AtRisk August 10, 2023 Vol. XXIII

Jump to:

Internet Storm Center Spotlight
Recent CVEs
Sponsors
Read More

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Microsoft August 2023 Patch Tuesday

Published: 2023-08-08

Last Updated: 2023-08-08 17:55:38 UTC

by Renato Marinho (Version: 1)

This month we got patches for 88 vulnerabilities. Of these, 6 are critical, and 2 are already being exploited, according to Microsoft.

One of the exploited vulnerabilities is .NET and Visual Studio Denial of Service Vulnerability (CVE-2023-38180). The max severity for the vulnerability is important and the CVSS is 7.5.

The other exploited vulnerability is Microsoft Office Defense in Depth Update (ADV230003). According to the advisory this defense in depth update is not a vulnerability, but installing this update stops the attack chain leading to the Windows Search security feature bypass vulnerability (CVE-2023-36884). Microsoft recommends installing the Office updates discussed in this advisory as well as installing the Windows updates from August 2023.

Moving to critical vulnerabilities, there are Remote Code Execution (RCE) vulnerabilities affecting Microsoft Message Queuing (CVE-2023-35385, CVE-2023-36910, and CVE-2023-36911). According to the advisory, the Windows message queuing service, which is a Windows component, needs to be enabled for a system to be exploitable by this vulnerability. This feature can be added via the Control Panel. You can check to see if there is a service running named Message Queuing and TCP port 1801 is listening on the machine. Successful exploitation of this vulnerability could allow an unauthenticated attacker to remotely execute code on the target server. The attack complexity is low, no privileges and no user interaction are required. The CVSS for this vulnerability is 9.8.

Read the full entry:

https://isc.sans.edu/diary/Microsoft+August+2023+Patch+Tuesday/30106/

From small LNK to large malicious BAT file with zero VT score

Published: 2023-08-03

Last Updated: 2023-08-03 15:49:44 UTC

by Jan Kopriva (Version: 1)

Last week, my spam trap caught an e-mail with LNK attachment, which turned out to be quite interesting.

The e-mail message was the usual malspam fare trying to appear as a purchase order sent to the recipient, however, the attachment, named “Purchase%20Order%20PO007289.pdf.zip”, was somewhat more intriguing. As you have probably guessed, it did not contain a PDF file, as its name might have suggested, but instead a 15 kB LNK.

If one were to look at the LNKs properties using the standard Windows dialog, one would only see the following string as the “target” for the shortcut, given that the textbox in the dialog supports only a fairly short string.

Since the “target” string begins with the ComSpec variable, we can clearly see that the LNK is pointing at cmd.exe (at least on any Windows system with usual configuration), but that is about all we can be certain about at this point. To get to further details, we might take advantage of some specialized tool for analyzing LNK files, however, any hex editor can serve us just as well.

Even if one didn’t understand the internal structure of the Shell Link file format, one would only have to locate a string in the file containing multiple “/shakir” substrings to be able to get to the entire command that the file is supposed to execute.

Read the full entry:

https://isc.sans.edu/diary/From+small+LNK+to+large+malicious+BAT+file+with+zero+VT+score/30094/

Are Leaked Credentials Dumps Used by Attackers?

Published: 2023-08-04

Last Updated: 2023-08-04 07:46:31 UTC

by Xavier Mertens (Version: 1)

Leaked credentials are a common thread for a while. Popular services like “Have I Been Pwned”[1] help everyone know if some emails and passwords have been leaked. This is a classic problem: One day, you create an account on a website (ex: an online shop), and later, this website is compromised. All credentials are collected and shared by the attacker. To reduce this risk, a best practice is to avoid password re-use (as well as to not use your corporate email address for non-business-related stuff).

I’ve been watching dumps of leaked credentials for a long time. My goal is not to compete with the service above. I do this for research purposes and to track potential leaks for juicy domains. Most of the "combo" files that you can find on the Internet are compilations of old leaks but presented as "fresh", "verified" or "valid" by the attacker:

250K-belgium-Combolist.txt

300kusa.txt

310k-yahoo-combos.txt

75k HQ Valid mail access.txt

83k mail_access.txt

50K Combo private BY AmrNet1 All Site.txt

...

The quality of these dumps is very poor. Most verifications I performed with 3rd parties always gave the same results: the account has not existed for a long time, our password policy has changed, etc.

