenda -- ac6[/LEFT][/TD] [TD][LEFT]Tenda AC6 US_AC6V4.0RTL_V02.03.01.26_cn.bin allows attackers (who have the administrator password) to cause a denial of service (device crash) via a long string in the wifiPwd_5G parameter to /goform/setWifi.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-40546&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2021-40546]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-40546') [MISC]('https://github.com/doudoudedi/buffer_overflow/blob/main/Tenda%20AC6%20V4.0-Denial%20of%20Service%20Vulnerability.md')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- keyboard[/LEFT][/TD] [TD][LEFT]Improper authorization in Samsung Keyboard prior to SMR Sep-2023 Release 1 allows attacker to read arbitrary file with system privilege.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30706&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30706]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30706') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]advanced_file_manager -- advanced_file_manager[/LEFT][/TD] [TD][LEFT]The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3814&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-3814]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3814') [MISC]('https://wpscan.com/vulnerability/ca954ec6-6ebd-4d72-a323-570474e2e339')[/TD] [/TR] [TR] [TD][LEFT]chamilo -- chamilo_lms[/LEFT][/TD] [TD][LEFT]SQL Injection vulnerability in Chamilo LMS v.1.11 thru v.1.11.20 allows a remote privileged attacker to obtain sensitive information via the import sessions functions.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39582&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-39582]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39582') [MISC]('https://support.chamilo.org/projects/chamilo-18/wiki/Security_issues#Issue-126-2023-07-18-High-impact-Low-risk-SQL-injection-by-admin-users')[/TD] [/TR] [TR] [TD][LEFT]instantcms -- instantcms[/LEFT][/TD] [TD][LEFT]External Control of System or Configuration Setting in GitHub repository instantsoft/icms2 prior to 2.16.1-git.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.9]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4704&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4704]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4704') [MISC]('https://huntr.dev/bounties/4a54134d-df1f-43d4-9b14-45f023cd654a') [MISC]('https://github.com/instantsoft/icms2/commit/bc22d89691fdaf38055eba13dda8d959b16fa731')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy wp tell a friend popup form plugin <= 7.1 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25465&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-25465]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25465') [MISC]('https://patchstack.com/database/vulnerability/wp-tell-a-friend-popup-form/wordpress-wp-tell-a-friend-popup-form-plugin-7-1-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yotuwp Video Gallery plugin <= 1.3.12 versions.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25477&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-25477]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25477') [MISC]('https://patchstack.com/database/vulnerability/yotuwp-easy-youtube-embed/wordpress-video-gallery-youtube-playlist-channel-gallery-by-yotuwp-plugin-1-3-12-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Duc Bui Quang WP Default Feature Image plugin <= 1.0.1.1 versions.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-25488&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-25488]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-25488') [MISC]('https://patchstack.com/database/vulnerability/wp-default-feature-image/wordpress-wp-default-feature-image-plugin-1-0-1-1-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in ShopConstruct plugin <= 1.1.2 versions.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34011&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-34011]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34011') [MISC]('https://patchstack.com/database/vulnerability/shopconstruct/wordpress-shopconstruct-plugin-1-1-2-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.16 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-3499&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-3499]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3499') [MISC]('https://wpscan.com/vulnerability/ea29413b-494e-410e-ae42-42f96284899c')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeffrey-WP Media Library Categories plugin <= 2.0.0 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-36382&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-36382]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36382') [MISC]('https://patchstack.com/database/vulnerability/wp-media-library-categories/wordpress-media-library-categories-plugin-2-0-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]farsight_tech_nordic -- ab_provide[/LEFT][/TD] [TD][LEFT]Farsight Tech Nordic AB ProVide version 14.5 - Multiple XSS vulnerabilities (CWE-79) can be exploited by a user with administrator privilege.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37222&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37222]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37222') [MISC]('https://www.gov.il/en/Departments/faq/cve_advisories')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Atarim Visual Website Collaboration, Feedback & Project Management – Atarim plugin <= 3.9.3 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37393&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37393]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37393') [MISC]('https://patchstack.com/database/vulnerability/atarim-visual-collaboration/wordpress-atarim-plugin-3-9-3-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in miniOrange YourMembership Single Sign On – YM SSO Login plugin <= 1.1.3 versions.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-37986&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-37986]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37986') [MISC]('https://patchstack.com/database/vulnerability/login-with-yourmembership/wordpress-yourmembership-single-sign-on-plugin-1-1-3-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Elastic Email Sender plugin <= 1.2.6 versions.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38387&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38387]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38387') [MISC]('https://patchstack.com/database/vulnerability/elastic-email-sender/wordpress-elastic-email-sender-plugin-1-2-6-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in SuiteDash :: ONE Dashboard® Client Portal : SuiteDash Direct Login plugin <= 1.7.6 versions.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38476&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38476]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38476') [MISC]('https://patchstack.com/database/vulnerability/client-portal-suitedash-login/wordpress-client-portal-suitedash-direct-login-plugin-1-7-3-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in QualityUnit Post Affiliate Pro plugin <= 1.25.0 versions.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38482&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38482]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38482') [MISC]('https://patchstack.com/database/vulnerability/postaffiliatepro/wordpress-post-affiliate-pro-plugin-1-24-9-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Realwebcare WRC Pricing Tables plugin <= 2.3.7 versions.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38517&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38517]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38517') [MISC]('https://patchstack.com/database/vulnerability/wrc-pricing-tables/wordpress-wrc-pricing-tables-plugin-2-3-4-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Visualmodo Borderless plugin <= 1.4.8 versions.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38518&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38518]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38518') [MISC]('https://patchstack.com/database/vulnerability/borderless/wordpress-borderless-plugin-1-4-7-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Exifography plugin <= 1.3.1 versions.[/LEFT][/TD] [TD][CENTER]2023-09-03[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38521&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-38521]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38521') [MISC]('https://patchstack.com/database/vulnerability/thesography/wordpress-exifography-plugin-1-3-1-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the [I]cacti[/I]'s database. These data will be viewed by administrative [I]cacti[/I] accounts and execute JavaScript code in the victim's browser at view-time. The [ICODE]data_sources.php[/ICODE] script displays the data source management information (e.g., data source path, polling configuration etc.) for different data visualizations of the [I]cacti[/I] app. CENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the [I]General Administration>Sites/Devices/Data[/I] permissions can configure the device names in [I]cacti[/I]. This configuration occurs through [ICODE]http:///cacti/host.php[/ICODE], while the rendered malicious payload is exhibited at [ICODE]http:///cacti/data_sources.php[/ICODE]. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39366&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39366]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39366') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-rwhh-xxm6-vcrv')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the [I]cacti[/I]'s database. These data will be viewed by administrative [I]cacti[/I] accounts and execute JavaScript code in the victim's browser at view-time. The`reports_admin.php` script displays reporting information about graphs, devices, data sources etc. CENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the [I]General Administration>Sites/Devices/Data[/I] permissions can configure the device names in [I]cacti[/I]. This configuration occurs through [ICODE]http:///cacti/host.php[/ICODE], while the rendered malicious payload is exhibited at [ICODE]http:///cacti/reports_admin.php[/ICODE] when a graph with the maliciously altered device name is linked to the report. