βΌ CVE-2023-3584 βΌ
π Read
via "National Vulnerability Database".
Mattermost fails to properly check the authorization ofΓ POST /api/v4/teams when passing a team override scheme ID in the request,Γ allowing an authenticated attacker with knowledge of a Team Override Scheme ID to create a new team with said team override scheme.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34669 βΌ
π Read
via "National Vulnerability Database".
TOTOLINK CP300+ V5.2cu.7594 contains a Denial of Service vulnerability in function RebootSystem of the file lib/cste_modules/system which can reboot the system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3614 βΌ
π Read
via "National Vulnerability Database".
Mattermost fails to properly validate a gif image file, allowing an attacker toΓ consume a significant amount of server resources, making the server unresponsive for an extended period of time byΓ linking to specially crafted image file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3582 βΌ
π Read
via "National Vulnerability Database".
Mattermost fails to verify channel membership when linking a board to a channel allowing a low-privileged authenticated user to link a Board to a private channel they don't have access to,Γ π Read
via "National Vulnerability Database".
βΌ CVE-2023-3593 βΌ
π Read
via "National Vulnerability Database".
Mattermost fails to properly validate markdown, allowing an attacker to crash the server via a specially crafted markdown input.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37475 βΌ
π Read
via "National Vulnerability Database".
Hamba avro is a go lang encoder/decoder implementation of the avro codec specification. In affected versions a well-crafted string passed to avro's `github.com/hamba/avro/v2.Unmarshal()` can throw a `fatal error: runtime: out of memory` which is unrecoverable and can cause denial of service of the consumer of avro. The root cause of the issue is that avro uses part of the input to `Unmarshal()` to determine the size when creating a new slice and hence an attacker may consume arbitrary amounts of memory which in turn may cause the application to crash. This issue has been addressed in commit `b4a402f4` which has been included in release version `2.13.0`. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37384 βΌ
π Read
via "National Vulnerability Database".
A remote command execution (RCE) vulnerability in the web interface component of Furukawa 423-41W/AC before v1.1.4 and LD421-21W before v1.3.3 allows unauthenticated attackers to send arbitrary commands to the device via unspecified vectors.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38403 βΌ
π Read
via "National Vulnerability Database".
iperf3 before 3.14 allows peers to cause an integer overflow and heap corruption via a crafted length field.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37769 βΌ
π Read
via "National Vulnerability Database".
stress-test master commit e4c878 was discovered to contain a FPE vulnerability via the component combine_inner at /pixman-combine-float.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37266 βΌ
π Read
via "National Vulnerability Database".
CasaOS is an open-source Personal Cloud system. Unauthenticated attackers can craft arbitrary JWTs and access features that usually require authentication and execute arbitrary commands as `root` on CasaOS instances. This problem was addressed by improving the validation of JWTs in commit `705bf1f`. This patch is part of CasaOS 0.4.4. Users should upgrade to CasaOS 0.4.4. If they can't, they should temporarily restrict access to CasaOS to untrusted users, for instance by not exposing it publicly.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38404 βΌ
π Read
via "National Vulnerability Database".
The XPRTLD web application in Veritas InfoScale Operations Manager (VIOM) before 8.0.0.410 allows an authenticated attacker to upload all types of files to the server. An authenticated attacker can then execute the malicious file to perform command execution on the remote server.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28864 βΌ
π Read
via "National Vulnerability Database".
Progress Chef Infra Server before 15.7 allows a local attacker to exploit a /var/opt/opscode/local-mode-cache/backup world-readable temporary backup path to access sensitive information, resulting in the disclosure of all indexed node data, because OpenSearch credentials are exposed. (The data typically includes credentials for additional systems.) The attacker must wait for an admin to run the "chef-server-ctl reconfigure" command.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38405 βΌ
π Read
via "National Vulnerability Database".
On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37461 βΌ
π Read
via "National Vulnerability Database".
Metersphere is an opensource testing framework. Files uploaded to Metersphere may define a `belongType` value with a relative path like `../../../../` which may cause metersphere to attempt to overwrite an existing file in the defined location or to create a new file. Attackers would be limited to overwriting files that the metersphere process has access to. This issue has been addressed in version 2.10.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37265 βΌ
π Read
via "National Vulnerability Database".
CasaOS is an open-source Personal Cloud system. Due to a lack of IP address verification an unauthenticated attackers can execute arbitrary commands as `root` on CasaOS instances. The problem was addressed by improving the detection of client IP addresses in `391dd7f`. This patch is part of CasaOS 0.4.4. Users should upgrade to CasaOS 0.4.4. If they can't, they should temporarily restrict access to CasaOS to untrusted users, for instance by not exposing it publicly.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37781 βΌ
π Read
via "National Vulnerability Database".
An issue in the emqx_sn plugin of EMQX v4.3.8 allows attackers to execute a directory traversal via uploading a crafted .txt file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37770 βΌ
π Read
via "National Vulnerability Database".
faust commit ee39a19 was discovered to contain a stack overflow via the component boxppShared::print() at /boxes/ppbox.cpp.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34142 βΌ
π Read
via "National Vulnerability Database".
Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before 8.8.5-02.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3709 βΌ
π Read
via "National Vulnerability Database".
The Royal Elementor Addons plugin for WordPress is vulnerable to unauthenticated API key disclosure in versions up to, and including, 1.3.70 due to the plugin adding the API key to the source code of any page running the MailChimp block. This makes it possible for unauthenticated attackers to obtain a site's MailChimp API key. We recommend resetting any MailChimp API keys if running a vulnerable version of this plugin with the MailChimp block enabled as the API key may have been compromised.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38431 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38428 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the Linux kernel before 6.3.4. fs/ksmbd/smb2pdu.c in ksmbd does not properly check the UserName value because it does not consider the address of security buffer, leading to an out-of-bounds read.π Read
via "National Vulnerability Database".