Read the full entry:

https://isc.sans.edu/diary/Are+Leaked+Credentials+Dumps+Used+by+Attackers/30098/

Update: Researchers scanning the Internet (2023.08.07)

https://isc.sans.edu/diary/Update+Researchers+scanning+the+Internet/30102/

Zeek and Defender Endpoint (2023.08.02)

https://isc.sans.edu/diary/Zeek+and+Defender+Endpoint/30088/

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

CVE-2023-35081-Arbitrary-File-Write?language=en_US">https://forums.ivanti.com/s/article/CVE-2023-35081-Arbitrary-File-Write?language=en_US

Product: Papercut NG/MFCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39143ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8604NVD References: - https://www.horizon3.ai/cve-2023-39143-papercut-path-traversal-file-upload-rce-vulnerability/- https://www.papercut.com/kb/Main/securitybulletinjuly2023/CVE-2023-21709 - Microsoft Exchange Server Elevation of Privilege VulnerabilityProduct: Microsoft Exchange ServerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21709ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21709CVE-2023-34960 - Chamilo v1.11.* up to v1.11.18 enables command injections via a SOAP API call to wsConvertPpt with a manipulated PowerPoint name.Product: Chamilo CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34960NVD References: - http://chamilo.com- https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-112-2023-04-20-Critical-impact-High-risk-Remote-Code-ExecutionCVE-2023-37478 - Pnpm package manager is susceptible to a malicious tarball vulnerability that allows compromised or malicious versions to be installed when using pnpm, despite appearing safe on npm registry.Product: Pnpm CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37478NVD References: - https://github.com/pnpm/pnpm/releases/tag/v7.33.4- https://github.com/pnpm/pnpm/releases/tag/v8.6.8- https://github.com/pnpm/pnpm/security/advisories/GHSA-5r98-f33j-g8h7CVE-2022-39986 - RaspAP versions 2.8.0 through 2.8.7, an unauthenticated command injection vulnerability allows attackers to execute arbitrary commands via the cfg_id parameter in certain PHP files.Product: RaspAPCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-39986NVD References: - https://github.com/RaspAP/raspap-webgui/blob/master/ajax/openvpn/activate_ovpncfg.php- https://medium.com/@ismael0x00/multiple-vulnerabilities-in-raspap-3c35e78809f2CVE-2023-31710 - TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow.Product: TP-Link Archer Ax21CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-31710NVD References: https://github.com/xiaobye-ctf/My-CVE/tree/main/TP-Link/CVE-2023-31710CVE-2023-34634 - Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.Product: Greenshot CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34634NVD References: - http://packetstormsecurity.com/files/173825/GreenShot-1.2.10-Arbitrary-Code-Execution.html- https://github.com/greenshot/greenshot/commit/a152e2883fca7f78051b3bd6b1e5cc57355cb44c- https://greenshot.atlassian.net/browse/BUG-3061- https://www.exploit-db.com/exploits/51633CVE-2023-4056 - Firefox, Firefox ESR, and Thunderbird versions prior to 116, 102.14, and 115.1 respectively suffer from memory safety bugs that could potentially allow arbitrary code execution through memory corruption.Product: Mozilla FirefoxCVSS Score: 9.8 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4056NVD References: - https://bugzilla.mozilla.org/buglist.cgi?bug_id=1820587%2C1824634%2C1839235%2C1842325%2C1843847- https://lists.debian.org/debian-lts-announce/2023/08/msg00008.html- https://www.debian.org/security/2023/dsa-5464- https://www.debian.org/security/2023/dsa-5469- https://www.mozilla.org/security/advisories/mfsa2023-29/- https://www.mozilla.org/security/advisories/mfsa2023-30/- https://www.mozilla.org/security/advisories/mfsa2023-31/CVE-2023-4057 - Firefox, Firefox ESR, and Thunderbird versions 115.0 suffer from memory safety bugs that could potentially lead to arbitrary code execution, affecting Firefox versions below 116 and Firefox ESR versions below 115.1.Product: Mozilla FirefoxCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4057NVD References: - https://bugzilla.mozilla.org/show_bug.cgi?id=1841682- https://www.mozilla.org/security/advisories/mfsa2023-29/- https://www.mozilla.org/security/advisories/mfsa2023-31/- https://www.mozilla.org/security/advisories/mfsa2023-33/CVE-2023-4058 - Firefox versions prior to 116 contain memory safety bugs that could allow potential hackers to run arbitrary code by exploiting the memory corruption.Product: Mozilla FirefoxCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4058NVD References: - https://bugzilla.mozilla.org/buglist.cgi?bug_id=1819160%2C1828024- https://www.mozilla.org/security/advisories/mfsa2023-29/CVE-2023-33493 - PrestaShop through 2.3.0 allows remote attackers to upload dangerous files without restrictions.Product: Ajaxmanager Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33493NVD References: https://security.friendsofpresta.org/module/2023/07/28/ajaxmanager.htmlCVE-2023-36210 - MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the …

