In the dynamic realm of cybersecurity, staying updated on the latest vulnerabilities is imperative.
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between January 08-09, 2024.
During this period, The National Vulnerability Database published 194, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 15
High: 106
Medium: 40
Low: 2
Severity Not Assigned: 31
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-0288
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability classified as critical has been found in Kashipara Food Management System 1.0. This affects an unknown part of the file rawstock_used_damaged_submit.php. The manipulation of the argument product_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249849 was assigned to this vulnerability.
References: https://github.com/laoquanshi/heishou/blob/main/Food%20Management%20System%20SQL%20Injection%20Vulnerability12.md
https://vuldb.com/?ctiid.249849
https://vuldb.com/?id.249849
CWE-ID: CWE-89
Common Platform Enumerations (CPE): cpe:2.3:a:kashipara:food_management_system:1.0:*:*:*:*:*:*:*
2. CVE-2024-0289
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability classified as critical was found in Kashipara Food Management System 1.0. This vulnerability affects unknown code of the file stock_entry_submit.php. The manipulation of the argument itemype leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249850 is the identifier assigned to this vulnerability.
References: https://github.com/laoquanshi/heishou/blob/main/Food%20Management%20System%20SQL%20Injection%20Vulnerability14.md
https://vuldb.com/?ctiid.249850
https://vuldb.com/?id.249850
CWE-ID: CWE-89
Common Platform Enumerations (CPE): cpe:2.3:a:kashipara:food_management_system:1.0:*:*:*:*:*:*:*
3. CVE-2024-0290
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability, which was classified as critical, has been found in Kashipara Food Management System 1.0. This issue affects some unknown processing of the file stock_edit.php. The manipulation of the argument item_type leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249851.
References: https://github.com/laoquanshi/heishou/blob/main/Food%20Management%20System%20SQL%20Injection%20Vulnerability15.md
https://vuldb.com/?ctiid.249851
https://vuldb.com/?id.249851
CWE-ID: CWE-89
Common Platform Enumerations (CPE): cpe:2.3:a:kashipara:food_management_system:1.0:*:*:*:*:*:*:*
4. CVE-2024-0294
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected by this issue is the function setUssd of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ussd leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249860. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/setUssd/README.md
https://vuldb.com/?ctiid.249860
https://vuldb.com/?id.249860
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-0295
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. This affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249861 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/setWanCfg/README.md
https://vuldb.com/?ctiid.249861
https://vuldb.com/?id.249861
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-0296
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability has been found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument host_time leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249862 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N200RE/NTPSyncWithHost/README.md
https://vuldb.com/?ctiid.249862
https://vuldb.com/?id.249862
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-0297
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249863. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N200RE/UploadFirmwareFile/README.md
https://vuldb.com/?ctiid.249863
https://vuldb.com/?id.249863
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-0298
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been classified as critical. Affected is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249864. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N200RE/setDiagnosisCfg/README.md
https://vuldb.com/?ctiid.249864
https://vuldb.com/?id.249864
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-0299
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249865 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N200RE/setTracerouteCfg/README.md
https://vuldb.com/?ctiid.249865
https://vuldb.com/?id.249865
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-29048
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially violate integrity by modifying resources. The template engine has been reconfigured to deny execution of harmful commands on a system level. No publicly available exploits are known.
References: http://seclists.org/fulldisclosure/2024/Jan/3
https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-29050
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. Unauthorized users could break confidentiality of information in the directory and potentially cause high load on the directory server, leading to denial of service. Encoding has been added for user-provided fragments that are used when constructing the LDAP query. No publicly available exploits are known.
References: http://seclists.org/fulldisclosure/2024/Jan/3
https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf
CWE-ID: CWE-90
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-29051
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.2
Description: User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users and contexts. We now make sure that the switch to disable user-generated templates by default works as intended and will remove the feature in future generations of the product. No publicly available exploits are known.
References: http://seclists.org/fulldisclosure/2024/Jan/4
https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0006.json
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6251_7.10.6_2023-09-25.pdf
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-0306
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file /admin/admin_login_process.php. The manipulation of the argument admin_password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249873 was assigned to this vulnerability.
