βΌ CVE-2023-5175 βΌ
π Read
via "National Vulnerability Database".
During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulnerability affects Firefox < 118.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-41067 βΌ
π Read
via "National Vulnerability Database".
A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may bypass Gatekeeper checks.π Read
via "National Vulnerability Database".
βΌ CVE-2023-43857 βΌ
π Read
via "National Vulnerability Database".
Dreamer CMS v4.1.3 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the component /admin/u/toIndex.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41981 βΌ
π Read
via "National Vulnerability Database".
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations.π Read
via "National Vulnerability Database".
βΌ CVE-2023-44122 βΌ
π Read
via "National Vulnerability Database".
The vulnerability is to theft of arbitrary files with system privilege in the LockScreenSettings ("com.lge.lockscreensettings") app in the "com/lge/lockscreensettings/dynamicwallpaper/MyCategoryGuideActivity.java" file. The main problem is that the app launches implicit intents that can be intercepted by third-party apps installed on the same device. They also can return arbitrary data that will be passed to the "onActivityResult()" method. The LockScreenSettings app copies the received file to the "/data/shared/dw/mycategory/wallpaper_01.png" path and then changes the file access mode to world-readable and world-writable.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41335 βΌ
π Read
via "National Vulnerability Database".
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabilitiesΓ’β¬βit already learns the users' passwords as part of the authentication processΓ’β¬βit does disrupt the expectation that passwords won't be stored in the database. As a result, these passwords could inadvertently be captured in database backups for a longer duration. These temporarily stored passwords are automatically erased after a 48-hour window. This issue has been addressed in version 1.93.0. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41070 βΌ
π Read
via "National Vulnerability Database".
A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access sensitive data logged when a user shares a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-43775 βΌ
π Read
via "National Vulnerability Database".
Denial-of-service vulnerability in the web server of the Eaton SMP SG-4260 allows attacker to potentially force an unexpected restart of the SMP Gatewayautomation platform, impacting the availability of the product. In rare situations, the issue could causethe SMP device to restart in Safe Mode or Max Safe Mode. When in Max Safe Mode, the product isnot vulnerable anymore.π Read
via "National Vulnerability Database".
βΌ CVE-2023-44127 βΌ
π Read
via "National Vulnerability Database".
he vulnerability is that the Call management ("com.android.server.telecom") app patched by LG launches implicit intents that disclose sensitive data to all third-party apps installed on the same device. Those intents include data such as contact details and phone numbers.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5157 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-44016 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10U v1.0 US_AC10UV1.0RTL_V15.03.06.49_multi_TDE01 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.π Read
via "National Vulnerability Database".
βΌ CVE-2023-43614 βΌ
π Read
via "National Vulnerability Database".
Cross-site scripting vulnerability in Order Data Edit page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28490 βΌ
π Read
via "National Vulnerability Database".
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Estatik Estatik Mortgage Calculator plugin <=Γ 2.0.7 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-44124 βΌ
π Read
via "National Vulnerability Database".
The vulnerability is to theft of arbitrary files with system privilege in the Screen recording ("com.lge.gametools.gamerecorder") app in the "com/lge/gametools/gamerecorder/settings/ProfilePreferenceFragment.java" file. The main problem is that the app launches implicit intents that can be intercepted by third-party apps installed on the same device. They also can return arbitrary data that will be passed to the "onActivityResult()" method. The Screen recording app saves contents of arbitrary URIs to SD card which is a world-readable storage.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41962 βΌ
π Read
via "National Vulnerability Database".
Cross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page.π Read
via "National Vulnerability Database".
βΌ CVE-2023-44128 βΌ
π Read
via "National Vulnerability Database".
he vulnerability is to delete arbitrary files in LGInstallService ("com.lge.lginstallservies") app. The app contains the exported "com.lge.lginstallservies.InstallService" service that exposes an AIDL interface. All its "installPackage*" methods are finally calling the "installPackageVerify()" method that performs signature validation after the delete file method. An attacker can control conditions so this security check is never performed and an attacker-controlled file is deleted.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40676 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jason Crouse, VeronaLabs Slimstat Analytics plugin <=Γ 5.0.8 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-43646 βΌ
π Read
via "National Vulnerability Database".
get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service (redos) vulnerability which may lead to a denial of service when parsing malicious input. This vulnerability can be exploited when there is an imbalance in parentheses, which results in excessive backtracking and subsequently increases the CPU load and processing time significantly. This vulnerability can be triggered using the following input: '\t'.repeat(54773) + '\t/function/i'. This issue has been addressed in commit `f934b228b` which has been included in releases from 2.0.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40663 βΌ
π Read
via "National Vulnerability Database".
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Rextheme WP VR plugin <=Γ 8.3.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41306 βΌ
π Read
via "National Vulnerability Database".
Vulnerability of mutex management in the bone voice ID trusted application (TA) module. Successful exploitation of this vulnerability may cause the bone voice ID feature to be unavailable.π Read
via "National Vulnerability Database".
βΌ CVE-2023-43232 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in the Website column management function of DedeBIZ v6.2.11 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the title parameter.π Read
via "National Vulnerability Database".