Product: Assaabloy Control ID IDSecureCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33369NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33369- https://www.controlid.com.br/en/access-control/idsecure/CVE-2023-33371 - IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to bypass authentication.Product: Assaabloy Control ID IDSecureCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33371NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33371- https://www.controlid.com.br/en/access-control/idsecure/CVE-2023-36082 - GatesAir Flexiva FM Transmitter/Exiter Fax 150W is vulnerable to remote privilege escalation through LDAP and SMTP credentials.Product: GatesAir Flexiva Fax 150WCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36082NVD References: - http://flexiva.com- http://gatesair.com- https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082CVE-2023-4068, CVE-2023-4069, CVE-2023-4070 - Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4068NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4069NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4070ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4068MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4069MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4070NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1466183- https://crbug.com/1465326- https://crbug.com/1462951- https://www.debian.org/security/2023/dsa-5467CVE-2023-4071 - Chromium: CVE-2023-4071 Heap buffer overflow in VisualsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4071ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4071NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1458819- https://www.debian.org/security/2023/dsa-5467CVE-2023-4072 - Chromium: CVE-2023-4072 Out of bounds read and write in WebGLProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4072ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4072NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1464038- https://www.debian.org/security/2023/dsa-5467CVE-2023-4073 - Chromium: CVE-2023-4073 Out of bounds memory access in ANGLEProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4073ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4073NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1456243- https://www.debian.org/security/2023/dsa-5467CVE-2023-4074 - Chromium: CVE-2023-4074 Use after free in Blink Task SchedulingProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4074ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4074NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1464113- https://www.debian.org/security/2023/dsa-5467CVE-2023-4075 - Chromium: CVE-2023-4075 Use after free in CastProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4075ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4075NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1457757- https://www.debian.org/security/2023/dsa-5467CVE-2023-4076 - Chromium: CVE-2023-4076 Use after free in WebRTCProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4076ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4076NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1459124- https://www.debian.org/security/2023/dsa-5467CVE-2023-4077 - Chromium: CVE-2023-4077 Insufficient data validation in ExtensionsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4077ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4077NVD References: - https:/…

Product: Assaabloy Control ID IDSecureCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33371NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33371- https://www.controlid.com.br/en/access-control/idsecure/CVE-2023-36082 - GatesAir Flexiva FM Transmitter/Exiter Fax 150W is vulnerable to remote privilege escalation through LDAP and SMTP credentials.Product: GatesAir Flexiva Fax 150WCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36082NVD References: - http://flexiva.com- http://gatesair.com- https://strik3r.gitbook.io/strik3r-blog/security-research/cves-pocs/cve-2023-36082CVE-2023-4068, CVE-2023-4069, CVE-2023-4070 - Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.Product: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4068NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4069NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4070ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4068MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4069MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4070NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1466183- https://crbug.com/1465326- https://crbug.com/1462951- https://www.debian.org/security/2023/dsa-5467CVE-2023-4071 - Chromium: CVE-2023-4071 Heap buffer overflow in VisualsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4071ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4071NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1458819- https://www.debian.org/security/2023/dsa-5467CVE-2023-4072 - Chromium: CVE-2023-4072 Out of bounds read and write in WebGLProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4072ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4072NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1464038- https://www.debian.org/security/2023/dsa-5467CVE-2023-4073 - Chromium: CVE-2023-4073 Out of bounds memory access in ANGLEProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4073ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4073NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1456243- https://www.debian.org/security/2023/dsa-5467CVE-2023-4074 - Chromium: CVE-2023-4074 Use after free in Blink Task SchedulingProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4074ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4074NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1464113- https://www.debian.org/security/2023/dsa-5467CVE-2023-4075 - Chromium: CVE-2023-4075 Use after free in CastProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4075ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4075NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1457757- https://www.debian.org/security/2023/dsa-5467CVE-2023-4076 - Chromium: CVE-2023-4076 Use after free in WebRTCProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4076ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4076NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1459124- https://www.debian.org/security/2023/dsa-5467CVE-2023-4077 - Chromium: CVE-2023-4077 Insufficient data validation in ExtensionsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4077ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-4077NVD References: - https://chromereleases.googleblog.com/2023/08/stable-channel-update-for-desktop.html- https://crbug.com/1451146- https://www.debian.org/security/2023/dsa-5467CVE-2023-4078 - Chromium: CVE-2023-4078 Inappropriate implementation in ExtensionsProduct: Google ChromeCVSS Score: 0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4078ISC Diary: https://isc.sans.edu/diary/30106MSFT Details: https://msrc.microsoft.com/update-guide…

