๐จ CVE-2023-40353
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.
๐@cveNotify
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.
๐@cveNotify
Samsung Semiconductor Global
Product Security Update | Support | Samsung Semiconductor Global
Samsung semiconductor values product security. Check out the latest product security update at Samsung Semiconductor Global.
๐ฅ1
๐จ CVE-2023-32470
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
๐@cveNotify
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
๐@cveNotify
Dell
DSA-2023-224: Security Update for a Dell Digital Delivery Service Vulnerability | Dell US
Dell Digital Delivery remediation is available for a vulnerability in Dell Digital Delivery Service that could be exploited by malicious users to compromise the affected system during installation.
๐จ CVE-2023-41775
Improper access control vulnerability in 'direct' Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. of the device where the product is installed without the user's consent.
๐@cveNotify
Improper access control vulnerability in 'direct' Desktop App for macOS ver 2.6.0 and earlier allows a local attacker to bypass access restriction and to use camrea, microphone, etc. of the device where the product is installed without the user's consent.
๐@cveNotify
jvn.jp
JVN#42691027: "direct" Desktop App for macOS fails to restrict access permissions
Japan Vulnerability Notes
๐จ CVE-2023-34041
Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.
๐@cveNotify
Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affect the identification value recorded in the logs in foundations.
๐@cveNotify
Cloud Foundry
CVE-2023-34041-Abuse of HTTP Hop-by-Hop Headers in Cloud Foundry Gorouter | Cloud Foundry
Severity Medium Vendor Cloud Foundry Description Cloud foundry routing release versions prior to 0.278.0 are vulnerable to abuse of HTTP Hop-by-Hop Headers. An unauthenticated attacker can use this vulnerability for headers like B3 or X-B3-SpanID to affectโฆ
๐จ CVE-2023-32470
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
๐@cveNotify
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
๐@cveNotify
Dell
DSA-2023-224: Security Update for a Dell Digital Delivery Service Vulnerability | Dell US
Dell Digital Delivery remediation is available for a vulnerability in Dell Digital Delivery Service that could be exploited by malicious users to compromise the affected system during installation.
๐จ CVE-2023-4807
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that might corrupt the internal state of applications on the
Windows 64 platform when running on newer X86_64 processors supporting the
AVX512-IFMA instructions.
Impact summary: If in an application that uses the OpenSSL library an attacker
can influence whether the POLY1305 MAC algorithm is used, the application
state might be corrupted with various application dependent consequences.
The POLY1305 MAC (message authentication code) implementation in OpenSSL does
not save the contents of non-volatile XMM registers on Windows 64 platform
when calculating the MAC of data larger than 64 bytes. Before returning to
the caller all the XMM registers are set to zero rather than restoring their
previous content. The vulnerable code is used only on newer x86_64 processors
supporting the AVX512-IFMA instructions.
The consequences of this kind of internal application state corruption can
be various - from no consequences, if the calling application does not
depend on the contents of non-volatile XMM registers at all, to the worst
consequences, where the attacker could get complete control of the application
process. However given the contents of the registers are just zeroized so
the attacker cannot put arbitrary values inside, the most likely consequence,
if any, would be an incorrect result of some application dependent
calculations or a crash leading to a denial of service.
The POLY1305 MAC algorithm is most frequently used as part of the
CHACHA20-POLY1305 AEAD (authenticated encryption with associated data)
algorithm. The most common usage of this AEAD cipher is with TLS protocol
versions 1.2 and 1.3 and a malicious client can influence whether this AEAD
cipher is used by the server. This implies that server applications using
OpenSSL can be potentially impacted. However we are currently not aware of
any concrete application that would be affected by this issue therefore we
consider this a Low severity security issue.
As a workaround the AVX512-IFMA instructions support can be disabled at
runtime by setting the environment variable OPENSSL_ia32cap:
OPENSSL_ia32cap=:~0x200000
The FIPS provider is not affected by this issue.
๐@cveNotify
Issue summary: The POLY1305 MAC (message authentication code) implementation
contains a bug that might corrupt the internal state of applications on the
Windows 64 platform when running on newer X86_64 processors supporting the
AVX512-IFMA instructions.
Impact summary: If in an application that uses the OpenSSL library an attacker
can influence whether the POLY1305 MAC algorithm is used, the application
state might be corrupted with various application dependent consequences.
The POLY1305 MAC (message authentication code) implementation in OpenSSL does
not save the contents of non-volatile XMM registers on Windows 64 platform
when calculating the MAC of data larger than 64 bytes. Before returning to
the caller all the XMM registers are set to zero rather than restoring their
previous content. The vulnerable code is used only on newer x86_64 processors
supporting the AVX512-IFMA instructions.
The consequences of this kind of internal application state corruption can
be various - from no consequences, if the calling application does not
depend on the contents of non-volatile XMM registers at all, to the worst
consequences, where the attacker could get complete control of the application
process. However given the contents of the registers are just zeroized so
the attacker cannot put arbitrary values inside, the most likely consequence,
if any, would be an incorrect result of some application dependent
calculations or a crash leading to a denial of service.