References: https://github.com/E1CHO/cve_hub/blob/main/Dynamic%20Lab%20Management%20System%20-%20vuln%201.pdf
https://vuldb.com/?ctiid.249873
https://vuldb.com/?id.249873
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-0307
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login_process.php. The manipulation of the argument password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249874 is the identifier assigned to this vulnerability.
References: https://github.com/VistaAX/vulnerablility/blob/main/Dynamic%20Lab%20Management%20System%20-%20vuln%202.pdf
https://vuldb.com/?ctiid.249874
https://vuldb.com/?id.249874
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-6921
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Blind SQL Injection vulnerability in PrestaShow Google Integrator (PrestaShop addon) allows for data extraction and modification. This attack is possible via command insertion in one of the cookies.
References: https://cert.pl/en/posts/2024/01/CVE-2023-6921/
https://cert.pl/posts/2024/01/CVE-2023-6921/
https://prestashow.pl/pl/moduly-prestashop/28-prestashop-google-integrator-ga4-gtm-ads-remarketing.html
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-21644
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
References: https://github.com/pyload/pyload/commit/bb22063a875ffeca357aaf6e2edcd09705688c40
https://github.com/pyload/pyload/security/advisories/GHSA-mqpq-2p68-46fv
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-32650
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1777
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-34087
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1803
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-34436
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1819
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-35004
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1816
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
21. CVE-2023-35057
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1821
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
22. CVE-2023-35128
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1792
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
23. CVE-2023-35702
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
24. CVE-2023-35703
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
25. CVE-2023-35704
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
26. CVE-2023-35955
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `LZ4_decompress_safe_partial`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
27. CVE-2023-35956
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `fastlz_decompress`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
28. CVE-2023-35957
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `uncompress`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
29. CVE-2023-35958
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the copy function `fstFread`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
30. CVE-2023-35959
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
31. CVE-2023-35960
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in `vcd_main`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
32. CVE-2023-35961
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
33. CVE-2023-35962
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt` utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
34. CVE-2023-35963
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
35. CVE-2023-35964
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt` utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
36. CVE-2023-35969
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1789
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
37. CVE-2023-35970
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of the `FST_BL_VCDATA_DYN_ALIAS2` section type.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1789
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
38. CVE-2023-35989
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1822
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
39. CVE-2023-35992
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1790
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
40. CVE-2023-35994
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta initialization part.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
41. CVE-2023-35995
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 1.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
42. CVE-2023-35996
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 0.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
43. CVE-2023-35997
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 2 or more.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
44. CVE-2023-36746
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when parsing the time table.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1793
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
45. CVE-2023-36747
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when `beg_time` does not match the start of the time table.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1793
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
46. CVE-2023-36861
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1811
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
47. CVE-2023-36864
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the fstReaderIterBlocks2 temp_signal_value_buf allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1797
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
48. CVE-2023-36915
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1798
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
49. CVE-2023-36916
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table_lengths` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1798
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
50. CVE-2023-37282
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1810
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
51. CVE-2023-37416
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's legacy VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
52. CVE-2023-37417
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's interactive VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
53. CVE-2023-37418
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
54. CVE-2023-37419
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
55. CVE-2023-37420
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
56. CVE-2023-37442
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's default VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
57. CVE-2023-37443
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's legacy VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
58. CVE-2023-37444
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's interactive VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
59. CVE-2023-37445
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
60. CVE-2023-37446
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
61. CVE-2023-37447
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
62. CVE-2023-37573
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's recoder (default) VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
63. CVE-2023-37574
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's legacy VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
64. CVE-2023-37575
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's interactive VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
65. CVE-2023-37576
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2vzt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
66. CVE-2023-37577
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt2 conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
67. CVE-2023-37578
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
68. CVE-2023-37921
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2vzt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