cve-2023-2140712-en-US-409778.pdf">https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdfCVE-2023-21409 - Due to insufficient file permissions, unprivileged users could gain access to unencrypted administratorcredentials allowing the configuration of the application.Product: Axis License Plate VerifierCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21409NVD References: https://www.axis.com/dam/public/0b/1c/96/cve-2023-2140712-en-US-409778.pdfCVE-2023-4008 - GitLab CE/EE before versions 16.0.8, 16.1.3, and 16.2.2 allows the takeover of GitLab Pages using known random string for unique domain URLs.Product: Gitlab CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4008NVD References: https://gitlab.com/gitlab-org/gitlab/-/issues/415942CVE-2023-4120 - Beijing Baichuo Smart S85F Management Platform up to 20230722 is vulnerable to remote command injection via manipulation of the sql argument in importhtml.php, potentially leading to unauthorized access and attack exploitation.Product: Byzoro Smart S85FCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4120NVD References: - https://github.com/RCEraser/cve/blob/main/rce.md- https://vuldb.com/?ctiid.235967- https://vuldb.com/?id.235967CVE-2023-4121 - Beijing Baichuo Smart S85F Management Platform up to 20230722 allows remote attackers to execute unrestricted file uploads, classified as critical (VDB-235968).Product: Byzoro Smart S85FCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-4121NVD References: - https://github.com/torres14852/cve/blob/main/upload.md- https://vuldb.com/?ctiid.235968- https://vuldb.com/?id.235968CVE-2023-36213 - MotoCMS v.3.4.3 is vulnerable to SQL injection, allowing remote attackers to gain privileges through the search function's keyword parameter.Product: MotoCMS CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36213NVD References: - https://packetstormsecurity.com/files/172698/MotoCMS-3.4.3-SQL-Injection.html- https://www.exploit-db.com/exploits/51504CVE-2023-36217 - Xoops CMS v.2.5.10 is vulnerable to Cross Site Scripting, allowing remote attackers to execute arbitrary code via the category name field of the image manager function.Product: Xoops CVSS Score: 9.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36217NVD References: - https://github.com/XOOPS/XoopsCore25/releases/tag/v2.5.10- https://www.exploit-db.com/exploits/51520CVE-2023-33666 - ai-dev aioptimizedcombinations before v0.1.3 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.Product: Ai-Dev AioptimizedcombinationsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33666NVD References: - https://security.friendsofpresta.org/modules/2023/08/03/aioptimizedcombinations.html- https://www.boutique.ai-dev.fr/en/ergonomie/59-optimized-combinations.htmlCVE-2023-20214 - Cisco SD-WAN vManage software is vulnerable to an unauthenticated remote attacker gaining read or limited write permissions to the configuration through a crafted API request.Product: Cisco SD-WAN vManageCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-20214NVD References: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-vmanage-unauthapi-sphCLYPACVE-2023-38951 - A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files via using a malicious SFTP configuration.Product: ZKTeco BiotimeCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38951NVD References: - http://zkteco.com- https://claroty.com/team82/disclosure-dashboard/cve-2023-38951CVE-2023-33665 - ai-dev aitable before v0.2.2 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.Product: Ai-Dev Ai-TableCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33665NVD References: - https://security.friendsofpresta.org/modules/2023/08/01/aitable.html- https://www.boutique.ai-dev.fr/en/ergonomie/56-table-attributes.htmlCVE-2023-36131 - PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter.Product: PHPJabbers Availability Booking CalendarCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36131NVD References: - https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4- https://www.phpjabbers.com/availability-booking-calendar/CVE-2023-36132 - PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control.Product: PHPJabbers Availability Booking CalendarCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36132NVD References: - https://medium.com/@bcksec/multiple-vulnerabilities-in-php-jabbers-scripts-25af4afcadd4- https://www.phpjabbers.com/availability-booking-calendar/CVE-2023-36133 - PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change.Product: PHPJabbers Availability B…

