Internet Storm Center Spotlight


INTERNET STORM CENTER SPOTLIGHT

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

Microsoft Patch Tuesday December 2023

Published: 2023-12-12

Last Updated: 2023-12-12 18:25:35 UTC

by Johannes Ullrich (Version: 1)

Microsoft had a rather light patch Tuesday for us today. Today's set includes 4 critical, 30 important, and one moderate vulnerability. In addition, Microsoft included five Chromium patches that are part of Edge. Only one vulnerability was made public before today. No exploited vulnerabilities are patched today.

This will hopefully make for a not-too-stressful holiday patch month.

Read the full entry:

https://isc.sans.edu/diary/Microsoft+Patch+Tuesday+December+2023/30480/

Apple Patches Everything

Published: 2023-12-11

Last Updated: 2023-12-11 19:14:53 UTC

by Johannes Ullrich (Version: 1)

Apple today released updates for iOS, macOS, tvOS and watchOS. This updates 43 vulnerabilities. Two of the vulnerabilities are already being exploited. Last week, these two vulnerabilities received patches for current versions of iOS and macOS. This new update covers older iOS and macOS versions as well.

Read the full entry:

https://isc.sans.edu/diary/Apple+Patches+Everything/30474/

IPv4-mapped IPv6 Address Used For Obfuscation

Published: 2023-12-09

Last Updated: 2023-12-12 15:17:28 UTC

by Didier Stevens (Version: 1)

A reader submitted an unusual URL...

Notice the format of the hostname: ::ffff:a.b.c.d

I had to look this up: this is a IPv4-mapped IPv6 address. It is a format to describe an IPv4 address using a IPv6 address format.

Read the full entry:

https://isc.sans.edu/diary/IPv4mapped+IPv6+Address+Used+For+Obfuscation/30466/

Internet Storm Center Entries


Malicious Python Script with a TCL/TK GUI (2023.12.13)

https://isc.sans.edu/diary/Malicious+Python+Script+with+a+TCLTK+GUI/30478/

What is sitemap.xml, and Why a Pentester Should Care (2023.12.11)

https://isc.sans.edu/diary/What+is+sitemapxml+and+Why+a+Pentester+Should+Care/30472/

Honeypots: From the Skeptical Beginner to the Tactical Enthusiast (2023.12.10)

https://isc.sans.edu/diary/Honeypots+From+the+Skeptical+Beginner+to+the+Tactical+Enthusiast/30468/

5Ghoul: Impacts, Implications and Next Steps (2023.12.07)

https://isc.sans.edu/diary/5Ghoul+Impacts+Implications+and+Next+Steps/30462/

Revealing the Hidden Risks of QR Codes [Guest Diary] (2023.12.06)

https://isc.sans.edu/diary/Revealing+the+Hidden+Risks+of+QR+Codes+Guest+Diary/30458/

Recent CVEs


The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.

CVE-2023-50164 - Apache Struts is vulnerable to file upload parameter manipulation leading to Remote Code Execution, and users should upgrade to Struts 2.5.33 or Struts 6.3.0.2 or newer versions for a fix.

Product: Apache Struts

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50164

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8770

NVD References: https://lists.apache.org/thread/yh09b3fkf6vz5d6jdgrlvmg60lfwtqhj

NVD References: https://www.openwall.com/lists/oss-security/2023/12/07/1




CVE-2023-35618 - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Product: Microsoft Edge Chromium

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35618

ISC Diary: https://isc.sans.edu/diary/30480

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8772

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35618




CVE-2023-6448 - Unitronics Vision Series PLCs and HMIs have default administrative passwords, allowing an unauthenticated attacker to gain administrative control over the system.

Product: Unitronics Vision1210

CVSS Score: 9.8

** KEV since 2023-12-11 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6448

NVD References: https://www.cisa.gov/news-events/alerts/2023/11/28/exploitation-unitronics-plcs-used-water-and-wastewater-systems




CVE-2023-45866 - BlueZ Bluetooth HID Hosts allow unauthenticated HID Devices to establish encrypted connections and inject HID messages without user authorization.