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39510&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39510]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39510') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-24w4-4hp2-3j8h')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the [I]cacti[/I]'s database. These data will be viewed by administrative [I]cacti[/I] accounts and execute JavaScript code in the victim's browser at view-time. The script under [ICODE]data_sources.php[/ICODE] displays the data source management information (e.g., data source path, polling configuration, device name related to the datasource etc.) for different data visualizations of the [I]cacti[/I] app. [I]CENSUS[/I] found that an adversary that is able to configure a malicious device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the [I]General Administration>Sites/Devices/Data[/I] permissions can configure the device names in [I]cacti[/I]. This configuration occurs through [ICODE]http:///cacti/host.php[/ICODE], while the rendered malicious payload is exhibited at [ICODE]http:///cacti/data_sources.php[/ICODE]. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39512&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39512]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39512') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-vqcc-5v63-g9q7')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim's browser at view-time. The script under [ICODE]data_debug.php[/ICODE] displays data source related debugging information such as [I]data source paths, polling settings, meta-data on the data source[/I]. [I]CENSUS[/I] found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the [ICODE]data_debug.php[/ICODE] information. A user that possesses the [I]General Administration>Sites/Devices/Data[/I] permissions can configure the data source path in [I]cacti[/I]. This configuration occurs through [ICODE]http:///cacti/data_sources.php[/ICODE]. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39515&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39515]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39515') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-hrg9-qqqx-wc4h')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open-source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the [I]cacti[/I]'s database. These data will be viewed by administrative [I]cacti[/I] accounts and execute JavaScript code in the victim's browser at view-time. The script under [ICODE]data_sources.php[/ICODE] displays the data source management information (e.g., data source path, polling configuration etc.) for different data visualizations of the [I]cacti[/I] app. CENSUS found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the 'General Administration>Sites/Devices/Data' permissions can configure the data source path in Cacti. This configuration occurs through [ICODE]http:///cacti/data_sources.php[/ICODE]. The same page can be used for previewing the data source path. This issue has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to upgrade should manually escape HTML output.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39516&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39516]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39516') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-r8qq-88g3-hmgv')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in maennchen1.De wpShopGermany – Protected Shops plugin <= 2.0 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39919&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39919]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39919') [MISC]('https://patchstack.com/database/vulnerability/wpshopgermany-protectedshops/wordpress-wpshopgermany-protected-shops-plugin-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ajay Lulia wSecure Lite plugin <= 2.5 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-39987&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-39987]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39987') [MISC]('https://patchstack.com/database/vulnerability/wsecure/wordpress-wsecure-lite-plugin-2-5-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Ujwol Bastakoti CT Commerce plugin <= 2.0.1 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40007&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40007]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40007') [MISC]('https://patchstack.com/database/vulnerability/ct-commerce/wordpress-ct-commerce-plugin-2-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post plugin <= 1.0.3 versions.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40206&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40206]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40206') [MISC]('https://patchstack.com/database/vulnerability/wp-404-auto-redirect-to-similar-post/wordpress-wp-404-auto-redirect-to-similar-post-plugin-1-0-3-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Carrrot plugin <= 1.1.0 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40328&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40328]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40328') [MISC]('https://patchstack.com/database/vulnerability/carrrot/wordpress-carrot-plugin-1-1-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPZest Custom Admin Login Page | WPZest plugin <= 1.2.0 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40329&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40329]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40329') [MISC]('https://patchstack.com/database/vulnerability/custom-admin-login-styler-wpzest/wordpress-custom-admin-login-page-wpzest-plugin-1-2-0-cross-site-scripting-xss-vulnerability?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gurcharan Singh Fitness calculators plugin plugin <= 2.0.7 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40552&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40552]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40552') [MISC]('https://patchstack.com/database/vulnerability/fitness-calculators/wordpress-fitness-calculators-plugin-plugin-2-0-7-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Greg Ross Schedule Posts Calendar plugin <= 5.2 versions.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-40560&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-40560]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-40560') [MISC]('https://patchstack.com/database/vulnerability/schedule-posts-calendar/wordpress-schedule-posts-calendar-plugin-5-2-cross-site-scripting-xss?_s_id=cve')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4253&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4253]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4253') [MISC]('https://wpscan.com/vulnerability/1cbbab9e-be3d-4081-bc0e-c52d500d9871')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The AI ChatBot WordPress plugin before 4.7.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4254&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4254]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4254') [MISC]('https://wpscan.com/vulnerability/0dfffe48-e60d-4bab-b194-8a63554246c3')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The 123.chat WordPress plugin before 1.3.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4298&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4298]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4298') [MISC]('https://wpscan.com/vulnerability/36285052-8464-4fd6-b4b1-c175e730edad')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The WordPress File Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 2.0.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.8]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4636&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4636]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4636') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/1df04293-87e9-4ab4-975d-54d36a993ab0?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset/2961909/user-private-files') [MISC]('https://github.com/xsn1210/vul2/blob/main/xss%5BWordPressFile%5D%20.md')[/TD] [/TR] [TR] [TD][LEFT]vm-memory_project -- vm-memory[/LEFT][/TD] [TD][LEFT]In a typical Virtual Machine Monitor (VMM) there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memory providers. An issue was discovered in the default implementations of the [ICODE]VolatileMemory::{get_atomic_ref, aligned_as_ref, aligned_as_mut, get_ref, get_array_ref}[/ICODE] trait functions, which allows out-of-bounds memory access if the [ICODE]VolatileMemory::get_slice[/ICODE] function returns a [ICODE]VolatileSlice[/ICODE] whose length is less than the function’s [ICODE]count[/ICODE] argument. No implementations of [ICODE]get_slice[/ICODE] provided in [ICODE]vm_memory[/ICODE] are affected. Users of custom [ICODE]VolatileMemory[/ICODE] implementations may be impacted if the custom implementation does not adhere to [ICODE]get_slice[/ICODE]'s documentation. The issue started in version 0.1.0 but was fixed in version 0.12.2 by inserting a check that verifies that the [ICODE]VolatileSlice[/ICODE] returned by [ICODE]get_slice[/ICODE] is of the correct length. Users are advised to upgrade. There are no known workarounds for this issue.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-41051&vector=CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-41051]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-41051') [MISC]('https://github.com/rust-vmm/vm-memory/commit/aff1dd4a5259f7deba56692840f7a2d9ca34c9c8') [MISC]('https://github.com/rust-vmm/vm-memory/security/advisories/GHSA-49hh-fprx-m68g') [MISC]('https://crates.io/crates/vm-memory/0.12.2')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper authorization vulnerability in FolderContainerDragDelegate in One UI Home prior to SMR Sep-2023 Release 1 allows physical attackers to change some settings of the folder lock.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.6]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30714&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N')[/CENTER][/TD] [TD][CVE-2023-30714]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30714') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47352&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-47352]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47352') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In vdsp device, there is a possible system crash due to improper input validation.This could lead to local denial of service with System execution privileges needed.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-47353&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-47353]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-47353') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In Ifaa service, there is a possible missing permission check. This could lead to local denial of service with System execution privileges needed.