CVE-2023-36480-Aerospike-Java-Client-vulnerable-to-unsafe-deserialization-of-server-responses">https://support.aerospike.com/s/article/CVE-2023-36480-Aerospike-Java-Client-vulnerable-to-unsafe-deserialization-of-server-responses

Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33372NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33372- https://www.connectedio.com/products/routersCVE-2023-33373 - Connected IO v2.1.0 and prior stores passwords and credentials in clear-text format, enabling attackers to steal them and impersonate devices.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33373NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33373- https://www.connectedio.com/products/routersCVE-2023-33374 - Connected IO v2.1.0 and prior allows arbitrary remote command execution through its communication protocol.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33374NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33374- https://www.connectedio.com/products/routersCVE-2023-33375 - Connected IO v2.1.0 and prior: Stack-based buffer overflow vulnerability allows device takeover by attackers.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33375NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33375- https://www.connectedio.com/products/routersCVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: P…

Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33373NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33373- https://www.connectedio.com/products/routersCVE-2023-33374 - Connected IO v2.1.0 and prior allows arbitrary remote command execution through its communication protocol.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33374NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33374- https://www.connectedio.com/products/routersCVE-2023-33375 - Connected IO v2.1.0 and prior: Stack-based buffer overflow vulnerability allows device takeover by attackers.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33375NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33375- https://www.connectedio.com/products/routersCVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, wi…

Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33374NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33374- https://www.connectedio.com/products/routersCVE-2023-33375 - Connected IO v2.1.0 and prior: Stack-based buffer overflow vulnerability allows device takeover by attackers.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33375NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33375- https://www.connectedio.com/products/routersCVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56…

Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33375NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33375- https://www.connectedio.com/products/routersCVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pcCVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.Product: SAP PowerDesignerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37483NVD References: - https://me.sap.com/notes/3341460- https://www.sap.…

Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33376NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33376- https://www.connectedio.com/products/routersCVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pcCVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.Product: SAP PowerDesignerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37483NVD References: - https://me.sap.com/notes/3341460- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlCVE-2023-3526 - PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT versions prior to 2.07.2 and CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 are vulnerable to unauthenticated remote code execution via reflective XSS in the license viewer page.Product: PHOENIX CONTACT TC ROUTER and TC CLOUD CLIENTCVSS Sco…

Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33377NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33377- https://www.connectedio.com/products/routersCVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pcCVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.Product: SAP PowerDesignerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37483NVD References: - https://me.sap.com/notes/3341460- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlCVE-2023-3526 - PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT versions prior to 2.07.2 and CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 are vulnerable to unauthenticated remote code execution via reflective XSS in the license viewer page.Product: PHOENIX CONTACT TC ROUTER and TC CLOUD CLIENTCVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3526NVD References: https://cert.vde.com/en/advisories/VDE-2023-017CVE-2023-3570 - PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 allow remote attackers with low privileges to gain full access via a specific HTTP DELETE request.Product: PHOENIX CONTACT WP 6xxx series web panelsCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detai…