Product: BlueZ Bluetooth HID

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-45866

ISC Diary: https://isc.sans.edu/diary/30474

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8772

NVD References: 

- http://changelogs.ubuntu.com/changelogs/pool/main/b/bluez/bluez_5.64-0ubuntu1/changelog





CVE-2023-36019 - Microsoft Power Platform Connector Spoofing Vulnerability

Product: Microsoft Power Platform Connector

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36019

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36019




CVE-2023-33063 - Memory corruption in DSP Services during a remote call from HLOS to DSP.

Product: Qualcomm 315 5G IoT Modem

CVSS Score: 7.8

** KEV since 2023-12-05 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33063

NVD References: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin




CVE-2023-33106 - Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND.

Product: Qualcomm AR8035

CVSS Score: 7.8

** KEV since 2023-12-05 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33106

NVD References: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin




CVE-2023-33107 - Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

Product: Qualcomm 315 5G IoT Modem

CVSS Score: 7.8

** KEV since 2023-12-05 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33107

NVD References: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin




CVE-2023-6248 - The Syrus4 IoT gateway allows remote unauthenticated attackers to execute arbitrary code on any connected device and access sensitive data, including location, video, and diagnostic information, through an unsecured MQTT server.

Product: Syrus4 IoT gateway 

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6248

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8772




CVE-2023-49291 - The `tj-actions/branch-names` Github Action improperly references context variables, allowing for arbitrary code execution and potential theft of secrets.

Product: Tj-Actions Branch-Names

CVSS Score: 9.8 

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49291

NVD References: https://securitylab.github.com/research/github-actions-untrusted-input




CVE-2023-48315, CVE-2023-48316, CVE-2023-48692 - Azure RTOS NetX Duo is vulnerable to remote code execution due to memory overflow vulnerabilities

Product: Microsoft Azure RTOS NetX Duo

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48315

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48316

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48692

NVD References: https://github.com/azure-rtos/netxduo/security/advisories/GHSA-rj6h-jjg2-7gf3

NVD References: https://github.com/azure-rtos/netxduo/security/advisories/GHSA-3cmf-r288-xhwq

NVD References: https://github.com/azure-rtos/netxduo/security/advisories/GHSA-m2rx-243p-9w64



CVE-2023-48691 - Azure RTOS NetX Duo is vulnerable to an out-of-bounds write leading to remote code execution in versions 6.2.1 and below, with no known workarounds available; users should upgrade to NetX Duo release 6.3.0.

Product: Microsoft Azure RTOS NetX Duo

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48691

NVD References: https://github.com/azure-rtos/netxduo/security/advisories/GHSA-fwmg-rj6g-w99p




CVE-2023-48693 - Azure RTOS ThreadX allows arbitrary read and write access and potential privilege escalation due to a vulnerability in its parameter checking mechanism, affecting versions 6.2.1 and below, with no known workarounds.

Product: Microsoft Azure RTOS ThreadX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48693

NVD References: https://github.com/azure-rtos/threadx/security/advisories/GHSA-p7w6-62rq-vrf9




CVE-2023-48694 - Azure RTOS USBX is vulnerable to remote code execution due to expired pointer dereference and type confusion vulnerabilities in versions 6.2.1 and below, and users are advised to upgrade to USBX release 6.3.0 to address the issue.

Product: Microsoft Azure RTOS USBX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48694

NVD References: https://github.com/azure-rtos/usbx/security/advisories/GHSA-qjw8-7w86-44qj




CVE-2023-48695 - Azure RTOS USBX is vulnerable to remote code execution due to out of bounds write vulnerabilities in functions/processes related to CDC ECM and RNDIS in RTOS v6.2.1 and below.

Product: Microsoft Azure RTOS USBX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48695

NVD References: https://github.com/azure-rtos/usbx/security/advisories/GHSA-mwj9-rpph-v8wc




CVE-2023-48696 - Azure RTOS USBX is vulnerable to remote code execution due to expired pointer dereference vulnerabilities in the host class, related to CDC ACM in RTOS v6.2.1 and below, with no known workarounds.