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48452&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48452]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48452') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-48453&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-48453]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-48453') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In cmdq, there is a possible out of bounds read due to an incorrect status check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08021592; Issue ID: ALPS08021592.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20823&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-20823]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20823') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017764.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20833&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20833]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20833') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In camsys, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07505629; Issue ID: ALPS07505629.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20836&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20836]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20836') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Insertion of sensitive information into log vulnerability in Locksettings prior to SMR Sep-2023 Release 1 allows a privileged local attacker to get lock screen match information from the log.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30721&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30721]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30721') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32807&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32807]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32807') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849751; Issue ID: ALPS07849751.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32808&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32808]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32808') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In bluetooth driver, there is a possible read and write access to registers due to improper access control of register interface. This could lead to local leak of sensitive information with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07849753; Issue ID: ALPS07849753.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32809&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32809]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32809') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32810&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32810]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32810') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017370; Issue ID: ALPS08017370.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32813&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32813]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32813') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08031947; Issue ID: ALPS08031947.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32814&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32814]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32814') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08037801; Issue ID: ALPS08037801.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32815&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32815]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32815') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044032.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32816&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32816]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32816') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: ALPS08044035.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-32817&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-32817]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32817') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38467&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38467]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38467') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]google -- android[/LEFT][/TD] [TD][LEFT]In urild service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-38468&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-38468]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38468') [MISC]('https://www.unisoc.com/en_us/secy/announcementDetail/https://www.unisoc.com/en_us/secy/announcementDetail/1698296481653522434')[/TD] [/TR] [TR] [TD][LEFT]motorola -- smartphone_firmware[/LEFT][/TD] [TD][LEFT]I some cases, when the device is USB-tethered to a host PC, and the device is sharing its mobile network connection with the host PC, if the user originates a call on the device, then the device's modem may reset and cause the phone call to not succeed. This may block the user from dialing emergency services. This patch resolves the device's modem reset issue.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-3407&vector=CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2022-3407]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-3407') [MISC]('https://en-us.support.motorola.com/app/answers/detail/a_id/175354')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An issue has been discovered in GitLab EE affecting all versions starting from 13.12 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1 in which a project member can leak credentials stored in site profile.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-4343&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2022-4343]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-4343') [MISC]('https://hackerone.com/reports/1767797') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/385124')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An issue has been discovered in GitLab affecting all versions starting from 10.0 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. Due to improper permission validation it was possible to edit labels description by an unauthorised user.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-0120&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-0120]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0120') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/387531') [MISC]('https://hackerone.com/reports/1818425')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A namespace-level banned user can access the API.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-1555&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-1555]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-1555') [MISC]('https://hackerone.com/reports/1911908') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/398587')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos[/LEFT][/TD] [TD][LEFT]A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may send a text from a secondary eSIM despite configuring a contact to use a primary eSIM.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28208&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-28208]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28208') [MISC]('https://support.apple.com/en-us/HT213605') [MISC]('https://support.apple.com/en-us/HT213606')[/TD] [/TR] [TR] [TD][LEFT]cacti -- cacti[/LEFT][/TD] [TD][LEFT]Cacti is an open source operational monitoring and fault management framework. There are two instances of insecure deserialization in Cacti version 1.2.24. While a viable gadget chain exists in Cacti’s vendor directory (phpseclib), the necessary gadgets are not included, making them inaccessible and the insecure deserializations not exploitable. Each instance of insecure deserialization is due to using the unserialize function without sanitizing the user input. Cacti has a “safe” deserialization that attempts to sanitize the content and check for specific values before calling unserialize, but it isn’t used in these instances. The vulnerable code lies in graphs_new.php, specifically within the host_new_graphs_save function. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30534&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-30534]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30534') [MISC]('https://github.com/Cacti/cacti/security/advisories/GHSA-77rf-774j-6h3p')[/TD] [/TR] [TR] [TD][LEFT]open_automation_software -- oas_platform[/LEFT][/TD] [TD][LEFT]An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-34994&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L')[/CENTER][/TD] [TD][CVE-2023-34994]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34994') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1773') [MISC]('https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1773')[/TD] [/TR] [TR] [TD][LEFT]open_automation_software -- oas_platform[/LEFT][/TD] [TD][LEFT]An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-35124&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-35124]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35124') [MISC]('https://talosintelligence.com/vulnerability_reports/TALOS-2023-1775') [MISC]('https://www.talosintelligence.com/vulnerability_reports/TALOS-2023-1775')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Profile Builder WordPress plugin before 3.9.8 lacks authorisation and CSRF in its page creation function which allows unauthenticated users to create the register, log-in and edit-profile pages from the plugin on the blog[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4059&vector=CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4059]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4059') [MISC]('https://wpscan.com/vulnerability/fc719d12-2f58-4d1f-b696-0f937e706842')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The User Activity Log WordPress plugin before 1.6.6 lacks proper authorisation when exporting its activity logs, allowing any authenticated users, such as subscriber to perform such action and retrieve PII such as email addresses.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4269&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4269]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4269') [MISC]('https://wpscan.com/vulnerability/db3e4336-117c-47f2-9b43-2ca115525297')[/TD] [/TR] [TR] [TD][LEFT]gitlab -- gitlab[/LEFT][/TD] [TD][LEFT]An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.8 before 16.1.5, all versions starting from 16.2 before 16.2.5, all versions starting from 16.3 before 16.3.1. A malicious Maintainer can, under specific circumstances, leak the sentry token by changing the configured URL in the Sentry error tracking settings page. This was as a result of an incomplete fix for CVE-2022-4365.