Product: Connected IOCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33378NVD References: - https://claroty.com/team82/disclosure-dashboard/cve-2023-33378- https://www.connectedio.com/products/routersCVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.Product: CloudExplorer Lite CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38692NVD References: - https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/blob/v1.3.0/framework/management-center/backend/src/main/java/com/fit2cloud/controller/ModuleManageController.java- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/releases/tag/v1.3.1- https://github.com/CloudExplorer-Dev/CloudExplorer-Lite/security/advisories/GHSA-7wrc-f42m-9v5wCVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.Product: MindsDB AI Virtual DatabaseCVSS Score: 9.1NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38699NVD References: - https://github.com/mindsdb/mindsdb/commit/083afcf6567cf51aa7d89ea892fd97689919053b- https://github.com/mindsdb/mindsdb/releases/tag/v23.7.4.0- https://github.com/mindsdb/mindsdb/security/advisories/GHSA-8hx6-qv6f-xgcwCVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.Product: KnowageCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-38702NVD References: https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7mjh-73q3-c3fcCVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.Product: Online Security Guards Hiring System Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39551NVD References: https://github.com/Trinity-SYT-SECURITY/XSS_vuln_issue/blob/main/Online%20Security%20Guards%20Hiring%20System%201.0.mdCVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.Product: social-media-skeleton CVSS Score: 10.0NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39344NVD References: - https://github.com/fobybus/social-media-skeleton/commit/3cabdd35c3d874608883c9eaf9bf69b2014d25c1- https://github.com/fobybus/social-media-skeleton/security/advisories/GHSA-857x-p6fq-mgfhCVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentialsProduct: Pega PlatformCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32090NVD References: https://support.pega.com/support-doc/pega-security-advisory-%E2%80%93-c23-vulnerability-default-operatorsCVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.Product: PrestaShop e-commerce web applicationCVSS Score: 9.1 AtRiskScore 30NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39526NVD References: - https://github.com/PrestaShop/PrestaShop/commit/817847e2347844a9b6add017581f1932bcd28c09- https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-gf46-prm4-56pcCVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.Product: SAP PowerDesignerCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-37483NVD References: - https://me.sap.com/notes/3341460- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlCVE-2023-3526 - PHOENIX CONTACTs TC ROUTER and TC CLOUD CLIENT versions prior to 2.07.2 and CLOUD CLIENT 1101T-TX/TX prior to 2.06.10 are vulnerable to unauthenticated remote code execution via reflective XSS in the license viewer page.Product: PHOENIX CONTACT TC ROUTER and TC CLOUD CLIENTCVSS Score: 9.6NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3526NVD References: https://cert.vde.com/en/advisories/VDE-2023-017CVE-2023-3570 - PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 allow remote attackers with low privileges to gain full access via a specific HTTP DELETE request.Product: PHOENIX CONTACT WP 6xxx series web panelsCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3570NVD References: https://cert.vde.com/en/advisories/VDE-2023-018/CVE-2023-3571 - PHOENIX CONTACTs WP 6xxx series web panels prior to 4.0.10 allow remote attackers to gain full device access by exploiting a specific HTTP POST related to certificate operations.Product: PHOENIX CONTACT WP 6xxx series web panelsCVSS Score: 9.9NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-357…

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Dragos

Zscaler

CardinalOps

Vectra®

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

The Consensus Security Vulnerability Alert

Share

Internet Storm Center Spotlight

Internet Storm Center Entries

Recent CVEs

CVE-2023-38180 - .NET and Visual Studio Denial of Service Vulnerability

CVE-2023-35385, CVE-2023-36910, CVE-2023-36911 - Microsoft Message Queuing Remote Code Execution Vulnerabilities

CVE-2023-35081 - Ivanti EPMM versions (11.10.x &lt; 11.10.0.3, 11.9.x &lt; 11.9.1.2 and 11.8.x &lt; 11.8.1.2) allows authenticated administrator to write arbitrary files through path traversal vulnerability.

CVE-2023-35081 - Arbitrary-File-Write?language=en_US

CVE-2023-39143 - PaperCut NG and PaperCut MF before 22.1.3 allow path traversal leading to unauthorized file access and manipulation.

CVE-2023-21709 - Microsoft Exchange Server Elevation of Privilege Vulnerability

CVE-2023-34960 - Chamilo v1.11.* up to v1.11.18 enables command injections via a SOAP API call to wsConvertPpt with a manipulated PowerPoint name.

CVE-2023-37478 - Pnpm package manager is susceptible to a malicious tarball vulnerability that allows compromised or malicious versions to be installed when using pnpm, despite appearing safe on npm registry.

CVE-2022-39986 - RaspAP versions 2.8.0 through 2.8.7, an unauthenticated command injection vulnerability allows attackers to execute arbitrary commands via the cfg_id parameter in certain PHP files.

CVE-2023-31710 - TP-Link Archer AX21(US)_V3_1.1.4 Build 20230219 and AX21(US)_V3.6_1.1.4 Build 20230219 are vulnerable to Buffer Overflow.

CVE-2023-34634 - Greenshot 1.2.10 and below allows arbitrary code execution because .NET content is insecurely deserialized when a .greenshot file is opened.

CVE-2023-4056 - Firefox, Firefox ESR, and Thunderbird versions prior to 116, 102.14, and 115.1 respectively suffer from memory safety bugs that could potentially allow arbitrary code execution through memory corruption.

CVE-2023-4057 - Firefox, Firefox ESR, and Thunderbird versions 115.0 suffer from memory safety bugs that could potentially lead to arbitrary code execution, affecting Firefox versions below 116 and Firefox ESR versions below 115.1.

CVE-2023-4058 - Firefox versions prior to 116 contain memory safety bugs that could allow potential hackers to run arbitrary code by exploiting the memory corruption.