CWE-ID: CWE-118
Common Platform Enumerations (CPE): Not Found
69. CVE-2023-37922
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt2 conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
CWE-ID: CWE-118
Common Platform Enumerations (CPE): Not Found
70. CVE-2023-37923
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
CWE-ID: CWE-118
Common Platform Enumerations (CPE): Not Found
71. CVE-2023-38583
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1827
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
72. CVE-2023-38618
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
73. CVE-2023-38619
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
74. CVE-2023-38620
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
75. CVE-2023-38621
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
76. CVE-2023-38622
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
77. CVE-2023-38623
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `vindex_offset` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
78. CVE-2023-38648
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1813
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
79. CVE-2023-38649
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1813
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
80. CVE-2023-38650
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1814
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
81. CVE-2023-38651
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1814
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
82. CVE-2023-38652
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1815
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
83. CVE-2023-38653
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1815
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
84. CVE-2023-38657
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1823
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
85. CVE-2023-39234
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->numrealfacs`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1817
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
86. CVE-2023-39235
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->num_time_ticks`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1817
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
87. CVE-2023-39270
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
88. CVE-2023-39271
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
89. CVE-2023-39272
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
90. CVE-2023-39273
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
91. CVE-2023-39274
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
92. CVE-2023-39275
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `value` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
93. CVE-2023-39316
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_pointers` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1820
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
94. CVE-2023-39317
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_lens` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1820
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
95. CVE-2023-39413
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824
CWE-ID: CWE-191
Common Platform Enumerations (CPE): Not Found
96. CVE-2023-39414
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824
CWE-ID: CWE-191
Common Platform Enumerations (CPE): Not Found
97. CVE-2023-39443
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
98. CVE-2023-39444
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
99. CVE-2023-47211
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.3
Description: A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851
https://www.manageengine.com/itom/advisory/cve-2023-47211.html
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
100. CVE-2024-21650
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote code execution (RCE) attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the "first name" or "last name" fields during user registration. This impacts all installations that have user registration enabled for guests. This vulnerability has been patched in XWiki 14.10.17, 15.5.3 and 15.8 RC1.
References: https://github.com/xwiki/xwiki-platform/commit/b290bfd573c6f7db6cc15a88dd4111d9fcad0d31
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rj7p-xjv7-7229
https://jira.xwiki.org/browse/XWIKI-21173
CWE-ID: CWE-95
Common Platform Enumerations (CPE): Not Found
101. CVE-2024-21747
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting.This issue affects WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting: from n/a through 1.12.8.
References: https://patchstack.com/database/vulnerability/erp/wordpress-wp-erp-plugin-1-12-8-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
102. CVE-2022-3328
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: Race condition in snap-confine's must_mkdir_and_open_with_perms()
References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3328
https://ubuntu.com/security/notices/USN-5753-1
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
103. CVE-2023-52215
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in UkrSolution Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce.This issue affects Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce: from n/a through 1.5.1.
References: https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-1-unauthenticated-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
104. CVE-2023-52218
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Anton Bond Woocommerce Tranzila Payment Gateway.This issue affects Woocommerce Tranzila Payment Gateway: from n/a through 1.0.8.
References: https://patchstack.com/database/vulnerability/woo-tranzila-gateway/wordpress-woocommerce-tranzila-gateway-plugin-1-0-8-unauthenticated-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
105. CVE-2023-52219
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue affects Gecka Terms Thumbnails: from n/a through 1.1.
References: https://patchstack.com/database/vulnerability/gecka-terms-thumbnails/wordpress-gecka-terms-thumbnails-plugin-1-1-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
106. CVE-2023-52225
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1.
References: https://patchstack.com/database/vulnerability/taggbox-widget/wordpress-tagbox-widget-plugin-3-1-unauthenticated-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
107. CVE-2021-3600
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.
References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600
https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90
https://ubuntu.com/security/notices/USN-5003-1
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
108. CVE-2023-52190
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2.
References: https://patchstack.com/database/vulnerability/coupon-referral-program/wordpress-coupon-referral-program-plugin-1-7-2-unauthenticated-sensitive-data-pii-coupon-data-exposure-vulnerability?_s_id=cve
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
109. CVE-2023-52207
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with Playlist Free.This issue affects HTML5 MP3 Player with Playlist Free: from n/a through 3.0.0.
References: https://patchstack.com/database/vulnerability/html5-mp3-player-with-playlist/wordpress-html5-mp3-player-plugin-3-0-0-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
110. CVE-2023-6631
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
References: https://subnet.com/contact/
https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-01
CWE-ID: CWE-428
Common Platform Enumerations (CPE): Not Found
111. CVE-2023-50982
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executable files, because upload_action and edit_action in Admin_SmileysController do not check the file extension. This leads to remote code execution with the privileges of the www-data user. The fixed versions are 5.3.4, 5.2.6, 5.1.7, and 5.0.9.