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4378&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4378]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4378') [MISC]('https://hackerone.com/reports/2104591') [MISC]('https://gitlab.com/gitlab-org/gitlab/-/issues/422134')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]The Duplicate Post Page Menu & Custom Post Type plugin for WordPress is vulnerable to unauthorized page and post duplication due to a missing capability check on the duplicate_ppmc_post_as_draft function in versions up to, and including, 2.3.1. This makes it possible for authenticated attackers with subscriber access or higher to duplicate posts and pages.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][4.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4792&vector=CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-4792]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4792') [MISC]('https://plugins.trac.wordpress.org/browser/duplicate-post-page-menu-custom-post-type/trunk/duplicate-post-page-menu-cpt.php?rev=2871256#L383') [MISC]('https://www.wordfence.com/threat-intel/vulnerabilities/id/d6bb08e8-9ef5-41db-a111-c377a5dfae77?source=cve') [MISC]('https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2963515%40duplicate-post-page-menu-custom-post-type&new=2963515%40duplicate-post-page-menu-custom-post-type&sfp_email=&sfph_mail=')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- multiple_products[/LEFT][/TD] [TD][LEFT]An improper certificate validation vulnerability [CWE-295] in FortiManager 7.0.1 and below, 6.4.6 and below; FortiAnalyzer 7.0.2 and below, 6.4.7 and below; FortiOS 6.2.x and 6.0.x; FortiSandbox 4.0.x, 3.2.x and 3.1.x may allow a network adjacent and unauthenticated attacker to man-in-the-middle the communication between the listed products and some external peers.[/LEFT][/TD] [TD][CENTER]2023-09-01[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2022-22305&vector=CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N')[/CENTER][/TD] [TD][CVE-2022-22305]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22305') [MISC]('https://fortiguard.com/psirt/FG-IR-18-292')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326409.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20839&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20839]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20839') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20843&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20843]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20843') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354058; Issue ID: ALPS07340121.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20844&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20844]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20844') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07197795; Issue ID: ALPS07340357.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20845&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20845]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20845') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20846&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20846]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20846') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local denial of service with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354025; Issue ID: ALPS07340108.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4.2]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20847&vector=CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H')[/CENTER][/TD] [TD][CVE-2023-20847]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20847') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [TR] [TD][LEFT]yocto -- yocto[/LEFT][/TD] [TD][LEFT]In imgsys, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326418.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][4]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-20838&vector=CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-20838]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20838') [MISC]('https://corp.mediatek.com/product-security-bulletin/September-2023')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Low Vulnerabilities

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]adobe -- after_effects [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-43027&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD]F [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- premiere_pro [/LEFT][/TD] [TD][LEFT]Adobe Premiere Pro versions 22.0 (and earlier) and 15.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-43751&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-43751]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-43751') [MISC]('https://helpx.adobe.com/security/products/premiere_pro/apsb21-117.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- lightroom_desktop [/LEFT][/TD] [TD][LEFT]Adobe Lightroom versions 4.4 (and earlier) are affected by a use-after-free vulnerability in the processing of parsing TIF files that could result in privilege escalation. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-43753&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-43753]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-43753') [MISC]('https://helpx.adobe.com/security/products/lightroom/apsb21-119.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- after_effects [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44189&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-44189]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44189') [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- after_effects [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44190&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-44190]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44190') [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- after_effects [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44191&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-44191]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44191') [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- after_effects [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44192&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-44192]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44192') [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- after_effects [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44193&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-44193]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44193') [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- after_effects [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44194&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-44194]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44194') [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]adobe -- after_effects [/LEFT][/TD] [TD][LEFT]Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2021-44195&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2021-44195]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-44195') [MISC]('https://helpx.adobe.com/security/products/after_effects/apsb21-115.html')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos_ventura[/LEFT][/TD] [TD][LEFT]A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.3. An app may be able to read sensitive location information.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-28195&vector=CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-28195]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28195') [MISC]('https://support.apple.com/en-us/HT213670') [MISC]('https://support.apple.com/kb/HT213670')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper authentication in Phone and Messaging Storage SMR SEP-2023 Release 1 allows attacker to insert arbitrary data to the provider.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30711&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N')[/CENTER][/TD] [TD][CVE-2023-30711]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30711') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Improper access control vulnerability in Weather prior to SMR Sep-2023 Release 1 allows attackers to access location information set in Weather without permission.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30715&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30715]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30715') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Sensitive information exposure vulnerability in SVCAgent prior to SMR Sep-2023 Release 1 allows attackers to get unresettable identifiers.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30717&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30717]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30717') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- multiple_products[/LEFT][/TD] [TD][LEFT]Exposure of Sensitive Information vulnerability in InboundSmsHandler prior to SMR Sep-2023 Release 1 allows local attackers to access certain message data.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30719&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30719]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30719') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- gallery[/LEFT][/TD] [TD][LEFT]Improper authentication in GallerySearchProvider of Gallery prior to version 14.5.01.2 allows attacker to access search history.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER][3.3]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-30724&vector=CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-30724]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30724') [MISC]('https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress[/LEFT][/TD] [TD][LEFT]The Orders Tracking for WooCommerce WordPress plugin before 1.2.6 doesn't validate the file_url parameter when importing a CSV file, allowing high privilege users with the manage_woocommerce capability to access any file on the web server via a Traversal attack. The content retrieved is however limited to the first line of the file.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER][2.7]('https://nvd.nist.gov/cvss.cfm?version=2&name=CVE-2023-4216&vector=CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N')[/CENTER][/TD] [TD][CVE-2023-4216]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-4216') [MISC]('https://wpscan.com/vulnerability/8189afc4-17b3-4696-89e1-731011cb9e2b')[/TD] [/TR] [/TABLE][/CENTER]

Back to top

Severity Not Yet Assigned