Product: Microsoft Azure RTOS USBX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48696

NVD References: https://github.com/azure-rtos/usbx/security/advisories/GHSA-h733-98hq-f884




CVE-2023-48697 - Azure RTOS USBX is vulnerable to remote code execution due to memory buffer and pointer vulnerabilities in various components, and the issue has been fixed in USBX release 6.3.0, requiring users to upgrade.

Product: Microsoft Azure RTOS USBX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48697

NVD References: https://github.com/azure-rtos/usbx/security/advisories/GHSA-p2p9-wp2q-wjv4




CVE-2023-48698 - Azure RTOS USBX is vulnerable to remote code execution due to expired pointer dereference vulnerabilities.

Product: Microsoft Azure RTOS USBX

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48698

NVD References: https://github.com/azure-rtos/usbx/security/advisories/GHSA-grhp-f66q-x857




CVE-2023-33054 - Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data.

Product: Qualcomm 315 5G IoT Modem

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33054

NVD References: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin




CVE-2023-33082 - Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE.

Product: Qualcomm Ar8035

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33082

NVD References: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin




CVE-2023-33083 - Memory corruption in WLAN Host while processing RRM beacon on the AP.

Product: Qualcomm Ar8035

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33083

NVD References: https://www.qualcomm.com/company/product-security/bulletins/december-2023-bulletin




CVE-2023-42580 - Galaxy Store prior to version 4.5.64.4 allows attackers to execute JavaScript API to install APK from Galaxy Store through Improper URL validation from MCSLaunch deeplink.

Product: Samsung Galaxy Store

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-42580

NVD References: https://security.samsungmobile.com/serviceWeb.smsb?year=2023&month=12




CVE-2023-49070 - Apache OFBiz 18.12.09 is vulnerable to pre-auth remote code execution due to a still present and unpatched XML-RPC component, impacting versions before 18.12.10.

Product: Apache OFBiz

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49070

NVD References: https://issues.apache.org/jira/browse/OFBIZ-12812




CVE-2023-6269 - Atos Unify OpenScape products "Session Border Controller" (SBC) and "Branch", before version V10 R3.4.0, and OpenScape "BCF" before versions V10R10.12.00 and V10R11.05.02 are vulnerable to argument injection, allowing unauthenticated attackers to gain root access and bypass authentication for administrative access.

Product: Atos Unify OpenScape BCF

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6269

NVD References: 

- http://seclists.org/fulldisclosure/2023/Dec/16

- https://networks.unify.com/security/advisories/OBSO-2310-01.pdf

- https://r.sec-consult.com/unifyroot




CVE-2023-48930 - xinhu xinhuoa 2.2.1 contains a File upload vulnerability.

Product: Rockoa Xinhu

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48930

NVD References: 

- https://gist.github.com/Maverickfir/b8113bdb51ec66e454ffa5b50674c446

- https://github.com/Maverickfir/Vulnerability-recurrence/blob/main/xinhuOA.md

- https://github.com/Maverickfir/xinhuOA2.2.1




CVE-2023-6508, CVE-2023-6509, CVE-2023-6510 - Chromium Use after free vulnerabilities

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6508

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6509

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6510

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-6508

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-6509

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-6510




CVE-2023-6511 - Chromium: CVE-2023-6511 Inappropriate implementation in Autofill

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6511

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-6511




CVE-2023-6512 - Chromium: CVE-2023-6512 Inappropriate implementation in Web Browser UI

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6512

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-6512




CVE-2023-41268 - The Samsung Open Source Escargot allows stack overflow and segmentation fault due to an improper input validation vulnerability in versions 3.0.0 through 4.0.0.

Product: Samsung Escargot

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-41268

NVD References: https://github.com/Samsung/escargot/pull/1260




CVE-2023-22524 - Atlassian Companion App for MacOS is vulnerable to remote code execution through WebSockets, bypassing blocklist and MacOS Gatekeeper.

