βΌ CVE-2023-39600 βΌ
π Read
via "National Vulnerability Database".
IceWarp 11.4.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the color parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24621 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Esoteric YamlBeans through 1.15. It allows untrusted deserialisation to Java classes by default, where the data and class are controlled by the author of the YAML document being processed.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40579 βΌ
π Read
via "National Vulnerability Database".
OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. Some end users of OpenFGA v1.3.0 or earlier are vulnerable to authorization bypass when calling the ListObjects API. The vulnerability affects customers using `ListObjects` with specific models. The affected models contain expressions of type `rel1 from type1`. This issue has been patched in version 1.3.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32678 βΌ
π Read
via "National Vulnerability Database".
Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. Users who used to be subscribed to a private stream and have been removed from it since retain the ability to edit messages/topics, move messages to other streams, and delete messages that they used to have access to, if other relevant organization permissions allow these actions. For example, a user may be able to edit or delete their old messages they posted in such a private stream. An administrator will be able to delete old messages (that they had access to) from the private stream. This issue was fixed in Zulip Server version 7.3.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40164 βΌ
π Read
via "National Vulnerability Database".
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `nsCodingStateMachine::NextStater`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37249 βΌ
π Read
via "National Vulnerability Database".
Infoblox NIOS through 8.5.1 has a faulty component that accepts malicious input without sanitization, resulting in shell access.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40585 βΌ
π Read
via "National Vulnerability Database".
ironic-image is a container image to run OpenStack Ironic as part of MetalΓΒ³. Prior to version capm3-v1.4.3, if Ironic is not deployed with TLS and it does not have API and Conductor split into separate services, access to the API is not protected by any authentication. Ironic API is also listening in host network. In case the node is not behind a firewall, the API could be accessed by anyone via network without authentication. By default, Ironic API in Metal3 is protected by TLS and basic authentication, so this vulnerability requires operator to configure API without TLS for it to be vulnerable. TLS and authentication however should not be coupled as they are in versions prior to capm3-v1.4.3. A patch exists in versions capm3-v1.4.3 and newer. Some workarounds are available. Either configure TLS for Ironic API (`deploy.sh -t ...`, `IRONIC_TLS_SETUP=true`) or split Ironic API and Conductor via configuration change (old implementation, not recommended). With both workarounds, services are configured with httpd front-end, which has proper authentication configuration in place.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40587 βΌ
π Read
via "National Vulnerability Database".
Pyramid is an open source Python web framework. A path traversal vulnerability in Pyramid versions 2.0.0 and 2.0.1 impacts users of Python 3.11 that are using a Pyramid static view with a full filesystem path and have a `index.html` file that is located exactly one directory above the location of the static view's file system path. No further path traversal exists, and the only file that could be disclosed accidentally is `index.html`. Pyramid version 2.0.2 rejects any path that contains a null-byte out of caution. While valid in directory/file names, we would strongly consider it a mistake to use null-bytes in naming files/directories. Secondly, Python 3.11, and 3.12 has fixed the underlying issue in `os.path.normpath` to no longer truncate on the first `0x00` found, returning the behavior to pre-3.11 Python, un an as of yet unreleased version. Fixes will be available in:Python 3.12.0rc2 and 3.11.5. Some workarounds are available. Use a version of Python 3 that is not affected, downgrade to Python 3.10 series temporarily, or wait until Python 3.11.5 is released and upgrade to the latest version of Python 3.11 series.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38712 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKMP SA, such as a duplicated Delete/Notify message, a NULL pointer dereference on the deleted state causes the pluto daemon to crash and restart.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41080 βΌ
π Read
via "National Vulnerability Database".
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92.The vulnerability is limited to the ROOT (default) web application.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40036 βΌ
π Read
via "National Vulnerability Database".
Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in `CharDistributionAnalysis::HandleOneChar`. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time of publication, no known patches are available in existing versions of Notepad++.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38710 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payload's protocol ID is copied from the incoming packet, but the code that verifies outgoing packets fails an assertion that the protocol ID must be ESP (2) or AH(3) and causes the pluto daemon to crash and restart. NOTE: the earliest affected version is 3.20.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36198 βΌ
π Read
via "National Vulnerability Database".
Buffer Overflow vulnerability in skalenetwork sgxwallet v.1.9.0 allows an attacker to cause a denial of service via the trustedBlsSignMessage function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27932 βΌ
π Read
via "National Vulnerability Database".
Stormshield Network Security (SNS) VPN SSL Client 2.1.0 through 2.8.0 has Insecure Permissions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40571 βΌ
π Read
via "National Vulnerability Database".
weblogic-framework is a tool for detecting weblogic vulnerabilities. Versions 0.2.3 and prior do not verify the returned data packets, and there is a deserialization vulnerability which may lead to remote code execution. When weblogic-framework gets the command echo, it directly deserializes the data returned by the server without verifying it. At the same time, the classloader loads a lot of deserialization calls. In this case, the malicious serialized data returned by the server will cause remote code execution. Version 0.2.4 contains a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40580 βΌ
π Read
via "National Vulnerability Database".
Freighter is a Stellar chrome extension. It may be possible for a malicious website to access the recovery mnemonic phrase when the Freighter wallet is unlocked. This vulnerability impacts access control to the mnemonic recovery phrase. This issue was patched in version 5.3.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40586 βΌ
π Read
via "National Vulnerability Database".
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library. Due to the misuse of `log.Fatalf`, the application using coraza crashed after receiving crafted requests from attackers. The application will immediately crash after receiving a malicious request that triggers an error in `mime.ParseMediaType`. This issue was patched in version 3.0.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40568 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** GitHub has been informed that the requestor is working with another CNA for these vulnerabilities.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39707 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in Free and Open Source Inventory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Add Expense parameter under the Expense section.π Read
via "National Vulnerability Database".
π¦Ώ Cisco Talos Research: New Lazarus Group Attack Malware Campaign Hits UK & US Businesses π¦Ώ
π Read
via "Tech Republic".
The Cisco Talos report exposes new malware used by the group to target Internet backbone infrastructure and healthcare organizations in the U.K. and the U.S.π Read
via "Tech Republic".
TechRepublic
Cisco Talos Research: New Lazarus Group Attack Malware Campaign Hits UK & US Businesses
The Cisco Talos report exposes new malware used by the group to target Internet backbone infrastructure and healthcare organizations in the U.K. and the U.S.
βΌ CVE-2023-39289 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6.2208.101 could allow an unauthenticated attacker to conduct an account enumeration attack due to improper configuration. A successful exploit could allow an attacker to access system information.π Read
via "National Vulnerability Database".