References: https://gitlab.studip.de/studip/studip/-/tags
https://rehmeinfosec.de/labor/cve-2023-50982
https://sourceforge.net/projects/studip/files/Stud.IP/5.4/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
112. CVE-2023-52200
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: n/a.
References: https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-lite-plugin-4-0-22-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-352 CWE-502
Common Platform Enumerations (CPE): Not Found
113. CVE-2023-52204
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Javik Randomize.This issue affects Randomize: from n/a through 1.4.3.
References: https://patchstack.com/database/vulnerability/randomize/wordpress-randomize-plugin-1-4-3-contributor-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
114. CVE-2023-52205
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 SoundCloud Player with Playlist Free.This issue affects HTML5 SoundCloud Player with Playlist Free: from n/a through 2.8.0.
References: https://patchstack.com/database/vulnerability/html5-soundcloud-player-with-playlist/wordpress-html5-soundcloud-player-plugin-2-8-0-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
115. CVE-2023-52206
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 5.8
Description: Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer live-composer-page-builder.This issue affects Page Builder: Live Composer: from n/a through 1.5.25.
References: https://patchstack.com/database/vulnerability/live-composer-page-builder/wordpress-page-builder-live-composer-plugin-1-5-25-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
116. CVE-2023-52213
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VideoWhisper Rate Star Review – AJAX Reviews for Content, with Star Ratings allows Reflected XSS.This issue affects Rate Star Review – AJAX Reviews for Content, with Star Ratings: from n/a through 1.5.1.
References: https://patchstack.com/database/vulnerability/rate-star-review/wordpress-rate-star-review-plugin-1-5-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
117. CVE-2023-52142
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cool Plugins Events Shortcodes For The Events Calendar.This issue affects Events Shortcodes For The Events Calendar: from n/a through 2.3.1.
References: https://patchstack.com/database/vulnerability/template-events-calendar/wordpress-events-shortcodes-for-the-events-calendar-plugin-2-3-1-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
118. CVE-2023-52196
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phil Ewels CPT Bootstrap Carousel allows Reflected XSS.This issue affects CPT Bootstrap Carousel: from n/a through 1.12.
References: https://patchstack.com/database/vulnerability/cpt-bootstrap-carousel/wordpress-cpt-bootstrap-carousel-plugin-1-12-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
119. CVE-2023-52201
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brian D. Goad pTypeConverter.This issue affects pTypeConverter: from n/a through 0.2.8.1.
References: https://patchstack.com/database/vulnerability/ptypeconverter/wordpress-ptypeconverter-plugin-0-2-8-1-subscriber-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
120. CVE-2023-52202
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with Folder Feedburner Playlist Free.This issue affects HTML5 MP3 Player with Folder Feedburner Playlist Free: from n/a through 2.8.0.
References: https://patchstack.com/database/vulnerability/html5-mp3-player-with-mp3-folder-feedburner-playlist/wordpress-html5-mp3-player-with-folder-feedburner-plugin-2-8-0-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
121. CVE-2023-7218
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: A vulnerability, which was classified as critical, was found in Totolink N350RT 9.3.5u.6139_B202012. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-249852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N350RT/4/README.md
https://vuldb.com/?ctiid.249852
https://vuldb.com/?id.249852
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
This edition of the AppSecWorld's CVE Daily Digest provides a snapshot of the vulnerabilities published in National Vulnerability Database between January 08-09, 2024.
During this period, The National Vulnerability Database published 194, and these new Common Vulnerabilities and Exposures (CVEs) are classified as follows:
Critical: 15
High: 106
Medium: 40
Low: 2
Severity Not Assigned: 31
Identifying and understanding these vulnerabilities are pivotal steps towards enhancing security measures and creating a safer digital environment.
Now, let's delve deeper into AppSecWorld's CVE Daily Digest, spotlighting the Critical and High Severity vulnerabilities that demand immediate attention.