Product: Atlassian Companion

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-22524

NVD References: 

- https://confluence.atlassian.com/security/cve-2023-22524-rce-vulnerability-in-atlassian-companion-app-for-macos-1319249492.html

- https://jira.atlassian.com/browse/CONFSERVER-93518




CVE-2023-48849 - Ruijie EG Series Routers version EG_3.0(1)B11P216 and before allows unauthenticated attackers to remotely execute arbitrary code due to incorrect filtering.

Product: Ruijie RG-EG1000C

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48849

NVD References: https://github.com/delsploit/CVE-2023-48849




CVE-2023-46773 - Permission management vulnerability in the PMS module. Successful exploitation of this vulnerability may cause privilege escalation.

Product: Huawei Emui

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-46773

NVD References: 

- https://consumer.huawei.com/en/support/bulletin/2023/12/

- https://device.harmonyos.com/en/docs/security/update/security-bulletins-202312-0000001758430245




CVE-2023-6458 - Mattermost webapp fails to validate route parameters in/<TEAM_NAME>/channels/<CHANNEL_NAME> allowing an attacker to perform a client-side path traversal.

Product:  Mattermost Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6458

NVD References: https://mattermost.com/security-updates




CVE-2023-36655 - ProLion CryptoSpike 3.0.15P2 allows a remote blocked user to login and obtain an authentication token by exploiting case sensitivity in the username.

Product: ProLion CryptoSpike

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36655

NVD References: 

- https://prolion.com/cryptospike/

- https://www.cvcn.gov.it/cvcn/cve/CVE-2023-36655




CVE-2023-46353 - Ticons before 1.8.4 from MyPresta.eu for PrestaShop allows guest users to perform SQL injection via sensitive SQL calls in the TiconProduct::getTiconByProductAndTicon() method, easily exploitable with a trivial http call.

Product: Mypresta Product Tag Icons Pro

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-46353

NVD References: https://security.friendsofpresta.org/modules/2023/11/28/ticons.html




CVE-2023-41913 - strongSwan before 5.9.12 is vulnerable to buffer overflow and potential remote code execution through a crafted IKE_SA_INIT message, due to a DH public value exceeding the internal buffer in charon-tkm's DH proxy.

Product: StrongSwan 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-41913

NVD References: 

- https://github.com/strongswan/strongswan/releases

- https://www.strongswan.org/blog/2023/11/20/strongswan-vulnerability-%28cve-2023-41913%29.html




CVE-2023-48823 - GaatiTrack Courier Management System 1.0 allows unauthenticated attackers to exploit an Blind SQL injection vulnerability via the email parameter during login.

Product: Mayurik Courier Management System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48823

NVD References: http://packetstormsecurity.com/files/176030




CVE-2023-48860 - TOTOLINK N300RT version 3.2.4-B20180730.0906 allows post-authentication remote code execution (RCE) due to incorrect access control, enabling bypass of front-end security and execution of arbitrary code.

Product: Totolink N300RT

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48860

NVD References: https://github.com/xieqiang11/security_research/blob/main/TOTOLINK-N300RT-RCE.md




CVE-2023-35039 - Be Devious Web Development Password Reset with Code for WordPress REST API allows authentication abuse due to improper restriction of excessive authentication attempts.

Product: Be Devious Password Reset With Code For Wordpress Rest API

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35039

NVD References: https://patchstack.com/database/vulnerability/bdvs-password-reset/wordpress-password-reset-with-code-for-wordpress-rest-api-plugin-0-0-15-privilege-escalation-due-to-weak-pin-generation-vulnerability?_s_id=cve




CVE-2023-39172 - The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated attacker to capture and modify network traffic.

Product: EnBW SENEC Storage Box

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39172

NVD References: https://seclists.org/fulldisclosure/2023/Nov/4




CVE-2023-39169 - The affected devices use publicly available default credentials with administrative privileges.

