Internet Storm Center Spotlight


INTERNET STORM CENTER SPOTLIGHT

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Strolling through Cyberspace and Hunting for Phishing Sites

Published: 2023-04-26

Last Updated: 2023-04-26 04:06:30 UTC

by Yee Ching Tok (Version: 1)

From time to time and as much as my limited time permits, I often explore the Internet and my DShield logs to see if I can uncover any interesting artifacts that suggest nefarious behaviour. Time-driven events such as tax filing are also considered when I perform such hunting activities. I recently discovered one such site masquerading as the Inland Revenue Authority of Singapore (IRAS) and observed some interesting points.

Read the full entry:

https://isc.sans.edu/diary/Strolling+through+Cyberspace+and+Hunting+for+Phishing+Sites/29780/

Calculating CVSS Scores with ChatGPT

Published: 2023-04-25

Last Updated: 2023-04-25 13:58:35 UTC

by Johannes Ullrich (Version: 1)

Everybody appears to be set to use ChatGPT for evil. After all, what is the fun in making the world a better place if, instead, you can make fun of a poor large large-scale language model whose developers only hinted at what it could mean to be good?

Having not given up on machines finally taking over to beat the "humane" into "humanity," I recently looked at some ways to use ChatGPT more defensively.

An issue I have been struggling with is vendors like Apple providing very terse and unstructured vulnerability summaries. You may have seen my attempt to create a more structured version of them and to assign severities to these vulnerabilities. Given that there are often dozens of vulnerabilities and limitations of my human form, the severity I assign is more of a "best guess." So I figured I would try to automate this with ChatGPT, and the initial results are not bad.

Read the full entry:

https://isc.sans.edu/diary/Calculating+CVSS+Scores+with+ChatGPT/29774/

Internet Storm Center Entries


Management of DMARC control for email impersonation of domains in the .co TLD - part 1 (2023.04.23)

https://isc.sans.edu/diary/Management+of+DMARC+control+for+email+impersonation+of+domains+in+the+co+TLD+part+1/29768/

YARA v4.3.1 Release (2023.04.23)

https://isc.sans.edu/diary/YARA+v431+Release/29766/

Taking a Bite Out of Password Expiry Helpdesk Calls (2023.04.20)

https://isc.sans.edu/diary/Taking+a+Bite+Out+of+Password+Expiry+Helpdesk+Calls/29758

Recent CVEs


The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.


CVE-2023-27350 - PaperCut NG 22.0.5 allows remote attackers to execute arbitrary code as SYSTEM by exploiting a flaw that bypasses authentication due to improper access control within the SetupCompleted class.

Product: PaperCut NG PaperCut NG 22.0.5 (Build 63914)

CVSS Score: 0

** KEV since 2023-04-21 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-27350

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8468

NVD References: 

- http://packetstormsecurity.com/files/171982/PaperCut-MF-NG-Authentication-Bypass-Remote-Code-Execution.html

- https://www.papercut.com/kb/Main/PO-1216-and-PO-1219

- https://www.zerodayinitiative.com/advisories/ZDI-23-233/




CVE-2023-2136 - Chromium: CVE-2023-2136 Integer overflow in Skia

Product: Google Chrome

CVSS Score: 0

** KEV since 2023-04-21 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2136

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2136

NVD References: 

- https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html

- https://crbug.com/1432603

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4AOSGAOPXLBK4A5ZRTVZ4M6QKVLSWMWG/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FEJZMAUB4XP44HSHEBDWEKFGA7DUHY42/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IHHD6KNH4WLUE6JG6HRQZWNAJMHJ32X7/

- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RJQI63HWZFL6M26Q6UOHKDY6LD2PFC5Z/

- https://www.debian.org/security/2023/dsa-5393




CVE-2023-2033 - Chromium: CVE-2023-2033 Type Confusion in V8

Product: Google Chrome

CVSS Score: 0

** KEV since 2023-04-17 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2033

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2033




CVE-2023-2144 - Campcodes Online Thesis Archiving System 1.0 is vulnerable to remote SQL injection through the manipulation of the argument id in /admin/departments/view_department.php (VDB-226265).

Product: Online Thesis Archiving System Project 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2144

NVD References: 

- https://github.com/E1CHO/cve_hub/blob/main/Online%20Thesis%20Archiving%20System/Online%20Thesis%20Archiving%20System%20-%20vuln%206.pdf

- https://vuldb.com/?ctiid.226265

- https://vuldb.com/?id.226265




CVE-2023-2145 - Campcodes Online Thesis Archiving System 1.0 is vulnerable to remote SQL injection via manipulation of the id argument in projects_per_curriculum.php (VDB-226266).