[CENTER][TABLE] [TR] [TH]Primary Vendor -- Product[/TH] [TH]Description[/TH] [TH]Published[/TH] [TH]CVSS Score[/TH] [TH]Source & Patch Info[/TH] [/TR] [TR] [TD][LEFT]tripodworks_co._ltd. -- gigapod_officehard_appliance_model [/LEFT][/TD] [TD][LEFT]GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation. 8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2014-5329]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-5329') [MISC]('https://jvn.jp/en/jp/JVN23809730/')[/TD] [/TR] [TR] [TD][LEFT]searchblox -- searchblox [/LEFT][/TD] [TD][LEFT]SearchBlox before Version 9.2.1 is vulnerable to Privileged Escalation-Lower user is able to access Admin functionality.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-10129]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10129') [MISC]('https://developer.searchblox.com/v9.2/changelog/version-91')[/TD] [/TR] [TR] [TD][LEFT]searchblox -- searchblox [/LEFT][/TD] [TD][LEFT]SearchBlox before Version 9.1 is vulnerable to business logic bypass where the user is able to create multiple super admin users in the system.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-10130]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10130') [MISC]('https://developer.searchblox.com/v9.2/changelog/version-91')[/TD] [/TR] [TR] [TD][LEFT]searchblox -- searchblox [/LEFT][/TD] [TD][LEFT]SearchBlox before Version 9.2.1 is vulnerable to CSV macro injection in "Featured Results" parameter.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-10131]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10131') [MISC]('https://developer.searchblox.com/v9.2/changelog/version-921')[/TD] [/TR] [TR] [TD][LEFT]searchblox -- searchblox [/LEFT][/TD] [TD][LEFT]SearchBlox before Version 9.1 is vulnerable to cross-origin resource sharing misconfiguration.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2020-10132]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2020-10132') [MISC]('https://developer.searchblox.com/v9.2/changelog/version-91')[/TD] [/TR] [TR] [TD][LEFT]mofi_network -- mofi4500-4gxelte-v2 [/LEFT][/TD] [TD][LEFT]An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to bypass the authentication and execute arbitrary code via crafted HTTP request.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-27715]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-27715') [MISC]('https://www.nagarro.com/services/security/mofi-cve-security-advisory') [MISC]('http://mofi.com')[/TD] [/TR] [TR] [TD][LEFT]insyde_software -- h20fft [/LEFT][/TD] [TD][LEFT]An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-33834]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-33834') [MISC]('https://www.insyde.com/security-pledge') [MISC]('https://www.insyde.com/security-pledge/SA-2021004')[/TD] [/TR] [TR] [TD][LEFT]kodexplorer -- kodexplorer [/LEFT][/TD] [TD][LEFT]A Cross Site Scrtpting (XSS) vulnerability in KodExplorer 4.45 allows remote attackers to run arbitrary code via /index.php page.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-36646]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-36646') [MISC]('https://github.com/kalcaddle/KodExplorer/issues/482')[/TD] [/TR] [TR] [TD][LEFT]osticket -- osticket [/LEFT][/TD] [TD][LEFT]A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2021-45811]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2021-45811') [MISC]('http://enhancesoft.com') [MISC]('https://members.backbox.org/osticket-sql-injection/') [MISC]('http://osticket.com')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex [/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather or persuade a naive user to supply sensitive information. IBM X-Force ID: 222567.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-22401]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22401') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/222567') [MISC]('https://www.ibm.com/support/pages/node/7029681')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex [/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 222571.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-22402]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22402') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/222571') [MISC]('https://www.ibm.com/support/pages/node/7029681')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex [/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 222576.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-22405]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22405') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/222576') [MISC]('https://www.ibm.com/support/pages/node/7029681')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex [/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 could allow a remote attacker to gather sensitive information about the web application, caused by an insecure configuration. IBM X-Force ID: 222592.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-22409]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-22409') [MISC]('https://www.ibm.com/support/pages/node/7029681') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/222592')[/TD] [/TR] [TR] [TD][LEFT]qnap_systems_inc. -- qvr_pro_client [/LEFT][/TD] [TD][LEFT]An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors. We have already fixed the vulnerability in the following version: Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-27599]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-27599') [MISC]('https://www.qnap.com/en/security-advisory/qsa-23-08')[/TD] [/TR] [TR] [TD][LEFT]ibm -- security_directory_integrator [/LEFT][/TD] [TD][LEFT]IBM Security Directory Server 7.2.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view or write to arbitrary files on the system. IBM X-Force ID: 228579.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2022-33164]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2022-33164') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/228579') [MISC]('https://www.ibm.com/support/pages/node/7031021')[/TD] [/TR] [TR] [TD][LEFT]software_ag -- webmethods_onedata [/LEFT][/TD] [TD][LEFT]Version 10.11 of webMethods OneData runs an embedded instance of Azul Zulu Java 11.0.15 which hosts a Java RMI registry (listening on TCP port 2099 by default) and two RMI interfaces (listening on a single, dynamically assigned TCP high port). Port 2099 serves as a Java Remote Method Invocation (RMI) registry which allows for remotely loading and processing data via RMI interfaces. An unauthenticated attacker with network connectivity to the RMI registry and RMI interface ports can abuse this functionality to instruct the webMethods OneData application to load a malicious serialized Java object as a parameter to one of the available Java methods presented by the RMI interface. Once deserialized on the vulnerable server, the malicious code runs as whichever operating system account is used to run the software, which in most cases is the local System account on Windows.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-0925]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-0925') [MISC]('https://www.softwareag.com/en_corporate/platform/integration-apis/webmethods-integration.html')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_identity_services_engine_software [/LEFT][/TD] [TD][LEFT]A vulnerability in the Embedded Service Router (ESR) of Cisco ISE could allow an authenticated, local attacker to read, write, or delete arbitrary files on the underlying operating system and escalate their privileges to root. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ESR console. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges to root and read, write, or delete arbitrary files from the underlying operating system of the affected device. Note: The ESR is not enabled by default and must be licensed. To verify the status of the ESR in the Admin GUI, choose Administration > Settings > Protocols > IPSec.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20193]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20193') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- samsung_mobile_devices [/LEFT][/TD] [TD][LEFT]A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ERS API. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges beyond the sphere of their intended access level, which would allow them to obtain sensitive information from the underlying operating system. Note: The ERS is not enabled by default. To verify the status of the ERS API in the Admin GUI, choose Administration > Settings > API Settings > API Service Settings.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20194]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20194') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-priv-esc-KJLp2Aw')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_broadworks [/LEFT][/TD] [TD][LEFT]A vulnerability in the single sign-on (SSO) implementation of Cisco BroadWorks Application Delivery Platform and Cisco BroadWorks Xtended Services Platform could allow an unauthenticated, remote attacker to forge the credentials required to access an affected system. This vulnerability is due to the method used to validate SSO tokens. An attacker could exploit this vulnerability by authenticating to the application with forged credentials. A successful exploit could allow the attacker to commit toll fraud or to execute commands at the privilege level of the forged account. If that account is an Administrator account, the attacker would have the ability to view confidential information, modify customer settings, or modify settings for other users. To exploit this vulnerability, the attacker would need a valid user ID that is associated with an affected Cisco BroadWorks system.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20238]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20238') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-bw-auth-bypass-kCggMWhX')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_identity_services_engine_software [/LEFT][/TD] [TD][LEFT]A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause the affected system to stop processing RADIUS packets. This vulnerability is due to improper handling of certain RADIUS accounting requests. An attacker could exploit this vulnerability by sending a crafted authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). This would eventually result in the NAD sending a RADIUS accounting request packet to Cisco ISE. An attacker could also exploit this vulnerability by sending a crafted RADIUS accounting request packet to Cisco ISE directly if the RADIUS shared secret is known. A successful exploit could allow the attacker to cause the RADIUS process to unexpectedly restart, resulting in authentication or authorization timeouts and denying legitimate users access to the network or service. Clients already authenticated to the network would not be affected. Note: To recover the ability to process RADIUS packets, a manual restart of the affected Policy Service Node (PSN) may be required. For more information, see the Details ["#details"] section of this advisory.