Product: EnBW SENEC Storage Box

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39169

NVD References: https://seclists.org/fulldisclosure/2023/Nov/3




CVE-2023-49424 through CVE-2023-49426, CVE-2023-49428, CVE-2023-49437 - Tenda AX12 V22.03.01.46 was discovered to contain multiple stack overflow and command injection vulnerabilities

Product: Tenda AX12

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49424

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49425

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49426

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49428

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49437

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX12/SetVirtualServerCfg.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX12/setMacFilterCfg.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX12/SetStaticRouteCfg.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX12/SetOnlineDevName.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX12/SetNetControlList-3.md




CVE-2023-49429 through CVE-2023-49436 - Tenda AX9 V22.03.01.46 is susceptible to multiple SQL command injection and stack overflow vulnerabilities

Product: Tenda AX9

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49429

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49430

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49431

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49432

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49433

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49434

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49435

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49436

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX9/setDeviceInfo.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetStaticRouteCfg.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetOnlineDevName.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX9/setMacFilterCfg.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetVirtualServerCfg.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetNetControlList.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetNetControlList-3.md

NVD References: https://github.com/ef4tless/vuln/blob/master/iot/AX9/SetNetControlList-2.md




CVE-2023-49402, CVE-2023-49403, CVE-2023-49410, CVE-2023-49999 through CVE-2023-50002 - Tenda W30E V16.01.0.12(4843) was discovered to contain multiple stack overflow and command injection vulnerabilities

Product: Tenda W30E

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49402

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49403

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49410

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49999

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50000

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50001

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50002

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_localMsg/w30e_localMsg.md

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setFixTools/w30e_setFixTools.md

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setIPv6Status/w30e_setIPv6Status.md

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setUmountUSBPartition/w30e_setUmountUSBPartition.md

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_resetMesh/w30e_resetMesh.md

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_upgradeMeshOnline/w30e_upgradeMeshOnline.md

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_rebootMesh/w30e_rebootMesh.md





CVE-2023-39909 - Ericsson Network Manager before 23.2 mishandles Access Control and thus unauthenticated low-privilege users can access the NCM application.

Product: Ericsson Network Manager

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-39909

NVD References: https://www.gruppotim.it/it/footer/red-team.html




CVE-2023-40300 - NETSCOUT nGeniusPULSE 3.8 has a Hardcoded Cryptographic Key.

Product: Netscout Ngeniuspulse

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-40300

NVD References: https://www.netscout.com/securityadvisories




CVE-2023-40301 - NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.

Product: NETSCOUT nGeniusPULSE

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-40301

NVD References: https://www.netscout.com/securityadvisories




CVE-2023-40302 - NETSCOUT nGeniusPULSE 3.8 has Weak File Permissions Vulnerability

Product: NETSCOUT nGeniusPULSE

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-40302

NVD References: https://www.netscout.com/securityadvisories




CVE-2023-49404 - Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.

Product: Tenda W30E

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49404

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_setAdvancedSetList/w30e_setAdvancedSetList.md




CVE-2023-49405 - Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function UploadCfg.

Product: Tenda W30E

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49405

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_UploadCfg/w30e_UploadCfg.md




CVE-2023-49406 - Tenda W30E V16.01.0.12(4843) was discovered to contain a Command Execution vulnerability via the function /goform/telnet.

Product: Tenda W30E

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49406

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_telnet/w30e_telnet.md




CVE-2023-49408 - Tenda AX3 V16.03.12.11 was discovered to contain a stack overflow via the function set_device_name.

Product: Tenda AX3

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49408

NVD References: https://github.com/GD008/TENDA/blob/main/AX3/tenda_AX3_setBlackRule/AX3-setBlackRule.md




CVE-2023-49409 - Tenda AX3 V16.03.12.11 was discovered to contain a Command Execution vulnerability via the function /goform/telnet.

Product: Tenda AX3

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49409

NVD References: https://github.com/GD008/TENDA/blob/main/AX3/tenda_AX3_telnet/AX3_telnet.md




CVE-2023-49411 - Tenda W30E V16.01.0.12(4843) contains a stack overflow vulnerability via the function formDeleteMeshNode.

Product: Tenda W30E

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49411

NVD References: https://github.com/GD008/TENDA/blob/main/w30e/tenda_w30e_deleteMesh/w30e_deleteMesh.md




CVE-2023-6579 - osCommerce 4 is affected by a critical vulnerability in the POST Parameter Handler component, allowing remote SQL injection via manipulation of the estimate[country_id] argument (VDB-247160).

