In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between October 15-16, 2023.
During this period, The National Vulnerability Database published 10, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 0
High: 2
Medium: 3
Low: 2
Severity Not Assigned: 3
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-5589
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-242188.
References: https://github.com/GodRone/Judging-Management-System_SQL-injection/blob/main/Judging%20Management%20System_SQL%20injection.md
https://vuldb.com/?ctiid.242188
https://vuldb.com/?id.242188
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-5590
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.
References: https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6
https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99
CWE-ID: CWE-476
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between October 15-16, 2023.
During this period, The National Vulnerability Database published 10, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 0
High: 2
Medium: 3
Low: 2
Severity Not Assigned: 3
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-5589
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in SourceCodester Judging Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-242188.
References: https://github.com/GodRone/Judging-Management-System_SQL-injection/blob/main/Judging%20Management%20System_SQL%20injection.md
https://vuldb.com/?ctiid.242188
https://vuldb.com/?id.242188
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-5590
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: NULL Pointer Dereference in GitHub repository seleniumhq/selenium prior to 4.14.0.
References: https://github.com/seleniumhq/selenium/commit/023a0d52f106321838ab1c0997e76693f4dcbdf6
https://huntr.dev/bounties/e268cd68-4f34-49bd-878b-82b96dcc0c99
CWE-ID: CWE-476
Common Platform Enumerations (CPE): Not Found