CVE-2023-33493 - PrestaShop through 2.3.0 allows remote attackers to upload dangerous files without restrictions.

CVE-2023-36210 - MotoCMS Version 3.4.3 Store Category Template was discovered to contain a Server-Side Template Injection (SSTI) vulnerability via the keyword parameter.

CVE-2023-33561 - Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords.

CVE-2023-33562 - PHP Jabbers Time Slots Booking Calendar v3.3 is susceptible to user enumeration, as an attacker can leverage password recovery to differentiate valid and invalid users, facilitating a potential brute force attack.

CVE-2023-26317 - Xiaomi routers are susceptible to command injection through an external interface, potentially resulting in remote code execution and complete compromise of the device.

CVE-2022-40609 - IBM SDK, Java Technology Edition versions 7.1.5.18 and 8.0.8.0 suffer from an unsafe deserialization flaw, allowing remote attackers to execute arbitrary code on the system.

CVE-2023-1437 - Advantech WebAccess/SCADA versions prior to 9.1.4 allows untrusted pointers, enabling remote access to files, execution of commands, and file overwrite.

CVE-2023-1935 - The ROC800-Series RTU devices can be exploited by an attacker to bypass authentication and gain unauthorized access, potentially leading to data compromise, device control, and denial-of-service.

CVE-2023-33369 - Control ID IDSecure 4.7.26.0 and prior allows attackers to delete arbitrary files on IDSecure filesystem, causing a denial of service due to a path traversal vulnerability.

CVE-2023-33371 - IDSecure 4.7.26.0 and prior uses a hardcoded cryptographic key in order to sign and verify JWT session tokens, allowing attackers to bypass authentication.

CVE-2023-36082 - GatesAir Flexiva FM Transmitter/Exiter Fax 150W is vulnerable to remote privilege escalation through LDAP and SMTP credentials.

CVE-2023-4068, CVE-2023-4069, CVE-2023-4070 - Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.

CVE-2023-4071 - Chromium:

CVE-2023-4072 - Chromium:

CVE-2023-4073 - Chromium:

CVE-2023-4074 - Chromium:

CVE-2023-4075 - Chromium:

CVE-2023-4076 - Chromium:

CVE-2023-4077 - Chromium:

CVE-2023-4078 - Chromium:

CVE-2023-38954 - ZKTeco BioAccess IVS v3.3.1 was discovered to contain a SQL injection vulnerability.

CVE-2023-37364 - WS-Inc J WBEM Server 4.7.4 before 4.7.5 allows context-dependent attackers to read arbitrary files or cause a denial of service via the CIM-XML protocol adapter's entity resolution feature.

CVE-2023-37679 - NextGen Mirth Connect v4.3.0 is vulnerable to remote command execution, enabling attackers to execute arbitrary commands on the hosting server.

CVE-2023-3346 - MITSUBSHI CNC Series is vulnerable to a remote unauthenticated attacker causing a Denial of Service (DoS) condition and executing arbitrary code by sending specially crafted packets, requiring a system reset for recovery.

CVE-2023-21408 - The vulnerable product allows unprivileged users to gain access to unencrypted user credentials used in the integration interface towards 3rd party systems due to insufficient file permissions.

cve-2023-2140712 - en-US-409778.pdf

cve-2023-2140712 - en-US-409778.pdf

CVE-2023-4008 - GitLab CE/EE before versions 16.0.8, 16.1.3, and 16.2.2 allows the takeover of GitLab Pages using known random string for unique domain URLs.

CVE-2023-4120 - Beijing Baichuo Smart S85F Management Platform up to 20230722 is vulnerable to remote command injection via manipulation of the sql argument in importhtml.php, potentially leading to unauthorized access and attack exploitation.

CVE-2023-4121 - Beijing Baichuo Smart S85F Management Platform up to 20230722 allows remote attackers to execute unrestricted file uploads, classified as critical (VDB-235968).

CVE-2023-36213 - MotoCMS v.3.4.3 is vulnerable to SQL injection, allowing remote attackers to gain privileges through the search function's keyword parameter.

CVE-2023-36217 - Xoops CMS v.2.5.10 is vulnerable to Cross Site Scripting, allowing remote attackers to execute arbitrary code via the category name field of the image manager function.

CVE-2023-33666 - ai-dev aioptimizedcombinations before v0.1.3 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.

