‼ CVE-2023-37224 ‼
📖 Read
via "National Vulnerability Database".
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via the log files.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36835 ‼
📖 Read
via "National Vulnerability Database".
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on QFX10000 Series allows a network based attacker to cause a Denial of Service (DoS).If a specific valid IP packet is received and that packet needs to be routed over a VXLAN tunnel, this will result in a PFE wedge condition due to which traffic gets impacted. As this is not a crash and restart scenario, this condition will persist until the system is rebooted to recover.This issue affects Juniper Networks Junos OS on QFX10000:20.3 version 20.3R1 and later versions;20.4 versions prior to 20.4R3-S5;21.1 versions prior to 21.1R3-S5;21.2 versions prior to 21.2R3-S5;21.3 versions prior to 21.3R3-S4;21.4 versions prior to 21.4R3-S1;22.1 versions prior to 22.1R3;22.2 versions prior to 22.2R2;22.3 versions prior to 22.3R1-S2, 22.3R2.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36836 ‼
📖 Read
via "National Vulnerability Database".
A Use of an Uninitialized Resource vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, authenticated attacker with low privileges to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved platforms, in a Multicast only Fast Reroute (MoFRR) scenario, the rpd process can crash when a a specific low privileged CLI command is executed. The rpd crash will impact all routing protocols until the process has automatically been restarted. As the operational state which makes this issue exploitable is outside the attackers control, this issue is considered difficult to exploit. Continued execution of this command will lead to a sustained DoS.This issue affects:Juniper Networks Junos OS19.4 version 19.4R3-S5 and later versions prior to 19.4R3-S9;20.1 version 20.1R2 and later versions;20.2 versions prior to 20.2R3-S7;20.3 versions prior to 20.3R3-S5;20.4 versions prior to 20.4R3-S6;21.1 versions prior to 21.1R3-S4;21.2 versions prior to 21.2R3-S2;21.3 versions prior to 21.3R3-S1;21.4 versions prior to 21.4R3;22.1 versions prior to 22.1R1-S2, 22.1R2;22.2 versions prior to 22.2R2.Juniper Networks Junos OS EvolvedAll versions prior to 20.4R3-S6-EVO;21.1-EVO version 21.1R1-EVO and later versions;21.2-EVO version 21.2R1-EVO and later versions;21.3-EVO versions prior to 21.3R3-S1-EVO;21.4-EVO versions prior to 21.4R3-EVO;22.1-EVO versions prior to 22.1R1-S2-EVO, 22.1R2-EVO;22.2-EVO versions prior to 22.2R2-EVO.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36888 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge for Android (Chromium-based) Tampering Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24896 ‼
📖 Read
via "National Vulnerability Database".
Dynamics 365 Finance Spoofing Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2023-32760 ‼
📖 Read
via "National Vulnerability Database".
An issue in Archer Platform before v.6.13 fixed in v.6.12.0.6 and v.6.13.0 allows an authenticated attacker to obtain sensitive information via API calls related to data feeds and data publication.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36840 ‼
📖 Read
via "National Vulnerability Database".
A Reachable Assertion vulnerability in Routing Protocol Daemon (RPD) of Juniper Networks Junos OS and Junos OS Evolved allows a locally-based, low-privileged attacker to cause a Denial of Service (DoS).On all Junos OS and Junos OS Evolved, when a specific L2VPN command is run, RPD will crash and restart. Continued execution of this specific command will create a sustained Denial of Service (DoS) condition.This issue affects:Juniper Networks Junos OSAll versions prior to 19.3R3-S10;20.1 versions prior to 20.1R3-S4;20.2 versions prior to 20.2R3-S6;20.3 versions prior to 20.3R3-S6;20.4 versions prior to 20.4R3-S5;21.1 versions prior to 21.1R3-S4;21.2 versions prior to 21.2R3-S3;21.3 versions prior to 21.3R3-S2;21.4 versions prior to 21.4R3;22.1 versions prior to 22.1R3;22.2 versions prior to 22.2R2;22.3 versions prior to 22.3R2;Juniper Networks Junos OS EvolvedAll versions prior to 20.4R3-S7-EVO;21.1 versions prior to 21.1R3-S3-EVO;21.2 versions prior to 21.2R3-S5-EVO;21.3 versions prior to 21.3R3-S4-EVO;21.4 versions prior to 21.4R3-EVO;22.1 versions prior to 22.1R3-EVO;22.2 versions prior to 22.2R2-EVO;22.3 versions prior to 22.3R2-EVO;📖 Read
via "National Vulnerability Database".