Product: osCommerce

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6579

NVD References: 

- http://packetstormsecurity.com/files/176124/osCommerce-4-SQL-Injection.html

- https://vuldb.com/?ctiid.247160

- https://vuldb.com/?id.247160




CVE-2023-6581 - D-Link DAR-7000 up to 20231126 is vulnerable to critical SQL injection in the file /user/inc/workidajax.php (CVE-20231126, VDB-247162).

Product: D-Link DAR-7000

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6581

NVD References: 

- https://github.com/flyyue2001/cve/blob/main/D-LINK%20-DAR-7000_sql_workidajax.md

- https://vuldb.com/?ctiid.247162

- https://vuldb.com/?id.247162




CVE-2023-5008 - Student Information System v1.0 is vulnerable to unauthenticated SQL Injection on the 'regno' parameter, enabling an attacker to fetch database records and bypass login control.

Product: Imsurajghosh Student Information System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-5008

NVD References: 

- https://fluidattacks.com/advisories/blechacz/

- https://www.kashipara.com/




CVE-2023-48929 - Franklin Fueling Systems System Sentinel AnyWare (SSA) version 1.6.24.492 allows an attacker to escalate privileges and obtain sensitive information through the 'sid' parameter in the group_status.asp resource.

Product: Franklin-Electric System Sentinel Anyware

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-48929

NVD References: https://github.com/MatJosephs/CVEs/tree/main/CVE-2023-48929




CVE-2023-49007 - In Netgear Orbi RBR750 firmware before V7.2.6.21, there is a stack-based buffer overflow in /usr/sbin/httpd.

Product: Netgear RBR750

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49007

NVD References: https://github.com/5erua/netgear_orbi_overflow_vulnerability/blob/main/README.md




CVE-2023-49443 - DoraCMS v2.1.8 allows attackers to gain application access via a bruteforce attack due to reusing the same code for username and password verification.

Product: HTML-JS DoraCMS

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49443

NVD References: https://github.com/woshinibaba222/DoraCMS-Verification-Code-Reuse




CVE-2023-6612 - Totolink X5000R 9.1.0cu.2300_B20230112 is vulnerable to a critical os command injection in multiple functions of the file /cgi-bin/cstecgi.cgi, allowing exploitation and posing a potential risk as the vendor did not respond to the disclosure.

Product: Totolink X5000R

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6612

NVD References: 

- https://github.com/OraclePi/repo/tree/main/totolink%20X5000R

- https://vuldb.com/?ctiid.247247

- https://vuldb.com/?id.247247




CVE-2023-6617 - SourceCodester Simple Student Attendance System 1.0 is vulnerable to SQL injection through the manipulation of the class_id argument in the attendance.php file (CVE VDB-247254).

Product: Oretnom23 Simple Student Attendance System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6617

NVD References: 

- https://vuldb.com/?ctiid.247254

- https://vuldb.com/?id.247254

- https://www.yuque.com/u39339523/el4dxs/gcsvdc5oohx6v38c




CVE-2023-6619 - SourceCodester Simple Student Attendance System 1.0 is vulnerable to SQL injection via the id parameter in the /modals/class_form.php file, allowing for potential remote exploit.

Product: Oretnom23 Simple Student Attendance System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6619

NVD References: 

- https://github.com/daydust/vuln/blob/main/Simple_Student_Attendance_System/class_form.php_SQL-injection.md

- https://vuldb.com/?ctiid.247256

- https://vuldb.com/?id.247256




CVE-2023-46498 - EverShop NPM versions before v.1.0.0-rc.8 is vulnerable to sensitive information disclosure and arbitrary code execution via the /deleteCustomer/route.json file.

Product: EverShop NPM

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-46498

NVD References: 

- https://devhub.checkmarx.com/cve-details/Cx8b24ace3-0c9a/

- https://devhub.checkmarx.com/cve-details/cve-2023-46498/




CVE-2023-6394 - Quarkus allows unauthorized access to information and functionality outside of granted API permissions when receiving a request over websocket without role-based permission specified on the GraphQL operation.

