π¨ CVE-2023-40997
Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via a crafted packet.
π@cveNotify
Buffer Overflow vulnerability in O-RAN Software Community ric-plt-lib-rmr v.4.9.0 allows a remote attacker to cause a denial of service via a crafted packet.
π@cveNotify
π¨ CVE-2023-40857
Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.
π@cveNotify
Buffer Overflow vulnerability in VirusTotal yara v.4.3.2 allows a remote attacker to execute arbtirary code via the yr_execute_cod function in the exe.c component.
π@cveNotify
GitHub
heap-buffer-overflow libyara/exec.c:1426 in yr_execute_code Β· Issue #1945 Β· VirusTotal/yara
Describe the bug AddressSanitizer: heap-buffer-overflow libyara/exec.c:1426 in yr_execute_code To Reproduce Steps to reproduce the behavior: 1, compile yara with asan: ./configure CC=gcc CXX=g++ CF...
π¨ CVE-2023-40828
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function.
π@cveNotify
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the expandIfZip method in the extract function.
π@cveNotify
GitHub
Add security checks to prevent directory traversal when decompressing⦠by afeng2016-s · Pull Request #537 · pf4j/pf4j
This is a PR submission for #536
To verify that there is a directory traversal risk when unzipping the zip file, I test in FileUtilsTest.java.
1.Using the zipslip vulnerability, create a zip file.S...
To verify that there is a directory traversal risk when unzipping the zip file, I test in FileUtilsTest.java.
1.Using the zipslip vulnerability, create a zip file.S...
π¨ CVE-2023-40827
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter.
π@cveNotify
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the loadpluginPath parameter.
π@cveNotify
GitHub
Add security checks to prevent directory traversal when decompressing⦠by afeng2016-s · Pull Request #537 · pf4j/pf4j
This is a PR submission for #536
To verify that there is a directory traversal risk when unzipping the zip file, I test in FileUtilsTest.java.
1.Using the zipslip vulnerability, create a zip file.S...
To verify that there is a directory traversal risk when unzipping the zip file, I test in FileUtilsTest.java.
1.Using the zipslip vulnerability, create a zip file.S...
π¨ CVE-2023-40826
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter.
π@cveNotify
An issue in pf4j pf4j v.3.9.0 and before allows a remote attacker to obtain sensitive information and execute arbitrary code via the zippluginPath parameter.
π@cveNotify
GitHub
The method of extracting the zip file has a path traversal vulnerability Β· Issue #536 Β· pf4j/pf4j
description Dear project developers, I use SpringBoot and pf4j to implement the system's extension plug-in function, the use of zip or jar package format is very easy to expand the system. When...
π¨ CVE-2023-40825
An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list.
π@cveNotify
An issue in Perfree PerfreeBlog v.3.1.2 allows a remote attacker to execute arbitrary code via crafted plugin listed in admin/plugin/access/list.
π@cveNotify
GitHub
The uploaded malicious plug-in is parsed and the command is executed Β· Issue #15 Β· perfree/PerfreeBlog
Vulnerability information PerfreeBlog implements the extension plug-in function based on SpringBoot and pf4j. After the plug-in is developed, it is packaged as a jar package, which can be directly ...
π¨ CVE-2023-40781
Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function.
π@cveNotify
Buffer Overflow vulnerability in Libming Libming v.0.4.8 allows a remote attacker to cause a denial of service via a crafted .swf file to the makeswf function.
π@cveNotify
GitHub
heap-buffer-overflow in r_readc() at fromswf.c:264 Β· Issue #288 Β· libming/libming
A heap buffer overflow occurs when makeswf parse a invalid swf file, and the filename extension is .swf. Test Environment Ubuntu 20.04, 64 bit libming (master 04aee52) Steps to reproduce compile li...
π¨ CVE-2023-39059
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter.
π@cveNotify
An issue in ansible semaphore v.2.8.90 allows a remote attacker to execute arbitrary code via a crafted payload to the extra variables parameter.
π@cveNotify
Gist
CVE-2023-39059
CVE-2023-39059. GitHub Gist: instantly share code, notes, and snippets.
π¨ CVE-2023-34725
An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows physical attackers to gain escalated privileges via a telnet connection.
π@cveNotify
An issue was discovered in TechView LA-5570 Wireless Gateway 1.0.19_T53, allows physical attackers to gain escalated privileges via a telnet connection.
π@cveNotify
Jaycar
Wireless Gateway Home Automation Controller | Jaycar Australia
Have you ever dreamt of controlling your homes lighting and appliances remotely? Have you ever wanted to turn your homes lights and appliances off and...
π¨ CVE-2023-34724
An issue was discovered in TECHView LA5570 Wireless Gateway 1.0.19_T53, allows physical attackers to gain escalated privileges via the UART interface.