1. CVE-2024-0288
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability classified as critical has been found in Kashipara Food Management System 1.0. This affects an unknown part of the file rawstock_used_damaged_submit.php. The manipulation of the argument product_name leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249849 was assigned to this vulnerability.
References: https://github.com/laoquanshi/heishou/blob/main/Food%20Management%20System%20SQL%20Injection%20Vulnerability12.md
https://vuldb.com/?ctiid.249849
https://vuldb.com/?id.249849
CWE-ID: CWE-89
Common Platform Enumerations (CPE): cpe:2.3:a:kashipara:food_management_system:1.0:*:*:*:*:*:*:*
2. CVE-2024-0289
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability classified as critical was found in Kashipara Food Management System 1.0. This vulnerability affects unknown code of the file stock_entry_submit.php. The manipulation of the argument itemype leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249850 is the identifier assigned to this vulnerability.
References: https://github.com/laoquanshi/heishou/blob/main/Food%20Management%20System%20SQL%20Injection%20Vulnerability14.md
https://vuldb.com/?ctiid.249850
https://vuldb.com/?id.249850
CWE-ID: CWE-89
Common Platform Enumerations (CPE): cpe:2.3:a:kashipara:food_management_system:1.0:*:*:*:*:*:*:*
3. CVE-2024-0290
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: A vulnerability, which was classified as critical, has been found in Kashipara Food Management System 1.0. This issue affects some unknown processing of the file stock_edit.php. The manipulation of the argument item_type leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249851.
References: https://github.com/laoquanshi/heishou/blob/main/Food%20Management%20System%20SQL%20Injection%20Vulnerability15.md
https://vuldb.com/?ctiid.249851
https://vuldb.com/?id.249851
CWE-ID: CWE-89
Common Platform Enumerations (CPE): cpe:2.3:a:kashipara:food_management_system:1.0:*:*:*:*:*:*:*
4. CVE-2024-0294
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, has been found in Totolink LR1200GB 9.1.0u.6619_B20230130. Affected by this issue is the function setUssd of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ussd leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249860. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/setUssd/README.md
https://vuldb.com/?ctiid.249860
https://vuldb.com/?id.249860
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
5. CVE-2024-0295
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability, which was classified as critical, was found in Totolink LR1200GB 9.1.0u.6619_B20230130. This affects the function setWanCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument hostName leads to os command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249861 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/LR1200GB/setWanCfg/README.md
https://vuldb.com/?ctiid.249861
https://vuldb.com/?id.249861
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
6. CVE-2024-0296
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability has been found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument host_time leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249862 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N200RE/NTPSyncWithHost/README.md
https://vuldb.com/?ctiid.249862
https://vuldb.com/?id.249862
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
7. CVE-2024-0297
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This issue affects the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249863. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N200RE/UploadFirmwareFile/README.md
https://vuldb.com/?ctiid.249863
https://vuldb.com/?id.249863
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
8. CVE-2024-0298
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been classified as critical. Affected is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249864. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N200RE/setDiagnosisCfg/README.md
https://vuldb.com/?ctiid.249864
https://vuldb.com/?id.249864
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
9. CVE-2024-0299
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Totolink N200RE 9.3.5u.6139_B20201216. It has been declared as critical. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249865 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N200RE/setTracerouteCfg/README.md
https://vuldb.com/?ctiid.249865
https://vuldb.com/?id.249865
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
10. CVE-2023-29048
Base Score: 8.8
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.9
Description: A component for parsing OXMF templates could be abused to execute arbitrary system commands that would be executed as the non-privileged runtime user. Users and attackers could run system commands with limited privilege to gain unauthorized access to confidential information and potentially violate integrity by modifying resources. The template engine has been reconfigured to deny execution of harmful commands on a system level. No publicly available exploits are known.
References: http://seclists.org/fulldisclosure/2024/Jan/3
https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
11. CVE-2023-29050
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: The optional "LDAP contacts provider" could be abused by privileged users to inject LDAP filter strings that allow to access content outside of the intended hierarchy. Unauthorized users could break confidentiality of information in the directory and potentially cause high load on the directory server, leading to denial of service. Encoding has been added for user-provided fragments that are used when constructing the LDAP query. No publicly available exploits are known.
