In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between January 03-04, 2024.
During this period, The National Vulnerability Database published 99, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 4
High: 22
Medium: 36
Low: 5
Severity Not Assigned: 32
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-50350
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-50351
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can allow an attacker to compromise the confidentiality or integrity of data.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
3. CVE-2023-45722
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. Potential exploits can completely disrupt or take over the application.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-45723
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability. Certain endpoints permit users to manipulate the path (including the file name) where these files are stored on the server.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-45724
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application permits the upload of a certain file without requiring user authentication.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-50341
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: HCL DRYiCE MyXalytics is impacted by Improper Access Control (Obsolete web pages) vulnerability. Discovery of outdated and accessible web pages, reflects a "Missing Access Control" vulnerability, which could lead to inadvertent exposure of sensitive information and/or exposing a vulnerable endpoint.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
7. CVE-2023-50342
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability. A user can obtain certain details about another user as a result of improper access control.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
8. CVE-2023-50343
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Controller APIs) vulnerability. Certain API endpoints are accessible to Customer Admin Users that can allow access to sensitive information about other users.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-7027
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 2.7
Description: The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ header in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References: https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php#L79
https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/mobile.php#L219
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3016126%40post-smtp%2Ftrunk&old=3012318%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/7e8911a3-ce0f-420c-bf2a-1c2929d01cef?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-6600
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting due to a missing capability check on the update_settings() function hooked via admin_init in all versions up to, and including, 5.7.9. This makes it possible for unauthenticated attackers to update the plugin's settings which can be used to inject Cross-Site Scripting payloads and delete entire directories. PLease note there were several attempted patched, and we consider 5.7.10 to be the most sufficiently patched.
References: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3008876%40host-webfonts-local&new=3008876%40host-webfonts-local&sfp_email=&sfph_mail=
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3009010%40host-webfonts-local&new=3009010%40host-webfonts-local&sfp_email=&sfph_mail=
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3009453%40host-webfonts-local&new=3009453%40host-webfonts-local&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/4e835b97-c066-4e8f-b99f-1a930105af0c?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-0207
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19502
https://www.wireshark.org/security/wnpa-sec-2024-03.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-0208
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19496
https://www.wireshark.org/security/wnpa-sec-2024-01.html
CWE-ID: CWE-674
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-0209
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19501
https://www.wireshark.org/security/wnpa-sec-2024-02.html
CWE-ID: CWE-476
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-0210
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19504
https://www.wireshark.org/security/wnpa-sec-2024-04.html
CWE-ID: CWE-674
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-0211
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19557
https://www.wireshark.org/security/wnpa-sec-2024-05.html
CWE-ID: CWE-674
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-52304
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-013.md
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-52307
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-016.md
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-52309
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-018.md
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-52310
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-019.md
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-52311
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-020.md
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
21. CVE-2023-52314
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-023.md
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
22. CVE-2023-50253
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Laf is a cloud development platform. In the Laf version design, the log uses communication with k8s to quickly retrieve logs from the container without the need for additional storage. However, in version 1.0.0-beta.13 and prior, this interface does not verify the permissions of the pod, which allows authenticated users to obtain any pod logs under the same namespace through this method, thereby obtaining sensitive information printed in the logs. As of time of publication, no known patched versions exist.
References: https://github.com/labring/laf/pull/1468
https://github.com/labring/laf/security/advisories/GHSA-g9c8-wh35-g75f
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-21633
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are those in which an attacker may write/overwrite any file that user has write access, and either user name is known or cwd is under user folder. Commit d348c43b24a9de350ff6e5bd610545a10c1fc712 contains a patch for this issue.
References: https://github.com/iBotPeaches/Apktool/commit/d348c43b24a9de350ff6e5bd610545a10c1fc712
https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
24. CVE-2023-6338
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.
References: https://support.lenovo.com/us/en/product_security/LEN-121183
CWE-ID: CWE-427
Common Platform Enumerations (CPE): Not Found
25. CVE-2023-50256
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory field requirements (e.g. surname, company name) established by the system. Version 2.1.2 fixes this issue.
References: https://github.com/Froxlor/Froxlor/commit/4b1846883d4828962add91bd844596d89a9c7cac
https://github.com/Froxlor/Froxlor/security/advisories/GHSA-625g-fm5w-w7w4
https://user-images.githubusercontent.com/80028768/289675319-81ae8ebe-1308-4ee3-bedb-43cdc40da474.mp4
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-21634
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in `ion-java` for applications that use `ion-java` to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the `IonValue` model and then invoke certain `IonValue` methods on that in-memory representation. An actor could craft Ion data that, when loaded by the affected application and/or processed using the `IonValue` model, results in a `StackOverflowError` originating from the `ion-java` library. The patch is included in `ion-java` 1.10.5. As a workaround, do not load data which originated from an untrusted source or that could have been tampered with.