π@cveNotify
An issue was discovered in TECHView LA5570 Wireless Gateway 1.0.19_T53, allows physical attackers to gain escalated privileges via the UART interface.
π@cveNotify
Jaycar
Wireless Gateway Home Automation Controller | Jaycar Australia
Have you ever dreamt of controlling your homes lighting and appliances remotely? Have you ever wanted to turn your homes lights and appliances off and...
π¨ CVE-2023-39650
Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single.
π@cveNotify
Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single.
π@cveNotify
Friends-Of-Presta Security Advisories
[CVE-2023-39650] Improper neutralization of SQL parameters in Theme Volty CMS Blog module for PrestaShop
In the module βTheme Volty CMS Blogβ (tvcmsblog) up to versions 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
π¨ CVE-2023-28980
A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after specific CLI command is issued. This issue is more likely to occur in a scenario with high route scale (>1M routes).
This issue affects:
Juniper Networks Junos OS
* 20.2 version 20.2R3-S5 and later versions prior to 20.2R3-S6;
* 20.3 version 20.3R3-S2 and later versions prior to 20.3R3-S5;
* 20.4 version 20.4R3-S1 and later versions prior to 20.4R3-S4
* 21.1 version 21.1R3 and later versions prior to 21.1R3-S3;
* 21.2 version 21.2R1-S2, 21.2R2-S1 and later versions prior to 21.2R3-S2;
* 21.3 version 21.3R2 and later versions prior to 21.3R3;
* 21.4 versions prior to 21.4R2-S1, 21.4R3;
* 22.1 versions prior to 22.1R2.
Juniper Networks Junos OS Evolved
* 20.4-EVO version 20.4R3-S1-EVO and later versions prior to 20.4R3-S6-EVO;
* 21.2-EVO version 21.2R1-S2-EVO and later versions prior to 21.2R3-S4-EVO;
* 21.3-EVO version 21.3R2-EVO and later versions prior to 21.3R3-S1-EVO;
* 21.4-EVO versions prior to 21.4R2-S1-EVO, 21.4R3-EVO;
* 22.1-EVO versions prior to 22.1R2-EVO.
π@cveNotify
A Use After Free vulnerability in the routing protocol daemon of Juniper Networks Junos OS and Junos OS Evolved allows a locally authenticated attacker with low privileges to cause Denial of Service (DoS). In a rib sharding scenario the rpd process will crash shortly after specific CLI command is issued. This issue is more likely to occur in a scenario with high route scale (>1M routes).
This issue affects:
Juniper Networks Junos OS
* 20.2 version 20.2R3-S5 and later versions prior to 20.2R3-S6;
* 20.3 version 20.3R3-S2 and later versions prior to 20.3R3-S5;
* 20.4 version 20.4R3-S1 and later versions prior to 20.4R3-S4
* 21.1 version 21.1R3 and later versions prior to 21.1R3-S3;
* 21.2 version 21.2R1-S2, 21.2R2-S1 and later versions prior to 21.2R3-S2;
* 21.3 version 21.3R2 and later versions prior to 21.3R3;
* 21.4 versions prior to 21.4R2-S1, 21.4R3;
* 22.1 versions prior to 22.1R2.
Juniper Networks Junos OS Evolved
* 20.4-EVO version 20.4R3-S1-EVO and later versions prior to 20.4R3-S6-EVO;
* 21.2-EVO version 21.2R1-S2-EVO and later versions prior to 21.2R3-S4-EVO;
* 21.3-EVO version 21.3R2-EVO and later versions prior to 21.3R3-S1-EVO;
* 21.4-EVO versions prior to 21.4R2-S1-EVO, 21.4R3-EVO;
* 22.1-EVO versions prior to 22.1R2-EVO.