References: http://seclists.org/fulldisclosure/2024/Jan/3
https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0005.json
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6248_7.10.6_2023-09-19.pdf
CWE-ID: CWE-90
Common Platform Enumerations (CPE): Not Found
12. CVE-2023-29051
Base Score: 8.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 5.2
Description: User-defined OXMF templates could be used to access a limited part of the internal OX App Suite Java API. The existing switch to disable the feature by default was not effective in this case. Unauthorized users could discover and modify application state, including objects related to other users and contexts. We now make sure that the switch to disable user-generated templates by default works as intended and will remove the feature in future generations of the product. No publicly available exploits are known.
References: http://seclists.org/fulldisclosure/2024/Jan/4
https://documentation.open-xchange.com/security/advisories/csaf/oxas-adv-2023-0006.json
https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_6251_7.10.6_2023-09-25.pdf
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
13. CVE-2024-0306
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file /admin/admin_login_process.php. The manipulation of the argument admin_password leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249873 was assigned to this vulnerability.
References: https://github.com/E1CHO/cve_hub/blob/main/Dynamic%20Lab%20Management%20System%20-%20vuln%201.pdf
https://vuldb.com/?ctiid.249873
https://vuldb.com/?id.249873
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
14. CVE-2024-0307
Base Score: 7.3
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.4
Description: A vulnerability was found in Kashipara Dynamic Lab Management System up to 1.0. It has been declared as critical. This vulnerability affects unknown code of the file login_process.php. The manipulation of the argument password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249874 is the identifier assigned to this vulnerability.
References: https://github.com/VistaAX/vulnerablility/blob/main/Dynamic%20Lab%20Management%20System%20-%20vuln%202.pdf
https://vuldb.com/?ctiid.249874
https://vuldb.com/?id.249874
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
15. CVE-2023-6921
Base Score: 9.8
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 5.9
Description: Blind SQL Injection vulnerability in PrestaShow Google Integrator (PrestaShop addon) allows for data extraction and modification. This attack is possible via command insertion in one of the cookies.
References: https://cert.pl/en/posts/2024/01/CVE-2023-6921/
https://cert.pl/posts/2024/01/CVE-2023-6921/
https://prestashow.pl/pl/moduly-prestashop/28-prestashop-google-integrator-ga4-gtm-ads-remarketing.html
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
16. CVE-2024-21644
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: pyLoad is the free and open-source Download Manager written in pure Python. Any unauthenticated user can browse to a specific URL to expose the Flask config, including the `SECRET_KEY` variable. This issue has been patched in version 0.5.0b3.dev77.
References: https://github.com/pyload/pyload/commit/bb22063a875ffeca357aaf6e2edcd09705688c40
https://github.com/pyload/pyload/security/advisories/GHSA-mqpq-2p68-46fv
CWE-ID: CWE-284
Common Platform Enumerations (CPE): Not Found
17. CVE-2023-32650
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the FST_BL_GEOM parsing maxhandle functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1777
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
18. CVE-2023-34087
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An improper array index validation vulnerability exists in the EVCD var len parsing functionality of GTKWave 3.3.115. A specially crafted .evcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1803
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
19. CVE-2023-34436
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the LXT2 num_time_table_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1819
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
20. CVE-2023-35004
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the VZT longest_len value allocation functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1816
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
21. CVE-2023-35057
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the LXT2 lxt2_rd_trace value elements allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1821
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
22. CVE-2023-35128
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the fstReaderIterBlocks2 time_table tsec_nitems functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1792
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
23. CVE-2023-35702
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32 function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
24. CVE-2023-35703
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint64 function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
25. CVE-2023-35704
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple stack-based buffer overflow vulnerabilities exist in the FST LEB128 varint functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the fstReaderVarint32WithSkip function.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1783
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found
26. CVE-2023-35955
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `LZ4_decompress_safe_partial`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
27. CVE-2023-35956
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `fastlz_decompress`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
28. CVE-2023-35957
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the decompression function `uncompress`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
29. CVE-2023-35958
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 VCDATA parsing functionality of GTKWave 3.3.115. A specially-crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the copy function `fstFread`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1785
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
30. CVE-2023-35959
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns `.ghw` decompression.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
31. CVE-2023-35960
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns legacy decompression in `vcd_main`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
32. CVE-2023-35961
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in `vcd_recorder_main`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
33. CVE-2023-35962
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2vzt` utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
34. CVE-2023-35963
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt2` utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
35. CVE-2023-35964
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave 3.3.115. A specially crafted wave file can lead to arbitrary command execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns decompression in the `vcd2lxt` utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1786