Product: Online Thesis Archiving System Project 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2145

NVD References: 

- https://github.com/E1CHO/cve_hub/blob/main/Online%20Thesis%20Archiving%20System/Online%20Thesis%20Archiving%20System%20-%20vuln%201.pdf

- https://vuldb.com/?ctiid.226266

- https://vuldb.com/?id.226266




CVE-2023-2148 - Campcodes Online Thesis Archiving System 1.0 is susceptible to SQL injection through remote initiation via a manipulated id argument in /admin/curriculum/view_curriculum.php, posing a critical threat (VDB-226269).

Product: Online Thesis Archiving System Project 

CVSS Score: 9.8 NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2148

NVD References: 

- https://github.com/E1CHO/cve_hub/blob/main/Online%20Thesis%20Archiving%20System/Online%20Thesis%20Archiving%20System%20-%20vuln%205.pdf

- https://vuldb.com/?ctiid.226269

- https://vuldb.com/?id.226269




CVE-2023-2149 - Campcodes Online Thesis Archiving System 1.0 is vulnerable to remote SQL injection via manipulation of the "id" argument in /admin/user/manage_user.php (VDB-226270).

Product: Online Thesis Archiving System Project 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2149

NVD References: 

- https://github.com/E1CHO/cve_hub/blob/main/Online%20Thesis%20Archiving%20System/Online%20Thesis%20Archiving%20System%20-%20vuln%207.pdf

- https://vuldb.com/?ctiid.226270

- https://vuldb.com/?id.226270




CVE-2023-30839 - PrestaShop prior to 8.0.4 and 1.7.8.9 has a SQL filtering vulnerability allowing BO users to write, update, and delete in the database without specific rights.

Product: PrestaShop e-commerce web application

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-30839

NVD References: 

- https://github.com/PrestaShop/PrestaShop/commit/0f2a9b7fdd42d1dd3b21d4fad586a849642f3c30

- https://github.com/PrestaShop/PrestaShop/commit/d1d27dc371599713c912b71bc2a455cacd7f2149

- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-p379-cxqh-q822




CVE-2023-28839 -  Shoppingfeed PrestaShop add-on (versions 1.4.0 to 1.8.2) is vulnerable to SQL injection due to lack of input sanitization, fixed in version 1.8.3, with no known workarounds.

Product: Shoppingfeed PrestaShop

CVSS Score: 9.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-28839

NVD References: 

- https://github.com/shoppingflux/module-prestashop/pull/209

- https://github.com/shoppingflux/module-prestashop/security/advisories/GHSA-vfmq-w777-qvcf




CVE-2023-29411 - Java RMI interface allows remote code execution and changes to administrative credentials due to missing authentication for critical function (CWE-306).

Product: Java RMI interface

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29411

NVD References: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-04.pdf




CVE-2023-29412 - The Java RMI interface in an application is vulnerable to remote code execution due to improper case sensitivity handling.

Product: Java Platform Standard Edition (Java SE)

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29412

NVD References: https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-101-04&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-101-04.pdf




CVE-2023-28004 - The vulnerable product has an improper validation of array index causing denial of service or remote code execution.

Product: Schneider Electric PowerLogic HDPM6000 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-28004

NVD References: 

- https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2023-073-02&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2023-073-02.pdf




CVE-2023-29510 - XWiki Platform allows remote code execution through unrestricted translation additions by users, but can be mitigated by upgrading to version 14.10.2 or 15.0 RC1.

Product: XWiki Platform XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29510

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/d06ff8a58480abc7f63eb1d4b8b366024d990643

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-4v38-964c-xjmw

- https://jira.xwiki.org/browse/XWIKI-19749




CVE-2023-29512 - XWiki Platform allows any user with edit rights to execute arbitrary code and gain full access to the installation due to improper escaping of information in certain pages, which has been patched in newer versions and requires user upgrade.

Product: XWiki Platform XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29512

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/e4bbdc23fea0be4ef1921d1a58648028ce753344

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-hg5x-3w3x-7g96

- https://jira.xwiki.org/browse/XWIKI-20267




CVE-2023-29514 - XWiki Platform allows remote code execution through a user with edit rights on any document.