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20243]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20243') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-radius-dos-W7cNn7gt')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_small_business_rv_series_router_firmware [/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of requests that are sent to the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary code with root privileges on an affected device. To exploit this vulnerability, the attacker must have valid Administrator credentials on the affected device.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20250]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20250') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sb-rv-stack-SHYv2f5N')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_hyperflex_hx_data_platform [/LEFT][/TD] [TD][LEFT]A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the parameters in an HTTP request. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to redirect a user to a malicious website.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20263]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20263') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hyperflex-redirect-UxLgqdUF')[/TD] [/TR] [TR] [TD][LEFT]cisco -- cisco_adaptive_security_appliance_(asa)_software [/LEFT][/TD] [TD][LEFT]A vulnerability in the remote access VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct a brute force attack in an attempt to identify valid username and password combinations or an authenticated, remote attacker to establish a clientless SSL VPN session with an unauthorized user. This vulnerability is due to improper separation of authentication, authorization, and accounting (AAA) between the remote access VPN feature and the HTTPS management and site-to-site VPN features. An attacker could exploit this vulnerability by specifying a default connection profile/tunnel group while conducting a brute force attack or while establishing a clientless SSL VPN session using valid credentials. A successful exploit could allow the attacker to achieve one or both of the following: Identify valid credentials that could then be used to establish an unauthorized remote access VPN session. Establish a clientless SSL VPN session (only when running Cisco ASA Software Release 9.16 or earlier). Notes: Establishing a client-based remote access VPN tunnel is not possible as these default connection profiles/tunnel groups do not and cannot have an IP address pool configured. This vulnerability does not allow an attacker to bypass authentication. To successfully establish a remote access VPN session, valid credentials are required, including a valid second factor if multi-factor authentication (MFA) is configured. Cisco will release software updates that address this vulnerability. There are workarounds that address this vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-20269]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-20269') [MISC]('https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-ravpn-auth-8LyfCkeC')[/TD] [/TR] [TR] [TD][LEFT]electron -- electron [/LEFT][/TD] [TD][LEFT]Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. A Content-Security-Policy that disables eval, specifically setting a [ICODE]script-src[/ICODE] directive and [I]not[/I] providing [ICODE]unsafe-eval[/ICODE] in that directive, is not respected in renderers that have sandbox disabled. i.e., [ICODE]sandbox: false[/ICODE] in the [ICODE]webPreferences[/ICODE] object. This allows usage of methods like [ICODE]eval()[/ICODE] and [ICODE]new Function[/ICODE] unexpectedly which can result in an expanded attack surface. This issue only ever affected the 22 and 23 major versions of Electron and has been fixed in the latest versions of those release lines. Specifically, these versions contain the fixes: 22.0.1 and 23.0.0-alpha.2 We recommend all apps upgrade to the latest stable version of Electron. If upgrading isn't possible, this issue can be addressed without upgrading by enabling [ICODE]sandbox: true[/ICODE] on all renderers.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-23623]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-23623') [MISC]('https://github.com/electron/electron/security/advisories/GHSA-gxh7-wv9q-fwfr')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex [/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 does not restrict or incorrectly restricts access to a resource from an unauthorized actor. IBM X-Force ID: 246713.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-24965]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-24965') [MISC]('https://www.ibm.com/support/pages/node/7029681') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/246713')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_superset [/LEFT][/TD] [TD][LEFT]Improper data authorization check on Jinja templated queries in Apache Superset up to and including 2.1.0 allows for an authenticated user to issue queries on database tables they may not have access to.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-27523]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27523') [MISC]('https://lists.apache.org/thread/3y97nmwm956b6zg3l8dh9oj0w7dj945h')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_superset [/LEFT][/TD] [TD][LEFT]A non Admin authenticated user could incorrectly create resources using the import charts feature, on Apache Superset up to and including 2.1.0. [/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-27526]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-27526') [MISC]('https://lists.apache.org/thread/ndww89yl2jd98lvn23n9cj722lfdg8dv')[/TD] [/TR] [TR] [TD][LEFT]hcl_software -- hcl_domino_server [/LEFT][/TD] [TD][LEFT]In some configuration scenarios, the Domino server host name can be exposed. This information could be used to target future attacks.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-28010]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28010') [MISC]('https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0107388')[/TD] [/TR] [TR] [TD][LEFT]wordpress -- wordpress [/LEFT][/TD] [TD][LEFT]All of the above Aapna WordPress theme through 1.3, Anand WordPress theme through 1.2, Anfaust WordPress theme through 1.1, Arendelle WordPress theme before 1.1.13, Atlast Business WordPress theme through 1.5.8.5, Bazaar Lite WordPress theme before 1.8.6, Brain Power WordPress theme through 1.2, BunnyPressLite WordPress theme before 2.1, Cafe Bistro WordPress theme before 1.1.4, College WordPress theme before 1.5.1, Connections Reloaded WordPress theme through 3.1, Counterpoint WordPress theme through 1.8.1, Digitally WordPress theme through 1.0.8, Directory WordPress theme before 3.0.2, Drop WordPress theme before 1.22, Everse WordPress theme before 1.2.4, Fashionable Store WordPress theme through 1.3.4, Fullbase WordPress theme before 1.2.1, Ilex WordPress theme before 1.4.2, Js O3 Lite WordPress theme through 1.5.8.2, Js Paper WordPress theme through 2.5.7, Kata WordPress theme before 1.2.9, Kata App WordPress theme through 1.0.5, Kata Business WordPress theme through 1.0.2, Looki Lite WordPress theme before 1.3.0, moseter WordPress theme through 1.3.1, Nokke WordPress theme before 1.2.4, Nothing Personal WordPress theme through 1.0.7, Offset Writing WordPress theme through 1.2, Opor Ayam WordPress theme through 18, Pinzolo WordPress theme before 1.2.10, Plato WordPress theme before 1.1.9, Polka Dots WordPress theme through 1.2, Purity Of Soul WordPress theme through 1.9, Restaurant PT WordPress theme before 1.1.3, Saul WordPress theme before 1.1.0, Sean Lite WordPress theme before 1.4.6, Tantyyellow WordPress theme through 1.0.0.5, TIJAJI WordPress theme through 1.43, Tiki Time WordPress theme through 1.3, Tuaug4 WordPress theme through 1.4, Tydskrif WordPress theme through 1.1.3, UltraLight WordPress theme through 1.2, Venice Lite WordPress theme before 1.5.5, Viala WordPress theme through 1.3.1, viburno WordPress theme before 1.3.2, Wedding Bride WordPress theme before 1.0.2, Wlow WordPress theme before 1.2.7 suffer from the same issue about the search box reflecting the results causing XSS which allows an unauthenticated attacker to exploit against users if they click a malicious link.[/LEFT][/TD] [TD][CENTER]2023-09-04[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-2813]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-2813') [MISC]('https://wpscan.com/vulnerability/f434afd3-7de4-4bf4-a9bb-9f9aeaae1dc5')[/TD] [/TR] [TR] [TD][LEFT]qualcomm_inc -- snapdragon [/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-28544]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28544') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm_inc -- snapdragon [/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-28548]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28548') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm_inc -- snapdragon [/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-28549]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28549') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm_inc -- snapdragon [/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-28557]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28557') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]qualcomm_inc -- snapdragon [/LEFT][/TD] [TD][LEFT]Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-28560]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-28560') [MISC]('https://www.qualcomm.com/company/product-security/bulletins/september-2023-bulletin')[/TD] [/TR] [TR] [TD][LEFT]electron -- electron [/LEFT][/TD] [TD][LEFT]Electron is a framework which lets you write cross-platform desktop applications using JavaScript, HTML and CSS. Electron apps using [ICODE]contextIsolation[/ICODE] and [ICODE]contextBridge[/ICODE] are affected. This is a context isolation bypass, meaning that code running in the main world context in the renderer can reach into the isolated Electron context and perform privileged actions. This issue is only exploitable if an API exposed to the main world via [ICODE]contextBridge[/ICODE] can return an object or array that contains a javascript object which cannot be serialized, for instance, a canvas rendering context. This would normally result in an exception being thrown [ICODE]Error: object could not be cloned[/ICODE]. The app side workaround is to ensure that such a case is not possible. Ensure all values returned from a function exposed over the context bridge are supported. This issue has been fixed in versions [ICODE]25.0.0-alpha.2[/ICODE], [ICODE]24.0.1[/ICODE], [ICODE]23.2.3[/ICODE], and [ICODE]22.3.6[/ICODE].