π@cveNotify
π¨ CVE-2023-40254
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
π@cveNotify
Download of Code Without Integrity Check vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Malicious Software Update.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
π@cveNotify
Genians Documentation
GN-SA-2023-001: Genian NAC - Multiple Vulnerabilities
λ μ§: 2023λ
08μ 01μΌ. μν₯λ: λμ. λ΄μ©: μ§λμΈμ€ μ
λ°μ΄νΈ μλ²μμ μλ μ·¨μ½μ μ λ°κ²¬νμ¬ μ‘°μΉλ₯Ό μ§ννμΌλ©° μΆκ°μ μΌλ‘ μ ν 보μμ± κ°νλ₯Ό μν 보μ μ
λ°μ΄νΈλ₯Ό λ°ννμ΅λλ€. ν΄λΉ λ²μ μ μ¬μ©νλ μ΄μ©μλ€μ μ΅μ λ²μ μΌλ‘ μ
λ°μ΄νΈλ₯Ό κΆκ³ ν©λλ€. νλ¬Έ λ
ΈμΆ μ·¨μ½μ (CVE-2023-40251), λΉμΈκ° μ€ν¬λ¦½νΈ μ€ν μ·¨μ½μ (CVE-2023-40252), λΆμ μ ν μΈμ¦ μ·¨μ½μ (CVE-2023-40253), λ¬΄κ²°μ± κ²μ¦ λ―Έν‘ μ·¨μ½μ (CVE-2023β¦
π¨ CVE-2023-40253
Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
π@cveNotify
Improper Authentication vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Authentication Abuse.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
π@cveNotify
Genians Documentation
GN-SA-2023-001: Genian NAC - Multiple Vulnerabilities
λ μ§: 2023λ
08μ 01μΌ. μν₯λ: λμ. λ΄μ©: μ§λμΈμ€ μ
λ°μ΄νΈ μλ²μμ μλ μ·¨μ½μ μ λ°κ²¬νμ¬ μ‘°μΉλ₯Ό μ§ννμΌλ©° μΆκ°μ μΌλ‘ μ ν 보μμ± κ°νλ₯Ό μν 보μ μ
λ°μ΄νΈλ₯Ό λ°ννμ΅λλ€. ν΄λΉ λ²μ μ μ¬μ©νλ μ΄μ©μλ€μ μ΅μ λ²μ μΌλ‘ μ
λ°μ΄νΈλ₯Ό κΆκ³ ν©λλ€. νλ¬Έ λ
ΈμΆ μ·¨μ½μ (CVE-2023-40251), λΉμΈκ° μ€ν¬λ¦½νΈ μ€ν μ·¨μ½μ (CVE-2023-40252), λΆμ μ ν μΈμ¦ μ·¨μ½μ (CVE-2023-40253), λ¬΄κ²°μ± κ²μ¦ λ―Έν‘ μ·¨μ½μ (CVE-2023β¦
π¨ CVE-2023-40252
Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
π@cveNotify
Improper Control of Generation of Code ('Code Injection') vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Replace Trusted Executable.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
π@cveNotify
π¨ CVE-2023-40251
Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
π@cveNotify
Missing Encryption of Sensitive Data vulnerability in Genians Genian NAC V4.0, Genians Genian NAC V5.0, Genians Genian NAC Suite V5.0, Genians Genian ZTNA allows Man in the Middle Attack.This issue affects Genian NAC V4.0: from V4.0.0 through V4.0.155; Genian NAC V5.0: from V5.0.0 through V5.0.42 (Revision 117460); Genian NAC Suite V5.0: from V5.0.0 through V5.0.54; Genian ZTNA: from V6.0.0 through V6.0.15.
π@cveNotify
π¨ CVE-2023-1995
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.
π@cveNotify
Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before 10-06-02; HiRDB Server With Addtional Function: before 09-60-2M, before 09-65-/W; HiRDB Structured Data Access Facility: before 09-60-39, before 10-03-12, before 10-04-06, before 10-06-02.
π@cveNotify
Hitachi
hitachi-sec-2023-133: Vulnerability in HiRDB
A Vulnerability (CVE-2023-1995) have been found in HiRDB.
π¨ CVE-2023-0664
A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.
π@cveNotify
A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.
π@cveNotify
π¨ CVE-2023-3354
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
π@cveNotify
A flaw was found in the QEMU built-in VNC server. When a client connects to the VNC server, QEMU checks whether the current number of connections crosses a certain threshold and if so, cleans up the previous connection. If the previous connection happens to be in the handshake phase and fails, QEMU cleans up the connection again, resulting in a NULL pointer dereference issue. This could allow a remote unauthenticated client to cause a denial of service.
π@cveNotify
π¨ CVE-2023-3180
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.
π@cveNotify
A flaw was found in the QEMU virtual crypto device while handling data encryption/decryption requests in virtio_crypto_handle_sym_req. There is no check for the value of `src_len` and `dst_len` in virtio_crypto_sym_op_helper, potentially leading to a heap buffer overflow when the two values differ.
π@cveNotify
π¨ CVE-2023-41361
An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.
π@cveNotify
An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version.
π@cveNotify
GitHub
bgpd: Check the length of the rcv software version by ton31337 Β· Pull Request #14241 Β· FRRouting/frr
Make sure we don't exceed the maximum of BGP_MAX_SOFT_VERSION.
The Capability Length SHOULD be no greater than 64.
Reported-by: Iggy Frankovic iggyfran@amazon.com
The Capability Length SHOULD be no greater than 64.
Reported-by: Iggy Frankovic iggyfran@amazon.com