Product: XWiki Platform XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29514

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/7bf7094f8ffac095f5d66809af7554c9cc44de09

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-9j36-3cp4-rh4j

- https://jira.xwiki.org/browse/XWIKI-20268




CVE-2023-29516 - XWiki Platform allows arbitrary code execution through improper escaping in the "Cancel and return to page" button, giving full access to the XWiki installation for any user with view rights on XWiki.AttachmentSelector.

Product: XWiki Platform XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29516

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/aca1d677c58563bbe6e35c9e1c29fd8b12ebb996

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-3989-4c6x-725f

- https://jira.xwiki.org/browse/XWIKI-20275




CVE-2023-29518 - XWiki Platform allows arbitrary code execution for any user with view rights due to improper escaping of `Invitation.InvitationCommon`, but the vulnerability has been patched in recent versions.

Product: XWiki Platform Invitation.InvitationCommon

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29518

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/3d055a0a5ec42fdebce4d71ee98f94553fdbfebf

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-px54-3w5j-qjg9

- https://jira.xwiki.org/browse/XWIKI-20283




CVE-2023-29519 - XWiki Platform allows for remote code execution and privilege escalation by injecting code into the "property" field of an attachment selector in a registered user's own dashboard gadget.

Product: XWiki Platform attachment selector

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29519

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/5e8725b4272cd3e5be09d3ca84273be2da6869c1

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-3hjg-cghv-22ww

- https://jira.xwiki.org/browse/XWIKI-20364




CVE-2023-29522 - XWiki Platform allows remote code execution and unrestricted read and write access to all wiki contents through a crafted payload on a non-existing page.

Product: XWiki Platform XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29522

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/d7e56185376641ee5d66477c6b2791ca8e85cfee

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-mjw9-3f9f-jq2w

- https://jira.xwiki.org/browse/XWIKI-20456




CVE-2023-29523 - XWiki Platform allows remote code execution and unrestricted read and write access to all wiki contents by any user who can edit their own user profile.

Product: XWiki Platform XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29523

NVD References: 

- https://extensions.xwiki.org/xwiki/bin/view/Extension/App%20Within%20Minutes%20Application

- https://github.com/xwiki/xwiki-platform/commit/0d547181389f7941e53291af940966413823f61c

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-x764-ff8r-9hpx

- https://jira.xwiki.org/browse/XWIKI-20327




CVE-2023-29524 - XWiki Platform allows unauthorized execution of code through the Scheduler Application sheet page, which was patched in version 14.10.3 and 15.0 RC1.

Product: XWiki Platform XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29524

NVD References: 

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-fc42-5w56-qw7h

- https://jira.xwiki.org/browse/XWIKI-20295

- https://jira.xwiki.org/browse/XWIKI-20462




CVE-2023-29525 - XWiki Platform is vulnerable to code injection via the `since` parameter in the `/xwiki/bin/view/XWiki/Notifications/Code/LegacyNotificationAdministration` endpoint, allowing for privilege escalation and code execution.

Product: XWiki Platform XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29525

NVD References: 

- https://github.com/xwiki/xwiki-platform/commit/6d74e2e4aa03d19f0be385ab63ae9e0f0e90a766

- https://github.com/xwiki/xwiki-platform/commit/8e7c7f90f2ddaf067cb5b83b181af41513028754#diff-4e13f4ee4a42938bf1201b7ee71ca32edeacba22559daf0bcb89d534e0225949R70

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-jgg7-w2rj-58cj

- https://jira.xwiki.org/browse/XWIKI-20287




CVE-2023-29526 - XWiki Platform allows unauthorized page access and code injection through the async and display macros.

Product: XWiki Platform 

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29526

NVD References: 

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-gpq5-7p34-vqx5

- https://jira.xwiki.org/browse/XRENDERING-694

- https://jira.xwiki.org/browse/XWIKI-20394




CVE-2023-29527 - XWiki Platform allows unauthorized code execution through the wiki editor when a user edits a document with groovy script content.

Product: XWiki Platform  XWiki

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29527

NVD References: 

- https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-jgrg-qvpp-9vwr

- https://jira.xwiki.org/browse/XWIKI-20423




CVE-2023-29528 - XWiki's HTML cleaner in "restricted" mode allows for the injection of arbitrary HTML code, resulting in vulnerability to JavaScript injection and server-side code execution in the context of the user session.

