UBUNTU-CVE-2023-38611

The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution...

mx-chain-go's relayed transactions always increment nonce

Impact When executing a relayed transaction, if the inner transaction failed, it would have increased the inner transaction's sender account nonce. This could have contributed to a limited DoS attack on a targeted account. The fix is a breaking change so a new flag RelayedNonceFixEnableEpoch was...

DEBIAN-CVE-2023-36824

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional.

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. These issue were disclosed as part of the IBM Java SDK updates in April 2022, App Connect Professional have addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2022-21426...

PT-2023-12139 · Dzzoffice · Dzzoffice

Name of the Vulnerable Software and Affected Versions: dzzoffice version 2.02.1 SC UTF8 Description: A reflected cross-site scripting issue allows attackers to execute arbitrary web scripts or HTML by exploiting the zero parameter. Recommendations: For dzzoffice version 2.02.1 SC UTF8, consider...

PT-2023-15715 · Google · Widevine Trusted Application

Name of the Vulnerable Software and Affected Versions: Widevine Trusted Application TA versions 5.0.0 through 7.1.1 Description: The issue is related to an integer overflow and resultant buffer overflow in the PRDiagParseAndStoreData function. Recommendations: For versions 5.0.0 through 7.1.1,...

CVE-2023-32320 Nextcloud Server's brute force protection allows someone to send more requests than intended

Nextcloud Server is a data storage system for Nextcloud, a self-hosted productivity platform. When multiple requests are sent in parallel, all of them were executed even if the amount of faulty requests succeeded the limit by the time the response was sent to the client. This allowed someone to...

CVE-2023-34250 Discourse vulnerable to exposure of number of topics recently created in private categories

Discourse is an open source discussion platform. Prior to version 3.0.4 of the stable branch and version 3.1.0.beta5 of the beta and tests-passed branches, an attacker could use the new topics dismissal endpoint to reveal the number of topics recently created but not the actual content thereof in...

PT-2023-22592 · Unknown · Newbee-Mall

Name of the Vulnerable Software and Affected Versions: newbee-mall versions prior to commit 1f2c2dfy Description: The issue is related to insecure permissions in the updateUserInfo function, which allows attackers to obtain user account information. Recommendations: For versions prior to commit...

PT-2023-22617 · Cltphp · Cltphp

Name of the Vulnerable Software and Affected Versions: CLTPHP versions prior to 6.0 Description: The issue concerns Cross Site Scripting XSS via the application/home/controller/Changyan.php file. Recommendations: For versions prior to 6.0, update to a version that includes the fix for this issue ...

SUSE-SU-2023:2000-1 Security update for fwupd

This update of fwupd fixes the following issues: - rebuild the package with the new secure boot key bsc1209188...

SUSE-SU-2023:1958-1 Security update for ovmf

This update for ovmf fixes the following issues: - CVE-2019-14560: Fixed potential secure boot bypass via an improper check of GetEfiGlobalVariable2 bsc1174246. - CVE-2021-38578: Fixed underflow in MdeModulePkg/PiSmmCore SmmEntryPointAdd bsc1196741...

PT-2023-2555 · Cisco · Cisco Modeling Labs

Name of the Vulnerable Software and Affected Versions: Cisco Modeling Labs affected versions not specified Description: The issue is related to the external authentication mechanism of Cisco Modeling Labs, which can be exploited by an unauthenticated, remote attacker to access the web interface...

CVE-2023-29522 Code injection from view right on XWiki.ClassSheet in xwiki-platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki...

CVE-2023-28852 GLPI vulnerable to stored Cross-site Scripting through dashboard administration

GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 9.5.13 and 10.0.7, a user with dashboard administration rights may hack the dashboard form to store malicious code that will be executed when other users will use the related dashboard. Versio...

PT-2023-18609 · Ichitaro · Ichitaro

Name of the Vulnerable Software and Affected Versions: Ichitaro version 2022 1.0.1.57600 Description: A heap-based buffer overflow issue exists in the way Ichitaro processes certain LayoutBox stream record types. This can be triggered by a specially crafted document, causing a buffer overflow,...

CVE-2023-28840 moby/moby's dockerd daemon encrypted overlay network may be unauthenticated

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker, Mirantis Container Runtime, and various other downstream projects/products. The Moby daemon component dockerd, which is developed as moby/moby, is commonly referred to as Docker. Swarm Mode, which i...

CVE-2023-27487 Envoy client may fake the header `x-envoy-original-path`

Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the client may bypass JSON Web Token JWT checks and forge fake original paths. The header x-envoy-original-path should be an internal header, but...

CVE-2023-28854 nophp vulnerable to shell command injection on httpd user when sending a password-setting mail or mail-login mail

nophp is a PHP web framework. Prior to version 0.0.1, nophp is vulnerable to shell command injection on httpd user. A patch was made available at commit e5409aa2d441789cbb35f6b119bef97ecc3986aa on 2023-03-30. Users should update index.php to 2023-03-30 or later or, as a workaround, add a function...

PT-2023-22010 · Nophp · Nophp

Name of the Vulnerable Software and Affected Versions: nophp versions prior to 0.0.1 Description: The issue affects the nophp PHP web framework, where versions prior to 0.0.1 are vulnerable to shell command injection on the httpd user. A patch was made available to address this issue...