Product: Quarkus 

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6394

NVD References: 

- https://access.redhat.com/security/cve/CVE-2023-6394

- https://bugzilla.redhat.com/show_bug.cgi?id=2252197




CVE-2023-46932 - GPAC version 2.3-DEV-rev617-g671976fcc-master experiences a heap buffer overflow vulnerability in the str2ulong class in src/media_tools/avilib.c, enabling attackers to execute arbitrary code and cause a denial of service (DoS) in gpac/MP4Box.

Product: GPAC 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-46932

NVD References: https://github.com/gpac/gpac/issues/2669




CVE-2023-47254 - DrayTek Vigor167 version 5.2.2 suffers from an OS Command Injection vulnerability, enabling remote attackers to execute system commands and elevate privileges through the web interface account.

Product: DrayTek Vigor167

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-47254

NVD References: 

- https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2023-023.txt

- https://www.syss.de/pentest-blog/command-injection-via-cli-des-draytek-vigor167-syss-2023-023




CVE-2023-6648 - PHPGurukul Nipah Virus Testing Management System 1.0 is susceptible to remote SQL injection via manipulation of the argument username in the password-recovery.php file.

Product: Phpgurukul Nipah Virus Testing Management System

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6648

NVD References: 

- https://github.com/dhabaleshwar/niv_testing_sqliforgotpassword/blob/main/exploit.md

- https://vuldb.com/?ctiid.247341

- https://vuldb.com/?id.247341




CVE-2023-6651 - Matrimonial Site 1.0 is vulnerable to remote SQL injection via username parameter in /auth/auth.php?user=1, allowing attackers to exploit the vulnerability disclosed publicly as VDB-247344.

Product: Carmelogarcia Matrimonial Site

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6651

NVD References: 

- https://github.com/850362564/BugHub/blob/main/Matrimonial%20Site%20System%20auth.php%20has%20Sqlinjection.pdf

- https://vuldb.com/?ctiid.247344

- https://vuldb.com/?id.247344




CVE-2023-6652 - The Matrimonial Site 1.0 is vulnerable to remote sql injection in the register function of the register.php file, posing a critical threat with the disclosure of an exploit.

Product: Carmelogarcia Matrimonial Site

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-6652

NVD References: 

- https://github.com/sweatxi/BugHub/blob/main/Matrimonial%20Site%20System%20functions.php%20%20has%20Sqlinjection.pdf

- https://vuldb.com/?ctiid.247345

- https://vuldb.com/?id.247345




CVE-2023-50245 - OpenEXR-viewer prior to version 0.6.1 allows a memory overflow vulnerability.

Product: OpenEXR-viewer

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50245

NVD References: 

- https://github.com/afichet/openexr-viewer/commit/d0a7e85dfeb519951fb8a8d70f73f30d41cdd3d9

- https://github.com/afichet/openexr-viewer/security/advisories/GHSA-99jg-r3f4-rpxj




CVE-2023-49583 - The SAP BTP Security Services Integration Library ([Node.js] @sap/xssec) versions < 3.6.0 allow an unauthenticated attacker to escalate privileges and gain arbitrary permissions within the application.

Product: SAP BTP Security Services Integration Library

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-49583

NVD References: 

- https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/

- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html




CVE-2023-50422 - The SAP BTP Security Services Integration Library (cloud-security-services-integration-library) below version 2.17.0 and from version 3.0.0 to before 3.3.0 allows an unauthenticated attacker to escalate privileges and gain arbitrary permissions within the application.

Product: SAP BTP Security Services Integration Library

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50422

NVD References: 

- https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/

- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html



CVE-2023-50423 - The SAP BTP Security Services Integration Library ([Python] sap-xssec) versions < 4.1.0 allows unauthenticated attackers to escalate privileges and obtain arbitrary permissions within the application.

Product: SAP BTP Security Services Integration Library

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50423

NVD References: 

- https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/

- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html




CVE-2023-50424 - The SAP BTP Security Services Integration Library allows an unauthenticated attacker to escalate privileges and obtain arbitrary permissions within the application in versions < 0.17.0.