Product: XWiki XWiki

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29528

NVD References: 

- https://github.com/xwiki/xwiki-commons/commit/8ff1a9d7e5d7b45b690134a537d53dc05cae04ab

- https://github.com/xwiki/xwiki-commons/security/advisories/GHSA-x37v-36wv-6v6h

- https://jira.xwiki.org/browse/XCOMMONS-2568

- https://jira.xwiki.org/browse/XWIKI-20348




CVE-2023-21096 - Android contains a use after free vulnerability in attribution_processor.cc that could result in remote code execution without additional execution privileges.

Product: Google Android

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21096

NVD References: https://source.android.com/security/bulletin/2023-04-01




CVE-2023-2131 - INEA ME RTU firmware versions before 3.36 allow remote execution of arbitrary code through OS command injection.

Product: INEA ME RTU

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2131

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-23-110-01




CVE-2023-30621 - Gipsy Discord bot prior to version 1.3 allows arbitrary command injection on the host server due to the lack of verification in the `!ping` command with sudoer permission.

Product: Gipsy discord bot

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-30621

NVD References: 

- https://github.com/Curiosity-org/Gipsy/security/advisories/GHSA-6cw6-r8pg-j7wh

- https://github.com/Gunivers/Gipsy/pull/24

- https://github.com/Gunivers/Gipsy/pull/24/commits/716818e967069f144aae66d51464b237c22b6cdf




CVE-2023-31056 - CloverDX before 5.17.3 logs passwords in plaintext, which can be accessed by attackers.

Product: CloverDX CloverDX before 5.17.3

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-31056

NVD References: https://support1.cloverdx.com/hc/en-us/articles/8484869595164-Security-advisory-April-2023




CVE-2023-22577 - White Rabbit Switch allows unauthenticated users to retrieve sensitive information, including password hashes and SNMP community strings.

Product: White Rabbit Switch

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-22577

NVD References: 

- https://csirt.divd.nl/CVE-2023-22577/

- https://csirt.divd.nl/DIVD-2022-00068/




CVE-2023-22581 - White Rabbit Switch allows an attacker to execute system commands through the web application, running as root user.

Product: White Rabbit Switch

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-22581

NVD References: 

- https://csirt.divd.nl/CVE-2023-22581/

- https://csirt.divd.nl/DIVD-2022-00068/




CVE-2023-25131 - PowerPanel Business versions 4.8.6 and earlier have a default password vulnerability that allows remote attackers to log in and perform administrative functions.

Product: CyberPower PowerPanel Business

CVSS Score: 9.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25131

NVD References: 

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_linux#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_mac#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_virtual_machine#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads

- https://zuso.ai/Advisory/




CVE-2023-25132 - PowerPanel Business software versions 4.8.6 and earlier allow remote execution of OS commands due to unrestricted uploading of dangerous file types in the default.cmd file.

Product: CyberPower PowerPanel Business

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25132

NVD References: 

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_linux#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_mac#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_virtual_machine#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads

- https://zuso.ai/Advisory/




CVE-2023-25133 - PowerPanel Business software versions 4.8.6 and earlier allow remote attackers to execute OS commands due to improper privilege management in the default.cmd file.

Product: CyberPower PowerPanel Business

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25133

NVD References: 

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_linux#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_mac#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_virtual_machine#downloads

- https://www.cyberpower.com/global/en/product/sku/powerpanel_business_for_windows#downloads

- https://zuso.ai/Advisory/




CVE-2023-24819 - RIOT-OS's network stack prior to version 2022.10 allows for crafted frames that can result in a denial of service or execution of arbitrary code, with a fix available in version 2022.10 or potential workaround through disabling support for fragmented IP datagrams or patching.

Product: RIOT-OS 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24819

NVD References: 

- https://github.com/RIOT-OS/RIOT/pull/18817/commits/73615161c01fcfbbc7216cf502cabb12c1598ee4

- https://github.com/RIOT-OS/RIOT/pull/18820/commits/da63e45ee94c03a2e08625b04ea618653eab4a9f

- https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-fv97-2448-gcf6




CVE-2023-24823 - RIOT-OS prior to version 2022.10 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted 6LoWPAN frame due to a type confusion vulnerability.