CVE-2023-20214 - Cisco SD-WAN vManage software is vulnerable to an unauthenticated remote attacker gaining read or limited write permissions to the configuration through a crafted API request.

CVE-2023-38951 - A path traversal vulnerability in ZKTeco BioTime v8.5.5 allows attackers to write arbitrary files via using a malicious SFTP configuration.

CVE-2023-33665 - ai-dev aitable before v0.2.2 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.

CVE-2023-36131 - PHPJabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control due to improper input validation of password parameter.

CVE-2023-36132 - PHP Jabbers Availability Booking Calendar 5.0 is vulnerable to Incorrect Access Control.

CVE-2023-36133 - PHPJabbers Availability Booking Calendar 5.0 is vulnerable to User Account Takeover through username/password change.

CVE-2023-36134 - PHP Jabbers Class Scheduling System 1.0 allows remote attackers to take over accounts due to insufficient verification when changing email addresses and/or passwords on the Profile Page.

CVE-2023-36139 - PHPJabbers Cleaning Business Software 1.0 allows remote attackers to take over accounts by lacking verification when changing an email address and/or password on the Profile Page.

CVE-2023-36480 - The Aerospike Java client allows remote attackers to execute arbitrary code and take control of the machine by tricking the client into communicating with a malicious server.

CVE-2023-36480 - Aerospike-Java-Client-vulnerable-to-unsafe-deserialization-of-server-responses

CVE-2023-37470 - Metabase is vulnerable to remote code execution due to the exposure of the embedded in-memory database H2, allowing users to inject and execute executable code through connection strings.

CVE-2023-38686 - Sydent identity server for the Matrix communications protocol (prior to version 2.5.6) is vulnerable to interception of emails via MITM attack due to failure in verifying SMTP server certificates.

CVE-2023-33372 - Connected IO v2.1.0 and prior uses a hard-coded username/password pair embedded in their device's firmware used for device communication using MQTT, allowing attackers to impersonate devices and bypass authentication.

CVE-2023-33373 - Connected IO v2.1.0 and prior stores passwords and credentials in clear-text format, enabling attackers to steal them and impersonate devices.

CVE-2023-33374 - Connected IO v2.1.0 and prior allows arbitrary remote command execution through its communication protocol.

CVE-2023-33375 - Connected IO v2.1.0 and prior: Stack-based buffer overflow vulnerability allows device takeover by attackers.

CVE-2023-33376 - Connected IO v2.1.0 and prior: Argument injection vulnerability in iptables command allows for execution of arbitrary OS commands.

CVE-2023-33377 - Connected IO v2.1.0 and prior allows arbitrary OS command execution through an OS command injection vulnerability in its communication protocol during the set firewall command.

CVE-2023-33378 - Connected IO v2.1.0 and prior allows attackers to execute arbitrary OS commands on devices via an argument injection vulnerability in its AT command message.

CVE-2023-38692 - CloudExplorer Lite versions prior to 1.3.1 allow command injection via the installation function, fixed in v1.3.1 with no known workarounds other than upgrading.

CVE-2023-38699 - MindsDB's AI Virtual Database prior to version 23.7.4.0 allows disabling SSL certificate checks through a call to requests with `verify=False`, potentially exposing data to security risks.

CVE-2023-38702 - Knowage is an open source analytics and business intelligence suite with an authenticated file upload vulnerability that allows an attacker to achieve code execution on the server.

CVE-2023-39551 - PHPGurukul Online Security Guards Hiring System v.1.0 is vulnerable to SQL Injection via osghs/admin/search.php.

CVE-2023-39344 - social-media-skeleton is vulnerable to a SQL injection allowing UNION based injections, indirectly leading to remote code execution, fixed in commit 3cabdd35c3d874608883c9eaf9bf69b2014d25c1.

CVE-2023-32090 - Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials

CVE-2023-39526 - PrestaShop, versions prior to 1.7.8.10, 8.0.5, and 8.1.1, allows remote code execution and arbitrary file write through SQL injection in the back office, with no known workarounds.

CVE-2023-37483 - SAP PowerDesigner version 16.7 allows unauthenticated attackers to run arbitrary queries against the back-end database via Proxy due to improper access control.

CVE-2023-35081 - Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows authenticated administrator to write arbitrary files through path traversal vulnerability.

CVE-2023-37372 - RUGGEDCOM CROSSBOW (All versions < V5.4) is susceptible to SQL injection, permitting unauthenticated remote attackers to execute arbitrary SQL queries on the server database.