π¨ CVE-2023-33299
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed.
π@cveNotify
A deserialization of untrusted data in Fortinet FortiNAC below 7.2.1, below 9.4.3, below 9.2.8 and all earlier versions of 8.x allows attacker to execute unauthorized code or commands via specifically crafted request on inter-server communication port. Note FortiNAC versions 8.x will not be fixed.
π@cveNotify
FortiGuard Labs
PSIRT | FortiGuard Labs
None
π¨ CVE-2023-32464
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victimβs data in transit.
π@cveNotify
Dell VxRail, versions prior to 7.0.450, contain an improper certificate validation vulnerability. A high privileged remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victimβs data in transit.
π@cveNotify
π¨ CVE-2023-32463
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
π@cveNotify
Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction.
π@cveNotify
Dell
DSA-2023-200: Security Update for Dell VxRail for Multiple Third-Party Component Vulnerabilities | Dell US
Dell VxRail remediation is available for multiple security vulnerabilities that may be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-31469
A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles.
The issue is resolved by upgrading to StreamPipes 0.92.0.
π@cveNotify
A REST interface in Apache StreamPipes (versions 0.69.0 to 0.91.0) was not properly restricted to admin-only access. This allowed a non-admin user with valid login credentials to elevate privileges beyond the initially assigned roles.
The issue is resolved by upgrading to StreamPipes 0.92.0.
π@cveNotify
π¨ CVE-2023-31975
yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c.
π@cveNotify
yasm v1.3.0 was discovered to contain a memory leak via the function yasm_intnum_copy at /libyasm/intnum.c.
π@cveNotify
GitHub
yasm memory leak Β· Issue #210 Β· yasm/yasm
I found a memory leak bug in yasm. Please confirm. Thanks! Test Environment Ubuntu 20.04, 64 bit yasm (version: v1.3.0 ;master) How to trigger Compile the program with AddressSanitizer Run command ...
π¨ CVE-2023-25936
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28056
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28052
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28041
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28035
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28028
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-25937
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28054
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28042
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28040
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28039
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28033
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28032
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28030
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-28029
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable
π@cveNotify
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable
π@cveNotify
Dell
DSA-2023-099: Dell Client BIOS Security Update for Multiple Improper Input Validation Vulnerabilities | Dell US
Dell Client BIOS remediations are available for multiple improper input validation vulnerabilities that could be exploited by malicious users to compromise the affected system.
π¨ CVE-2023-3381
A vulnerability classified as problematic was found in SourceCodester Online School Fees System 1.0. Affected by this vulnerability is an unknown functionality of the file /paysystem/datatable.php of the component GET Parameter Handler. The manipulation of the argument doj leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-232237 was assigned to this vulnerability.
π@cveNotify
A vulnerability classified as problematic was found in SourceCodester Online School Fees System 1.0. Affected by this vulnerability is an unknown functionality of the file /paysystem/datatable.php of the component GET Parameter Handler. The manipulation of the argument doj leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-232237 was assigned to this vulnerability.
π@cveNotify
GitHub
CVEReport/XSS2.md at main Β· M9KJ-TEAM/CVEReport
Contribute to M9KJ-TEAM/CVEReport development by creating an account on GitHub.