Product: RIOT-OS network stack

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24823

NVD References: 

- https://github.com/RIOT-OS/RIOT/pull/18817/commits/4a081f86616cb5c9dd0b5d7b286da03285d1652a

- https://github.com/RIOT-OS/RIOT/pull/18820/commits/dafc397fdc3655aeb5c7b9963a43f1604c6a2062

- https://github.com/RIOT-OS/RIOT/security/advisories/GHSA-jwmv-47p2-hgq2




CVE-2023-27524 - Apache Superset versions up to and including 2.0.1 allow session validation attacks if default configured SECRET_KEY is not altered according to installation instructions.

Product: Apache  Superset

CVSS Score: 8.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-27524

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8470

NVD References: 

- http://www.openwall.com/lists/oss-security/2023/04/24/2

- https://lists.apache.org/thread/n0ftx60sllf527j7g11kmt24wvof8xyk




CVE-2023-30627 - Jellyfin-web prior to version 10.8.10 is vulnerable to stored cross-site scripting in device.js, allowing for arbitrary calls to the `REST` endpoints with admin privileges, and when combined with CVE-2023-30626, results in remote code execution without any known workarounds.

Product: Jellyfin jellyfin-web

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-30627

NVD References: 

- https://github.com/jellyfin/jellyfin-web/commit/b88a5951e1a517ff4c820e693d9c0da981cf68ee

- https://github.com/jellyfin/jellyfin-web/releases/tag/v10.8.10

- https://github.com/jellyfin/jellyfin-web/security/advisories/GHSA-89hp-h43h-r5pq

- https://github.com/jellyfin/jellyfin/security/advisories/GHSA-9p5f-5x8v-x65m




CVE-2023-28771 - Zyxel ZyWALL/USG firmware versions 4.60-4.73, VPN series firmware versions 4.60-5.35, USG FLEX firmware versions 4.60-5.35, and ATP series firmware versions 4.60-5.35 improperly handle error messages, allowing remote attackers to execute OS commands.

Product: Zyxel ZyWALL/USG series

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-28771

NVD References: https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-remote-command-injection-vulnerability-of-firewalls




CVE-2023-30839 - PrestaShop prior to 8.0.4 and 1.7.8.9 has a SQL filtering vulnerability allowing BO users to write, update, and delete in the database without specific rights.

Product: PrestaShop e-commerce web application

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-30839

NVD References: 

- https://github.com/PrestaShop/PrestaShop/commit/0f2a9b7fdd42d1dd3b21d4fad586a849642f3c30

- https://github.com/PrestaShop/PrestaShop/commit/d1d27dc371599713c912b71bc2a455cacd7f2149

- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-p379-cxqh-q822




CVE-2023-30842 - AVideo prior to version 12.4 allows for remote code execution via a malicious video link.

Product: AVideo AVideo

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-30842

NVD References: 

- https://github.com/WWBN/AVideo/commit/236228f15a9a31be5a0e60f05dac043682e49a5e

- https://github.com/WWBN/AVideo/security/advisories/GHSA-pgvh-p3g4-86jw




CVE-2012-5872 - ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause.

Product: ARC ARC2

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2012-5872

NVD References: https://www.ush.it/2012/11/22/arc-v2011-12-01-multiple-vulnerabilities/




CVE-2023-29552 - SLP (RFC 2608) allows an unauthenticated attacker to register arbitrary services, enabling a significant amplification factor in a denial-of-service attack using spoofed UDP traffic.

Product: RFC  Service Location Protocol

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29552

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8470

NVD References: https://blogs.vmware.com/security/2023/04/vmware-response-to-cve-2023-29552-reflective-denial-of-service-dos-amplification-vulnerability-in-slp.html

NVD References: 

- https://datatracker.ietf.org/doc/html/rfc2608

- https://www.bitsight.com/blog/new-high-severity-vulnerability-cve-2023-29552-discovered-service-location-protocol-slp

- https://www.cisa.gov/news-events/alerts/2023/04/25/abuse-service-location-protocol-may-lead-dos-attacks

- https://www.suse.com/support/kb/doc/?id=000021051




CVE-2023-1671 - Sophos Web Appliance older than version 4.3.10.4 is vulnerable to pre-auth command injection allowing arbitrary code execution in the warn-proceed handler.

Product: Sophos Web Appliance

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-1671

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8470



Manual Review Needed:


CVE-2023-28206 - Apple iOS, iPadOS, and macOS IOSurfaceAccelerator Out-of-Bounds Write Vulnerability 

Product: iOS, iPadOS, and macOS

CISA KEV: YES

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-28206