References: https://github.com/amazon-ion/ion-java/security/advisories/GHSA-264p-99wq-f4j6
CWE-ID: CWE-770
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between January 03-04, 2024.
During this period, The National Vulnerability Database published 99, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 4
High: 22
Medium: 36
Low: 5
Severity Not Assigned: 32
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2023-50350
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: HCL DRYiCE MyXalytics is impacted by the use of a broken cryptographic algorithm for encryption, potentially giving an attacker ability to decrypt sensitive information.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
2. CVE-2023-50351
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: HCL DRYiCE MyXalytics is impacted by the use of an insecure key rotation mechanism which can allow an attacker to compromise the confidentiality or integrity of data.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
3. CVE-2023-45722
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory. The product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. Potential exploits can completely disrupt or take over the application.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
4. CVE-2023-45723
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: HCL DRYiCE MyXalytics is impacted by path traversal vulnerability which allows file upload capability. Certain endpoints permit users to manipulate the path (including the file name) where these files are stored on the server.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
5. CVE-2023-45724
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.2
Description: HCL DRYiCE MyXalytics product is impacted by unauthenticated file upload vulnerability. The web application permits the upload of a certain file without requiring user authentication.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
6. CVE-2023-50341
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: HCL DRYiCE MyXalytics is impacted by Improper Access Control (Obsolete web pages) vulnerability. Discovery of outdated and accessible web pages, reflects a "Missing Access Control" vulnerability, which could lead to inadvertent exposure of sensitive information and/or exposing a vulnerable endpoint.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
7. CVE-2023-50342
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.2
Description: HCL DRYiCE MyXalytics is impacted by an Insecure Direct Object Reference (IDOR) vulnerability. A user can obtain certain details about another user as a result of improper access control.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
8. CVE-2023-50343
Base Score: 8.3
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.5
Description: HCL DRYiCE MyXalytics is impacted by an Improper Access Control (Controller APIs) vulnerability. Certain API endpoints are accessible to Customer Admin Users that can allow access to sensitive information about other users.
References: https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0109608
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
9. CVE-2023-7027
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 2.7
Description: The POST SMTP Mailer – Email log, Delivery Failure Notifications and Best Mail SMTP for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘device’ header in all versions up to, and including, 2.8.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
References: https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/includes/rest-api/v1/rest-api.php#L79
https://plugins.trac.wordpress.org/browser/post-smtp/trunk/Postman/Mobile/mobile.php#L219
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3016126%40post-smtp%2Ftrunk&old=3012318%40post-smtp%2Ftrunk&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/7e8911a3-ce0f-420c-bf2a-1c2929d01cef?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-6600
Base Score: 8.6
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 4.7
Description: The OMGF | GDPR/DSGVO Compliant, Faster Google Fonts. Easy. plugin for WordPress is vulnerable to unauthorized modification of data and Stored Cross-Site Scripting due to a missing capability check on the update_settings() function hooked via admin_init in all versions up to, and including, 5.7.9. This makes it possible for unauthenticated attackers to update the plugin's settings which can be used to inject Cross-Site Scripting payloads and delete entire directories. PLease note there were several attempted patched, and we consider 5.7.10 to be the most sufficiently patched.