Product: SAP BTP Security Services Integration Library

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-50424

NVD References: 

- https://blogs.sap.com/2023/12/12/unveiling-critical-security-updates-sap-btp-security-note-3411067/

- https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html




CVE-2023-21740 - Windows Media Remote Code Execution Vulnerability

Product: Microsoft Windows Media Player

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21740

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21740




CVE-2023-35621 - Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability

Product: Microsoft Dynamics 365 Finance and Operations

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35621

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35621




CVE-2023-35622 - Windows DNS Spoofing Vulnerability

Product: Microsoft Windows DNS

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35622

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35622




CVE-2023-35624 - Azure Connected Machine Agent Elevation of Privilege Vulnerability

Product: Microsoft Azure Connected Machine Agent

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35624

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35624




CVE-2023-35628 - Windows MSHTML Platform Remote Code Execution Vulnerability

Product: Microsoft Windows MSHTML Platform

CVSS Score: 8.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35628

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35628




CVE-2023-35630 - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Product: Microsoft Internet Connection Sharing (ICS)

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35630

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35630




CVE-2023-35631 - Win32k Elevation of Privilege Vulnerability

Product: Microsoft Win32k

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35631

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35631




CVE-2023-35632 - Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Product: Microsoft Windows Ancillary Function Driver for WinSock

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35632

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35632




CVE-2023-35633 - Windows Kernel Elevation of Privilege Vulnerability

Product: Microsoft Windows Kernel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35633

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35633




CVE-2023-35634 - Windows Bluetooth Driver Remote Code Execution Vulnerability

Product: Microsoft Windows Bluetooth Driver

CVSS Score: 8.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35634

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35634




CVE-2023-35638 - DHCP Server Service Denial of Service Vulnerability

Product: DHCP Server Service

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35638

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35638




CVE-2023-35639 - Microsoft ODBC Driver Remote Code Execution Vulnerability

Product: Microsoft ODBC Driver

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35639

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35639

 



CVE-2023-35641 - Internet Connection Sharing (ICS) Remote Code Execution Vulnerability

Product: Microsoft Internet Connection Sharing (ICS)

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35641

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35641




CVE-2023-35643 - DHCP Server Service Information Disclosure Vulnerability

Product: Microsoft DHCP Server Service

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35643

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35643




CVE-2023-35644 - Windows Sysmain Service Elevation of Privilege

Product: Microsoft Windows

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35644

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35644




CVE-2023-36004 - Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability

Product: Microsoft Windows

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36004

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36004




CVE-2023-36005 - Windows Telephony Server Elevation of Privilege Vulnerability

Product: Microsoft Windows Telephony Server

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36005

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36005




CVE-2023-36006 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Product: Microsoft WDAC OLE DB provider for SQL Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36006

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36006




CVE-2023-36010 - Microsoft Defender Denial of Service Vulnerability

Product: Microsoft Defender

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36010

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36010




CVE-2023-36011 - Win32k Elevation of Privilege Vulnerability

Product: Microsoft Win32k

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36011

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36011




CVE-2023-36020 - Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

Product: Microsoft Dynamics 365

CVSS Score: 7.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36020

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36020




CVE-2023-36391 - Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

Product: Microsoft Local Security Authority Subsystem Service

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36391

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36391

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36391




CVE-2023-36696 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Product: Microsoft Windows Cloud Files Mini Filter Driver

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-36696

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36696

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-36696




CVE-2023-20588 - AMD: CVE-2023-20588 AMD Speculative Leaks Security Notice

Product: AMD processors

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-20588

ISC Diary: https://isc.sans.edu/diary/30480

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-20588




The following vulnerabilities need a manual review:


CVE-2023-42917 - Apple iOS, iPadOS, macOS, and Safari WebKit contain a memory corruption vulnerability that leads to code execution when processing web content.

CISA KEV: YES

Product: Multiple Apple Products




CVE-2023-42916 - Apple iOS, iPadOS, macOS, and Safari WebKit contain an out-of-bounds read vulnerability that may disclose sensitive information when processing web content.

CISA KEV: YES

Product: Multiple Apple Products