[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-29198]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-29198') [MISC]('https://github.com/electron/electron/security/advisories/GHSA-p7v2-p9m8-qqg7') [MISC]('https://www.electronjs.org/docs/latest/api/context-bridge#parameter--error--return-type-support')[/TD] [/TR] [TR] [TD][LEFT]samsung_mobile -- samsung_mobile_devices [/LEFT][/TD] [TD][LEFT]Improper export of android application components vulnerability in WifiApAutoHotspotEnablingActivity prior to SMR Sep-2023 Release 1 allows local attacker to change a Auto Hotspot setting.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-30718]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30718') [MISC]('https://security.samsungmobile.com/securityUpdate.smsb?year=2023&month=09')[/TD] [/TR] [TR] [TD][LEFT]mikrotik -- routeros [/LEFT][/TD] [TD][LEFT]The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-30800]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30800') [MISC]('https://vulncheck.com/advisories/mikrotik-jsproxy-dos')[/TD] [/TR] [TR] [TD][LEFT]hpe -- oneview [/LEFT][/TD] [TD][LEFT]Potential security vulnerability have been identified in Hewlett Packard Enterprise OneView Software. This vulnerability could be remotely exploited to allow authentication bypass, disclosure of sensitive information, and denial of service.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-30908]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30908') [MISC]('https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbgn04530en_us')[/TD] [/TR] [TR] [TD][LEFT]ibm -- aspera_faspex [/LEFT][/TD] [TD][LEFT]IBM Aspera Faspex 5.0.5 could allow a malicious actor to bypass IP whitelist restrictions using a specially crafted HTTP request. IBM X-Force ID: 254268.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-30995]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-30995') [MISC]('https://www.ibm.com/support/pages/node/7029681') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/254268')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- archer_c50 [/LEFT][/TD] [TD][LEFT]Multiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506', and Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616'.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-31188]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-31188') [MISC]('https://www.tp-link.com/jp/support/download/archer-c50/v3/#Firmware') [MISC]('https://jvn.jp/en/vu/JVNVU99392903/') [MISC]('https://www.tp-link.com/jp/support/download/archer-c55/#Firmware') [MISC]('https://www.tp-link.com/jp/support/download/archer-c20/v1/#Firmware')[/TD] [/TR] [TR] [TD][LEFT]wacom -- drivers_for_windows [/LEFT][/TD] [TD][LEFT]Wacom Drivers for Windows Incorrect Permission Assignment Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the WacomInstallI.txt file by the PrefUtil.exe utility. The issue results from incorrect permissions on the WacomInstallI.txt file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16318.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32162]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32162') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-23-741')[/TD] [/TR] [TR] [TD][LEFT]wacom -- drivers_for_windows [/LEFT][/TD] [TD][LEFT]Wacom Drivers for Windows Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Wacom Drivers for Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Tablet Service. By creating a symbolic link, an attacker can abuse the service to create a file. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-16857.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32163]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32163') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-23-742')[/TD] [/TR] [TR] [TD][LEFT]ibm -- maximo_asset_management [/LEFT][/TD] [TD][LEFT]IBM Maximo Application Suite 8.9, 8.10 and IBM Maximo Asset Management 7.6.1.2, 7.6.1.3 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 255072.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32332]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32332') [MISC]('https://www.ibm.com/support/pages/node/7030367') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/255072') [MISC]('https://www.ibm.com/support/pages/node/7030926')[/TD] [/TR] [TR] [TD][LEFT]dell -- dell_digital_delivery [/LEFT][/TD] [TD][LEFT]Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32470]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32470') [MISC]('https://www.dell.com/support/kbdoc/en-us/000216243/dsa-2023-224')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- archer_c50 [/LEFT][/TD] [TD][LEFT]Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505' and Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506' use hard-coded credentials to login to the affected device, which may allow a network-adjacent unauthenticated attacker to execute an arbitrary OS command.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32619]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32619') [MISC]('https://www.tp-link.com/jp/support/download/archer-c50/v3/#Firmware') [MISC]('https://jvn.jp/en/vu/JVNVU99392903/') [MISC]('https://www.tp-link.com/jp/support/download/archer-c55/#Firmware')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_superset [/LEFT][/TD] [TD][LEFT]An Incorrect authorization check in SQLLab in Apache Superset versions up to and including 2.1.0. This vulnerability allows an authenticated user to query tables that they do not have proper access to within Superset. The vulnerability can be exploited by leveraging a SQL parsing vulnerability.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-32672]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-32672') [MISC]('https://lists.apache.org/thread/ococ6nlj80f0okkwfwpjczy3q84j3wkp')[/TD] [/TR] [TR] [TD][LEFT]cloud_foundry -- routing [/LEFT][/TD] [TD][LEFT]Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34041]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34041') [MISC]('https://www.cloudfoundry.org/blog/abuse-of-http-hop-by-hop-headers-in-cloud-foundry-gorouter/')[/TD] [/TR] [TR] [TD][LEFT]isarnet_ag -- isarflow [/LEFT][/TD] [TD][LEFT]A stored cross-site scripting (XSS) vulnerability in IsarNet AG IsarFlow v5.23 allows authenticated attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the dashboard title parameter in the IsarFlow Portal.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-34637]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-34637') [MISC]('https://www.mgm-sp.com/en/isarflow-xss-vulnerability/')[/TD] [/TR] [TR] [TD][LEFT]manageengine -- adselfservice_plus [/LEFT][/TD] [TD][LEFT]ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Password Reset Portal used by the GINA client. The issue results from the lack of proper authentication of data received via HTTP. An attacker can leverage this vulnerability to bypass authentication and execute code in the context of SYSTEM. Was ZDI-CAN-17009.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-35719]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-35719') [MISC]('https://www.zerodayinitiative.com/advisories/ZDI-23-891')[/TD] [/TR] [TR] [TD][LEFT]mysten_labs -- sui [/LEFT][/TD] [TD][LEFT]Mysten Labs Sui blockchain v1.2.0 was discovered to contain a stack overflow via the component /spec/openrpc.json.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36184]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36184') [MISC]('https://github.com/move-language/move/issues/1059') [MISC]('https://medium.com/@Beosin_com/critical-vulnerability-in-move-vm-can-cause-total-network-shutdown-and-potential-hard-fork-in-sui-49d0d942801c') [MISC]('https://github.com/MystenLabs/sui/commit/8b681515c0cf435df2a54198a28ab4ef574d202b') [MISC]('https://github.com/aptos-labs/aptos-core/commit/47a0391c612407fe0b1051ef658a29e35d986963')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_superset [/LEFT][/TD] [TD][LEFT]An improper default REST API permission for Gamma users in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma user to test database connections.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36387]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36387') [MISC]('https://lists.apache.org/thread/tt6s6hm8nv6s11z8bfsk3r3d9ov0ogw3')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_superset [/LEFT][/TD] [TD][LEFT]Improper REST API permission in Apache Superset up to and including 2.1.0 allows for an authenticated Gamma users to test network connections, possible SSRF.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36388]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36388') [MISC]('https://lists.apache.org/thread/ccmjjz4jp17yc2kcd18qshmdtf7qorfs')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- tl-wr802n [/LEFT][/TD] [TD][LEFT]Multiple TP-LINK products allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: TL-WR802N firmware versions prior to 'TL-WR802N(JP)_V4_221008', TL-WR841N firmware versions prior to 'TL-WR841N(JP)_V14_230506', and TL-WR902AC firmware versions prior to 'TL-WR902AC(JP)_V3_230506'.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36489]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36489') [MISC]('https://www.tp-link.com/jp/support/download/tl-wr902ac/#Firmware') [MISC]('https://www.tp-link.com/jp/support/download/tl-wr802n/#Firmware') [MISC]('https://www.tp-link.com/jp/support/download/tl-wr841n/v14/#Firmware') [MISC]('https://jvn.jp/en/vu/JVNVU99392903/')[/TD] [/TR] [TR] [TD][LEFT]fortinet -- fortiswitchmanager [/LEFT][/TD] [TD][LEFT]An improper access control in Fortinet FortiSwitchManager version 7.2.0 through 7.2.2 7.0.0 through 7.0.1 may allow a remote authenticated read-only user to modify the interface settings via the API.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-36635]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-36635') [MISC]('https://fortiguard.com/psirt/FG-IR-22-174')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- archer_c20 [/LEFT][/TD] [TD][LEFT]Improper authentication vulnerability in Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616' allows a network-adjacent unauthenticated attacker to execute an arbitrary OS command via a crafted request to bypass authentication.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37284]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37284') [MISC]('https://jvn.jp/en/vu/JVNVU99392903/') [MISC]('https://www.tp-link.com/jp/support/download/archer-c20/v1/#Firmware')[/TD] [/TR] [TR] [TD][LEFT]samsung-- exynos [/LEFT][/TD] [TD][LEFT]An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37367]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37367') [MISC]('https://semiconductor.samsung.com/support/quality-support/product-security-updates/')[/TD] [/TR] [TR] [TD][LEFT]samsung-- exynos [/LEFT][/TD] [TD][LEFT]An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37368]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37368') [MISC]('https://semiconductor.samsung.com/support/quality-support/product-security-updates/')[/TD] [/TR] [TR] [TD][LEFT]samsung-- exynos [/LEFT][/TD] [TD][LEFT]An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37377]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37377') [MISC]('https://semiconductor.samsung.com/support/quality-support/product-security-updates/')[/TD] [/TR] [TR] [TD][LEFT]cloudflare -- warp_client [/LEFT][/TD] [TD][LEFT]Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access to the device, could extend the maximum allowed disconnected time of WARP client granted by an override code by changing the date & time on the local device where WARP is running.