References: https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3008876%40host-webfonts-local&new=3008876%40host-webfonts-local&sfp_email=&sfph_mail=
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3009010%40host-webfonts-local&new=3009010%40host-webfonts-local&sfp_email=&sfph_mail=
https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3009453%40host-webfonts-local&new=3009453%40host-webfonts-local&sfp_email=&sfph_mail=
https://www.wordfence.com/threat-intel/vulnerabilities/id/4e835b97-c066-4e8f-b99f-1a930105af0c?source=cve
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
11. CVE-2024-0207
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: HTTP3 dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19502
https://www.wireshark.org/security/wnpa-sec-2024-03.html
CWE-ID: CWE-125
Common Platform Enumerations (CPE): Not Found
12. CVE-2024-0208
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: GVCP dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19496
https://www.wireshark.org/security/wnpa-sec-2024-01.html
CWE-ID: CWE-674
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-0209
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: IEEE 1609.2 dissector crash in Wireshark 4.2.0, 4.0.0 to 4.0.11, and 3.6.0 to 3.6.19 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19501
https://www.wireshark.org/security/wnpa-sec-2024-02.html
CWE-ID: CWE-476
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-0210
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Zigbee TLV dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19504
https://www.wireshark.org/security/wnpa-sec-2024-04.html
CWE-ID: CWE-674
Common Platform Enumerations (CPE): Not Found
15. CVE-2024-0211
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: DOCSIS dissector crash in Wireshark 4.2.0 allows denial of service via packet injection or crafted capture file
References: https://gitlab.com/wireshark/wireshark/-/issues/19557
https://www.wireshark.org/security/wnpa-sec-2024-05.html
CWE-ID: CWE-674
Common Platform Enumerations (CPE): Not Found
16. CVE-2023-52304
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-013.md
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-52307
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: Stack overflow in paddle.linalg.lu_unpack in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-016.md
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-52309
Base Score: 8.2
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 4.7
Description: Heap buffer overflow in paddle.repeat_interleave in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, information disclosure, or more damage is possible.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-018.md
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-52310
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: PaddlePaddle before 2.6.0 has a command injection in get_online_pass_interval. This resulted in the ability to execute arbitrary commands on the operating system.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-019.md
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-52311
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: PaddlePaddle before 2.6.0 has a command injection in _wget_download. This resulted in the ability to execute arbitrary commands on the operating system.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-020.md
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
21. CVE-2023-52314
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: PaddlePaddle before 2.6.0 has a command injection in convert_shape_compare. This resulted in the ability to execute arbitrary commands on the operating system.
References: https://github.com/PaddlePaddle/Paddle/blob/develop/security/advisory/pdsa-2023-023.md
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
22. CVE-2023-50253
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Laf is a cloud development platform. In the Laf version design, the log uses communication with k8s to quickly retrieve logs from the container without the need for additional storage. However, in version 1.0.0-beta.13 and prior, this interface does not verify the permissions of the pod, which allows authenticated users to obtain any pod logs under the same namespace through this method, thereby obtaining sensitive information printed in the logs. As of time of publication, no known patched versions exist.
References: https://github.com/labring/laf/pull/1468
https://github.com/labring/laf/security/advisories/GHSA-g9c8-wh35-g75f
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
23. CVE-2024-21633
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Apktool is a tool for reverse engineering Android APK files. In versions 2.9.1 and prior, Apktool infers resource files' output path according to their resource names which can be manipulated by attacker to place files at desired location on the system Apktool runs on. Affected environments are those in which an attacker may write/overwrite any file that user has write access, and either user name is known or cwd is under user folder. Commit d348c43b24a9de350ff6e5bd610545a10c1fc712 contains a patch for this issue.
References: https://github.com/iBotPeaches/Apktool/commit/d348c43b24a9de350ff6e5bd610545a10c1fc712
https://github.com/iBotPeaches/Apktool/security/advisories/GHSA-2hqv-2xv4-5h5w
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
24. CVE-2023-6338
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Uncontrolled search path vulnerabilities were reported in the Lenovo Universal Device Client (UDC) that could allow an attacker with local access to execute code with elevated privileges.
References: https://support.lenovo.com/us/en/product_security/LEN-121183
CWE-ID: CWE-427
Common Platform Enumerations (CPE): Not Found
25. CVE-2023-50256
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Froxlor is open source server administration software. Prior to version 2.1.2, it was possible to submit the registration form with the essential fields, such as the username and password, left intentionally blank. This inadvertent omission allowed for a bypass of the mandatory field requirements (e.g. surname, company name) established by the system. Version 2.1.2 fixes this issue.
References: https://github.com/Froxlor/Froxlor/commit/4b1846883d4828962add91bd844596d89a9c7cac
https://github.com/Froxlor/Froxlor/security/advisories/GHSA-625g-fm5w-w7w4
https://user-images.githubusercontent.com/80028768/289675319-81ae8ebe-1308-4ee3-bedb-43cdc40da474.mp4
CWE-ID: CWE-20
Common Platform Enumerations (CPE): Not Found
26. CVE-2024-21634
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Amazon Ion is a Java implementation of the Ion data notation. Prior to version 1.10.5, a potential denial-of-service issue exists in `ion-java` for applications that use `ion-java` to deserialize Ion text encoded data, or deserialize Ion text or binary encoded data into the `IonValue` model and then invoke certain `IonValue` methods on that in-memory representation. An actor could craft Ion data that, when loaded by the affected application and/or processed using the `IonValue` model, results in a `StackOverflowError` originating from the `ion-java` library. The patch is included in `ion-java` 1.10.5. As a workaround, do not load data which originated from an untrusted source or that could have been tampered with.
References: https://github.com/amazon-ion/ion-java/security/advisories/GHSA-264p-99wq-f4j6
CWE-ID: CWE-770
Common Platform Enumerations (CPE): Not Found