π¨ CVE-2023-41993
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
π@cveNotify
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7.
π@cveNotify
security.gentoo.org
WebKitGTK+: Multiple Vulnerabilities (GLSA 202401-33) β Gentoo security
Multiple vulnerabilities have been found in WebKitGTK+, the worst of which may lead to remote code execution.
π¨ CVE-2023-39335
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources.
π@cveNotify
A security vulnerability has been identified in EPMM Versions 11.10, 11.9 and 11.8 and older allowing an unauthenticated threat actor to impersonate any existing user during the device enrollment process. This issue poses a significant security risk, as it enables unauthorized access and potential misuse of user accounts and resources.
π@cveNotify
Ivanti
CVE-2023-39335 - Certificate creation authentication bypass in UPDATEPROFILE handler
A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM) β formerly MobileIron Core. We are reporting this vulnerability as CVE-2023-39335.
This vulnerability impacts all supported versions of the products β EPMM Versions 11.11, 11.10β¦
This vulnerability impacts all supported versions of the products β EPMM Versions 11.11, 11.10β¦
π¨ CVE-2023-39337
A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity.
π@cveNotify
A security vulnerability in EPMM Versions 11.10, 11.9 and 11.8 older allows a threat actor with knowledge of an enrolled device identifier to access and extract sensitive information, including device and environment configuration details, as well as secrets. This vulnerability poses a serious security risk, potentially exposing confidential data and system integrity.
π@cveNotify
Ivanti
CVE-2023-39337 - MobileConfig profile download authentication bypass
<p>A vulnerability has been discovered in Ivanti Endpoint Manager Mobile (EPMM) β formerly MobileIron Core. We are reporting this vulnerability as CVE-2023-39337.
This vulnerability impacts all supported versions of the products β EPMM Versions 11.11, 11.10β¦
This vulnerability impacts all supported versions of the products β EPMM Versions 11.11, 11.10β¦
π₯1
π¨ CVE-2023-43591
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.
π@cveNotify
Improper privilege management in Zoom Rooms for macOS before version 5.16.0 may allow an authenticated user to conduct an escalation of privilege via local access.
π@cveNotify
Zoom
Zoom Security Bulletins
View the latest Zoom Security Bulletins and make sure to update your Zoom app to the latest version in order to get the latest fixes and security improvements.
π¨ CVE-2023-48089
xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution (RCE) via /xxl-job-admin/jobcode/save.
π@cveNotify
xxl-job-admin 2.4.0 is vulnerable to Remote Code Execution (RCE) via /xxl-job-admin/jobcode/save.
π@cveNotify
GitHub
Remote Code Execution in /xxl-job-admin/jobcode/save Β· Issue #3333 Β· xuxueli/xxl-job
Environment MySQL 5.7.44, XXL-Job-Admin 2.4.0 Virtual Machine 1: Ubuntu 22.04.3 (as XXL-Job-Admin) Virtual Machine 2: Ubuntu 22.04.3 (as XXL-Job-Executor) Vulnerability Information It was found tha...
π¨ CVE-2023-48011
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c.
π@cveNotify
GPAC v2.3-DEV-rev566-g50c2ab06f-master was discovered to contain a heap-use-after-free via the flush_ref_samples function at /gpac/src/isomedia/movie_fragments.c.
π@cveNotify
GitHub
Fixed #2611 Β· gpac/gpac@c70f49d
GPAC Ultramedia OSS for Video Streaming & Next-Gen Multimedia Transcoding, Packaging & Delivery - Fixed #2611 Β· gpac/gpac@c70f49d
π¨ CVE-2023-48031
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute arbitrary code or establish a reverse shell, leading to unauthorized file writes or control over the victim's station via a crafted file upload operation.
π@cveNotify
OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. In the comment function, an attacker can bypass security restrictions and upload a .bat file by manipulating the file's magic bytes to masquerade as an allowed type. This can enable the attacker to execute arbitrary code or establish a reverse shell, leading to unauthorized file writes or control over the victim's station via a crafted file upload operation.
π@cveNotify
π¨ CVE-2023-48648
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when creating a directory with permissions greater than 0755 or when the permissions argument is not specified.
π@cveNotify
Concrete CMS before 8.5.13 and 9.x before 9.2.2 allows unauthorized access because directories can be created with insecure permissions. File creation functions (such as the Mkdir() function) gives universal access (0777) to created folders by default. Excessive permissions can be granted when creating a directory with permissions greater than 0755 or when the permissions argument is not specified.
π@cveNotify
Concrete CMS Documentation
8.5.13 Release Notes
π¨ CVE-2023-48110
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
π@cveNotify
Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
π@cveNotify
β€1
π¨ CVE-2023-48111
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
π@cveNotify
Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
π@cveNotify
β€1
π¨ CVE-2023-20274
A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient permissions that are set by the PHP Agent Installer on the PHP Agent install directory. An attacker could exploit this vulnerability by modifying objects in the PHP Agent install directory, which would run with the same privileges as PHP. A successful exploit could allow a lower-privileged attacker to elevate their privileges to root on an affected device.
π@cveNotify
A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient permissions that are set by the PHP Agent Installer on the PHP Agent install directory. An attacker could exploit this vulnerability by modifying objects in the PHP Agent install directory, which would run with the same privileges as PHP. A successful exploit could allow a lower-privileged attacker to elevate their privileges to root on an affected device.
π@cveNotify
Cisco
Cisco Security Advisory: Cisco AppDynamics PHP Agent Privilege Escalation Vulnerability
A vulnerability in the installer script of Cisco AppDynamics PHP Agent could allow an authenticated, local attacker to elevate privileges on an affected device.