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3747]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3747') [MISC]('https://play.google.com/store/apps/details?id=com.cloudflare.onedotonedotonedotone') [MISC]('https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/configure-warp/warp-settings/#retrieve-the-override-code')[/TD] [/TR] [TR] [TD][LEFT]crypto_currency_tracker -- crypto_currency_tracker [/LEFT][/TD] [TD][LEFT]Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37759]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37759') [MISC]('https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html') [MISC]('https://tregix.com/') [MISC]('https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008')[/TD] [/TR] [TR] [TD][LEFT]linux -- kernel [/LEFT][/TD] [TD][LEFT]A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-3777]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-3777') [MISC]('https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8') [MISC]('https://kernel.dance/6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8') [MISC]('https://www.debian.org/security/2023/dsa-5492')[/TD] [/TR] [TR] [TD][LEFT]vanderbilt -- redcap [/LEFT][/TD] [TD][LEFT]A stored cross-site scripting (XSS) vulnerability in the new REDCap project creation function of Vanderbilt REDCap 13.1.35 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the project title parameter.[/LEFT][/TD] [TD][CENTER]2023-09-07[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37798]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37798') [MISC]('http://vanderbilt.com') [MISC]('https://www.cyderes.com/blog/cve-2023-37798-stored-cross-site-scripting-in-vanderbilt-redcap/') [MISC]('http://redcap.com')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_superset [/LEFT][/TD] [TD][LEFT]If an attacker gains write access to the Apache Superset metadata database, they could persist a specifically crafted Python object that may lead to remote code execution on Superset's web backend. This vulnerability impacts Apache Superset versions 1.5.0 up to and including 2.1.0.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-37941]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-37941') [MISC]('https://lists.apache.org/thread/6qk1zscc06yogxxfgz2bh2bvz6vh9g7h')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- aruba_9200/9000 [/LEFT][/TD] [TD][LEFT]Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in the affected controller leading to complete system compromise.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38484]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38484') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-014.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- aruba_9200/9000 [/LEFT][/TD] [TD][LEFT]Vulnerabilities exist in the BIOS implementation of Aruba 9200 and 9000 Series Controllers and Gateways that could allow an attacker to execute arbitrary code early in the boot sequence. An attacker could exploit this vulnerability to gain access to and change underlying sensitive information in the affected controller leading to complete system compromise.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38485]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38485') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-014.txt')[/TD] [/TR] [TR] [TD][LEFT]hewlett_packard_enterprise -- aruba_9200/9000 [/LEFT][/TD] [TD][LEFT]A vulnerability in the secure boot implementation on affected Aruba 9200 and 9000 Series Controllers and Gateways allows an attacker to bypass security controls which would normally prohibit unsigned kernel images from executing. An attacker can use this vulnerability to execute arbitrary runtime operating systems, including unverified and unsigned OS images.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38486]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38486') [MISC]('https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2023-014.txt')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- archer_c1200 [/LEFT][/TD] [TD][LEFT]Archer C1200 firmware versions prior to 'Archer C1200(JP)_V2_230508' and Archer C9 firmware versions prior to 'Archer C9(JP)_V3_230508' allow a network-adjacent unauthenticated attacker to execute arbitrary OS commands.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38563]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38563') [MISC]('https://www.tp-link.com/jp/support/download/archer-c9/v3/#Firmware') [MISC]('https://www.tp-link.com/jp/support/download/archer-c1200/#Firmware') [MISC]('https://jvn.jp/en/vu/JVNVU99392903/')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- archer_a10 [/LEFT][/TD] [TD][LEFT]Archer A10 firmware versions prior to 'Archer A10(JP)_V2_230504' allows a network-adjacent unauthenticated attacker to execute arbitrary OS commands.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38568]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38568') [MISC]('https://www.tp-link.com/jp/support/download/archer-a10/#Firmware') [MISC]('https://jvn.jp/en/vu/JVNVU99392903/')[/TD] [/TR] [TR] [TD][LEFT]i-pro_co_ltd -- vi_web_client [/LEFT][/TD] [TD][LEFT]Open redirect vulnerability in VI Web Client prior to 7.9.6 allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted URL.[/LEFT][/TD] [TD][CENTER]2023-09-05[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38574]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38574') [MISC]('https://downloadvi.com/downloads/IPServer/v7.9/796232/v796232RN.pdf') [MISC]('https://jvn.jp/en/jp/JVN60140221/')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- archer_c3150 [/LEFT][/TD] [TD][LEFT]Archer C3150 firmware versions prior to 'Archer C3150(JP)_V2_230511' allows a network-adjacent authenticated attacker to execute arbitrary OS commands.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38588]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38588') [MISC]('https://www.tp-link.com/jp/support/download/archer-c3150/#Firmware') [MISC]('https://jvn.jp/en/vu/JVNVU99392903/')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos [/LEFT][/TD] [TD][LEFT]This issue was addressed with improved redaction of sensitive information. This issue is fixed in macOS Ventura 13.5. An app may be able to determine a user’s current location.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38605]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38605') [MISC]('https://support.apple.com/en-us/HT213843') [MISC]('https://support.apple.com/kb/HT213842') [MISC]('https://support.apple.com/kb/HT213844')[/TD] [/TR] [TR] [TD][LEFT]apple -- macos [/LEFT][/TD] [TD][LEFT]A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38616]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38616') [MISC]('https://support.apple.com/en-us/HT213843')[/TD] [/TR] [TR] [TD][LEFT]ibm -- qradar_wincollect_agent [/LEFT][/TD] [TD][LEFT]IBM QRadar WinCollect Agent 10.0 through 10.1.6, when installed to run as ADMIN or SYSTEM, is vulnerable to a local escalation of privilege attack that a normal user could utilize to gain SYSTEM permissions. IBM X-Force ID: 262542.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-38736]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-38736') [MISC]('https://exchange.xforce.ibmcloud.com/vulnerabilities/262542') [MISC]('https://www.ibm.com/support/pages/node/7030703')[/TD] [/TR] [TR] [TD][LEFT]general_motors -- chevrolet_equinox_2021_software [/LEFT][/TD] [TD][LEFT]Injecting random data into the USB memory area on a General Motors (GM) Chevrolet Equinox 2021 Software. 2021.03.26 (build version) vehicle causes a Denial of Service (DoS) in the in-car infotainment system.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39076]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39076') [MISC]('https://blog.jhyeon.dev/posts/vuln/202307/gm-chevrolet/')[/TD] [/TR] [TR] [TD][LEFT]tp-link -- archer_c5 [/LEFT][/TD] [TD][LEFT]Archer C5 firmware all versions and Archer C7 firmware versions prior to 'Archer C7(JP)_V2_230602' allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Note that Archer C5 is no longer supported, therefore the update for this product is not provided.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39224]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39224') [MISC]('https://www.tp-link.com/jp/support/download/archer-c7/v2/#Firmware') [MISC]('https://jvn.jp/en/vu/JVNVU99392903/')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_superset [/LEFT][/TD] [TD][LEFT]By default, stack traces for errors were enabled, which resulted in the exposure of internal traces on REST API endpoints to users. This vulnerability exists in Apache Superset versions up to and including 2.1.0.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39264]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39264') [MISC]('https://lists.apache.org/thread/y65t1of7hb445n86o1vdzjct7rfwlx75')[/TD] [/TR] [TR] [TD][LEFT]oracle -- apache_superset [/LEFT][/TD] [TD][LEFT]Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is using a SQLite database for its metadata (not advised for production use) it could result in more severe vulnerabilities related to confidentiality and integrity. This vulnerability exists in Apache Superset versions up to and including 2.1.0.[/LEFT][/TD] [TD][CENTER]2023-09-06[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39265]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39265') [MISC]('https://lists.apache.org/thread/pwdzsdmv4g5g1n2h9m7ortfnxmhr7nfy')[/TD] [/TR] [TR] [TD][LEFT]go_standard_library -- html_template [/LEFT][/TD] [TD][LEFT]The html/template package does not properly handle HTML-like "" comment tokens, nor hashbang "#!" comment tokens, in contexts. This may cause the template parser to improperly interpret the contents of contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.[/LEFT][/TD] [TD][CENTER]2023-09-08[/CENTER][/TD] [TD][CENTER]not yet calculated[/CENTER][/TD] [TD][CVE-2023-39318]('https://nvd.nist.gov/nvd.cfm?cvename=CVE-2023-39318') [MISC]('https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ') [MISC]('https://pkg.go.dev/vuln/GO-2023-2041') [MISC]('https://go.dev/cl/526156') [MISC]('https://go.dev/issue/62196')[/TD] [/TR] [TR] [TD][LEFT]go_standard_library -- html_template [/LEFT][/TD] [TD][LEFT]The html/template package does not apply the proper rules for handling occurrences of "