The POLY1305 MAC algorithm is most frequently used as part of the
CHACHA20-POLY1305 AEAD (authenticated encryption with associated data)
algorithm. The most common usage of this AEAD cipher is with TLS protocol
versions 1.2 and 1.3 and a malicious client can influence whether this AEAD
cipher is used by the server. This implies that server applications using
OpenSSL can be potentially impacted. However we are currently not aware of
any concrete application that would be affected by this issue therefore we
consider this a Low severity security issue.
As a workaround the AVX512-IFMA instructions support can be disabled at
runtime by setting the environment variable OPENSSL_ia32cap:
OPENSSL_ia32cap=:~0x200000
The FIPS provider is not affected by this issue.
๐@cveNotify
๐จ CVE-2022-41763
An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service.
๐@cveNotify
An issue was discovered in NOKIA AMS 9.7.05. Remote Code Execution exists via the debugger of the ipAddress variable. A remote user, authenticated to the AMS server, could inject code in the PING function. The privileges of the command executed depend on the user that runs the service.
๐@cveNotify
www.gruppotim.it
Vulnerability Research & Advisor
๐จ CVE-2023-38836
File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.
๐@cveNotify
File Upload vulnerability in BoidCMS v.2.0.0 allows a remote attacker to execute arbitrary code by adding a GIF header to bypass MIME type checks.
๐@cveNotify
๐จ CVE-2023-3375
Unrestricted Upload of File with Dangerous Type vulnerability in Unisign Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.
๐@cveNotify
Unrestricted Upload of File with Dangerous Type vulnerability in Unisign Bookreen allows OS Command Injection.This issue affects Bookreen: before 3.0.0.
๐@cveNotify
๐จ CVE-2023-41908
Cerebrate before 1.15 lacks the Secure attribute for the session cookie.
๐@cveNotify
Cerebrate before 1.15 lacks the Secure attribute for the session cookie.
๐@cveNotify
GitHub
chg: [config] Force usage of secure cookie for session and csrf proteโฆ ยท cerebrate-project/cerebrate@9be8105
โฆction
๐จ CVE-2015-1391
Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism.
๐@cveNotify
Aruba AirWave before 8.0.7 allows bypass of a CSRF protection mechanism.
๐@cveNotify
๐จ CVE-2023-30722
Protection Mechanism Failure in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.13.5 allows local attacker to execute arbitrary code.
๐@cveNotify
Protection Mechanism Failure in bc_tui trustlet from Samsung Blockchain Keystore prior to version 1.3.13.5 allows local attacker to execute arbitrary code.
๐@cveNotify
๐จ CVE-2023-31242
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability.
๐@cveNotify
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially-crafted series of network requests can lead to arbitrary authentication. An attacker can send a sequence of requests to trigger this vulnerability.
๐@cveNotify
๐จ CVE-2023-4480
Due to an out-of-date dependency in the โFusion File Managerโ component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the applicationโs mime-type and file extension validation.
๐@cveNotify
Due to an out-of-date dependency in the โFusion File Managerโ component accessible through the admin panel, an attacker can send a crafted request that allows them to read the contents of files on the system accessible within the privileges of the running process. Additionally, they may write files to arbitrary locations, provided the files pass the applicationโs mime-type and file extension validation.
๐@cveNotify
Blackduck
CyRC Vulnerability Advisory: CVE-2023-2453 Local File Inclusion in Forum Infusion and CVE-2023-4480 Arbitrary File Read in Fusionโฆ
Black Duck researcher discovers vulnerabilities CVE-2023-2453, CVE-2023-4480 in PHPFusion.
๐จ CVE-2023-2453
There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a โrequire_onceโ statement. This allows arbitrary files with the โ.phpโ extension for which the absolute path is known to be included and executed. There are no known means in PHPFusion through which an attacker can upload and target a โ.phpโ file payload.
๐@cveNotify
There is insufficient sanitization of tainted file names that are directly concatenated with a path that is subsequently passed to a โrequire_onceโ statement. This allows arbitrary files with the โ.phpโ extension for which the absolute path is known to be included and executed. There are no known means in PHPFusion through which an attacker can upload and target a โ.phpโ file payload.
๐@cveNotify
Blackduck
CyRC Vulnerability Advisory: CVE-2023-2453 Local File Inclusion in Forum Infusion and CVE-2023-4480 Arbitrary File Read in Fusionโฆ
Black Duck researcher discovers vulnerabilities CVE-2023-2453, CVE-2023-4480 in PHPFusion.
๐จ CVE-2023-35124
An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.
๐@cveNotify
An information disclosure vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to a disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability.
๐@cveNotify
๐จ CVE-2023-34998
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability.
๐@cveNotify
An authentication bypass vulnerability exists in the OAS Engine functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary authentication. An attacker can sniff network traffic to trigger this vulnerability.
๐@cveNotify
๐1
๐จ CVE-2023-34994
An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability.
๐@cveNotify
An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of requests to trigger this vulnerability.
๐@cveNotify
๐จ CVE-2023-34353
An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.
๐@cveNotify
An authentication bypass vulnerability exists in the OAS Engine authentication functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted network sniffing can lead to decryption of sensitive information. An attacker can sniff network traffic to trigger this vulnerability.
๐@cveNotify
๐จ CVE-2023-34317
An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.
๐@cveNotify
An improper input validation vulnerability exists in the OAS Engine User Creation functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to unexpected data in the configuration. An attacker can send a sequence of requests to trigger this vulnerability.
๐@cveNotify