This vulnerability is due to insufficient permissions that are set by the PHP Agent Installerβ¦
This vulnerability is due to insufficient permissions that are set by the PHP Agent Installerβ¦
β€1
π¨ CVE-2023-47392
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.
π@cveNotify
An access control issue in Mercedes me IOS APP v1.34.0 and below allows attackers to view the carts of other users via sending a crafted add order request.
π@cveNotify
Gist
Mercedes me IOS APP has the vulnerability of exceeding the authority to add shopping cart orders and query shopping cart contents
Mercedes me IOS APP has the vulnerability of exceeding the authority to add shopping cart orders and query shopping cart contents - APP.txt
π¨ CVE-2023-6302
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246128. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability was found in CSZCMS 1.3.0 and classified as critical. Affected by this issue is some unknown functionality of the file \views\templates of the component File Manager Page. The manipulation leads to permission issues. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-246128. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
CVE/CSZCMS/Code-Execution-Vulnerability-in-cszcmsV1.3.0.md at main Β· t34t/CVE
Information about CVE vulnerabilities. Contribute to t34t/CVE development by creating an account on GitHub.
π¨ CVE-2023-42581
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
π@cveNotify
Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to access data.
π@cveNotify
π¨ CVE-2024-21674
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Confluence Data Center and Server.
Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has high impact to confidentiality, no impact to integrity, no impact to availability, and does not require user interaction.
Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
* Confluence Data Center and Server 7.19: Upgrade to a release 7.19.18, or any higher 7.19.x release
* Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release
* Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release
See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ).
π@cveNotify
This High severity Remote Code Execution (RCE) vulnerability was introduced in version 7.13.0 of Confluence Data Center and Server.
Remote Code Execution (RCE) vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N allows an unauthenticated attacker to expose assets in your environment susceptible to exploitation which has high impact to confidentiality, no impact to integrity, no impact to availability, and does not require user interaction.
Atlassian recommends that Confluence Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions:
* Confluence Data Center and Server 7.19: Upgrade to a release 7.19.18, or any higher 7.19.x release
* Confluence Data Center and Server 8.5: Upgrade to a release 8.5.5 or any higher 8.5.x release
* Confluence Data Center and Server 8.7: Upgrade to a release 8.7.2 or any higher release
See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Confluence Data Center and Server from the download center (https://www.atlassian.com/software/confluence/download-archives ).
π@cveNotify
π¨ CVE-2024-35711
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Event allows Stored XSS.This issue affects Event: from n/a through 1.2.2.
π@cveNotify
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Theme Freesia Event allows Stored XSS.This issue affects Event: from n/a through 1.2.2.
π@cveNotify
Patchstack
Cross Site Scripting (XSS) in WordPress Event Theme
Patchstack is the leading open source vulnerability research organization. Find information and protection for all WordPress, Drupal and Joomla security issues.
π¨ CVE-2023-5553
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
π@cveNotify
During internal Axis Security Development Model (ASDM) threat-modelling, a flaw was found in the protection for device tampering (commonly known as Secure Boot) in AXIS OS making it vulnerable to a sophisticated attack to bypass this protection. To Axis' knowledge, there are no known exploits of the vulnerability at this time. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution.
π@cveNotify
π¨ CVE-2024-22603
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link
π@cveNotify
FlyCms v1.0 contains a Cross-Site Request Forgery (CSRF) vulnerability via /system/links/add_link
π@cveNotify
GitHub
cms/4.md at main Β· ljw11e/cms
Contribute to ljw11e/cms development by creating an account on GitHub.
π¨ CVE-2024-24482
Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal.
π@cveNotify
Aprktool before 2.9.3 on Windows allows ../ and /.. directory traversal.
π@cveNotify
GitHub
Write to arbitrary files while decoding on Windows
### Summary
I did some research on 0x33c0unt - https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w and found that the latest version of apktool still has directory trave...
I did some research on 0x33c0unt - https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w and found that the latest version of apktool still has directory trave...
π¨ CVE-2024-29008
A problem has been identified in the CloudStack additional VM configuration (extraconfig) feature which can be misused by anyone who has privilege to deploy a VM instance or configure settings of an already deployed VM instance, to configure additional VM configuration even when the feature is not explicitly enabled by the administrator. In a KVM based CloudStack environment, an attacker can exploit this issue to attach host devices such as storage disks, and PCI and USB devices such as network adapters and GPUs, in a regular VM instance that can be further exploited to gain access to the underlying network and storage infrastructure resources, and access any VM instance disks on the local storage.
Users are advised to upgrade to version 4.18.1.1 or 4.19.0.1, which fixes this issue.
π@cveNotify
A problem has been identified in the CloudStack additional VM configuration (extraconfig) feature which can be misused by anyone who has privilege to deploy a VM instance or configure settings of an already deployed VM instance, to configure additional VM configuration even when the feature is not explicitly enabled by the administrator. In a KVM based CloudStack environment, an attacker can exploit this issue to attach host devices such as storage disks, and PCI and USB devices such as network adapters and GPUs, in a regular VM instance that can be further exploited to gain access to the underlying network and storage infrastructure resources, and access any VM instance disks on the local storage.
Users are advised to upgrade to version 4.18.1.1 or 4.19.0.1, which fixes this issue.
π@cveNotify
π¨ CVE-2022-47894
Improper Input Validation vulnerability in Apache Zeppelin SAP.This issue affects Apache Zeppelin SAP: from 0.8.0 before 0.11.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
For more information, the fix already was merged in the source code but Zeppelin decided to retire the SAP component
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
π@cveNotify
Improper Input Validation vulnerability in Apache Zeppelin SAP.This issue affects Apache Zeppelin SAP: from 0.8.0 before 0.11.0.
As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users.
For more information, the fix already was merged in the source code but Zeppelin decided to retire the SAP component
NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
π@cveNotify