🦿 Scarleteel Threat Targets AWS Fargate, Launches DDoS and Cryptojacking Campaigns 🦿
📖 Read
via "Tech Republic".
The Scarleteel threat targets AWS Fargate environments for data theft and more malicious types of attacks such as cryptojacking and DDoS. Learn how to mitigate this threat.📖 Read
via "Tech Republic".
TechRepublic
Scarleteel Threat Targets AWS Fargate, Launches DDoS and Cryptojacking Campaigns
Read more about the Scarleteel threat, which targets AWS Fargate environments for malicious types of attacks such as cryptojacking and DDoS.
‼ CVE-2023-34236 ‼
📖 Read
via "National Vulnerability Database".
Weave GitOps Terraform Controller (aka Weave TF-controller) is a controller for Flux to reconcile Terraform resources in a GitOps way. A vulnerability has been identified in Weave GitOps Terraform Controller which could allow an authenticated remote attacker to view sensitive information. This vulnerability stems from Weave GitOps Terraform Runners (`tf-runner`), where sensitive data is inadvertently printed - potentially revealing sensitive user data in their pod logs. In particular, functions `tfexec.ShowPlan`, `tfexec.ShowPlanRaw`, and `tfexec.Output` are implicated when the `tfexec` object set its `Stdout` and `Stderr` to be `os.Stdout` and `os.Stderr`. An unauthorized remote attacker could exploit this vulnerability by accessing these prints of sensitive information, which may contain configurations or tokens that could be used to gain unauthorized control or access to resources managed by the Terraform controller. A successful exploit could allow the attacker to utilize this sensitive data, potentially leading to unauthorized access or control of the system. This vulnerability has been addressed in Weave GitOps Terraform Controller versions `v0.14.4` and `v0.15.0-rc.5`. Users are urged to upgrade to one of these versions to mitigate the vulnerability. As a temporary measure until the patch can be applied, users can add the environment variable `DISABLE_TF_LOGS` to the tf-runners via the runner pod template of the Terraform Custom Resource. This will prevent the logging of sensitive information and mitigate the risk of this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36818 ‼
📖 Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37793 ‼
📖 Read
via "National Vulnerability Database".
WAYOS FBM-291W 19.09.11V was discovered to contain a buffer overflow via the component /upgrade_filter.asp.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-38337 ‼
📖 Read
via "National Vulnerability Database".
rswag before 2.10.1 allows remote attackers to read arbitrary JSON and YAML files via directory traversal, because rswag-api can expose a file that is not the OpenAPI (or Swagger) specification file of a project.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37268 ‼
📖 Read
via "National Vulnerability Database".
Warpgate is an SSH, HTTPS and MySQL bastion host for Linux that doesn't need special client apps. When logging in as a user with SSO enabled an attacker may authenticate as an other user. Any user account which does not have a second factor enabled could be compromised. This issue has been addressed in commit `8173f6512a` and in releases starting with version 0.7.3. Users are advised to upgrade. Users unable to upgrade should require their users to use a second factor in authentication.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37794 ‼
📖 Read
via "National Vulnerability Database".
WAYOS FBM-291W 19.09.11V was discovered to contain a command injection vulnerability via the component /upgrade_filter.asp.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-38336 ‼
📖 Read
via "National Vulnerability Database".
netkit-rcp in rsh-client 0.17-24 allows command injection via filenames because /bin/sh is used by susystem, a related issue to CVE-2006-0225, CVE-2019-7283, and CVE-2020-15778.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36466 ‼
📖 Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-3678 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester AC Repair and Services System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=delete_inquiry of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-234223.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-3680 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Lost and Found Information System 1.0. This affects an unknown part of the file /classes/Master.php?f=save_item of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-234225 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-3679 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Lost and Found Information System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=save_inquiry of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-234224.📖 Read
via "National Vulnerability Database".
👏1
‼ CVE-2023-3682 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in Nesote Inout Blockchain EasyPayments 1.0. Affected is an unknown function of the file /index.php/payment/getcoinaddress of the component POST Parameter Handler. The manipulation of the argument coinid leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-234228. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-30791 ‼
📖 Read
via "National Vulnerability Database".
Plane version 0.7.1-dev allows an attacker to change the avatar of his profile, which allows uploading files with HTML extension that interprets both HTML and JavaScript.📖 Read
via "National Vulnerability Database".