CWE-ID: CWE-78
Common Platform Enumerations (CPE): Not Found
36. CVE-2023-35969
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of `FST_BL_VCDATA` and `FST_BL_VCDATA_DYN_ALIAS` section types.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1789
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
37. CVE-2023-35970
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 chain_table parsing functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the chain_table of the `FST_BL_VCDATA_DYN_ALIAS2` section type.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1789
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
38. CVE-2023-35989
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the LXT2 zlib block allocation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1822
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
39. CVE-2023-35992
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the FST fstReaderIterBlocks2 vesc allocation functionality of GTKWave 3.3.115, when compiled as a 32-bit binary. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1790
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
40. CVE-2023-35994
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta initialization part.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
41. CVE-2023-35995
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 1.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
42. CVE-2023-35996
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 0.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
43. CVE-2023-35997
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple improper array index validation vulnerabilities exist in the fstReaderIterBlocks2 tdelta functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the tdelta indexing when signal_lens is 2 or more.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1791
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
44. CVE-2023-36746
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when parsing the time table.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1793
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
45. CVE-2023-36747
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple heap-based buffer overflow vulnerabilities exist in the fstReaderIterBlocks2 fstWritex len functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the handling of `len` in `fstWritex` when `beg_time` does not match the start of the time table.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1793
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
46. CVE-2023-36861
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the VZT LZMA_read_varint functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1811
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
47. CVE-2023-36864
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An integer overflow vulnerability exists in the fstReaderIterBlocks2 temp_signal_value_buf allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1797
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
48. CVE-2023-36915
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1798
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
49. CVE-2023-36916
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the FST fstReaderIterBlocks2 chain_table allocation functionality of GTKWave 3.3.115. A specially crafted .fst file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the allocation of the `chain_table_lengths` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1798
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
50. CVE-2023-37282
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the VZT LZMA_Read dmem extraction functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1810
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
51. CVE-2023-37416
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's legacy VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
52. CVE-2023-37417
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the GUI's interactive VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
53. CVE-2023-37418
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
54. CVE-2023-37419
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
55. CVE-2023-37420
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1804
CWE-ID: CWE-787
Common Platform Enumerations (CPE): Not Found
56. CVE-2023-37442
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's default VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
57. CVE-2023-37443
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's legacy VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
58. CVE-2023-37444
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds read when triggered via the GUI's interactive VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
59. CVE-2023-37445
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2vzt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
60. CVE-2023-37446
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt2 conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
61. CVE-2023-37447
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when triggered via the vcd2lxt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1805
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
62. CVE-2023-37573
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's recoder (default) VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
63. CVE-2023-37574
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's legacy VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
64. CVE-2023-37575
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the GUI's interactive VCD parsing code.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
65. CVE-2023-37576
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2vzt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
66. CVE-2023-37577
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt2 conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
67. CVE-2023-37578
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple use-after-free vulnerabilities exist in the VCD get_vartoken realloc functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the use-after-free when triggered via the vcd2lxt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1806
CWE-ID: CWE-416
Common Platform Enumerations (CPE): Not Found
68. CVE-2023-37921
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2vzt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
CWE-ID: CWE-118
Common Platform Enumerations (CPE): Not Found
69. CVE-2023-37922
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt2 conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
CWE-ID: CWE-118
Common Platform Enumerations (CPE): Not Found
70. CVE-2023-37923
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple arbitrary write vulnerabilities exist in the VCD sorted bsearch functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the arbitrary write when triggered via the vcd2lxt conversion utility.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1807
CWE-ID: CWE-118
Common Platform Enumerations (CPE): Not Found
71. CVE-2023-38583
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: A stack-based buffer overflow vulnerability exists in the LXT2 lxt2_rd_expand_integer_to_bits function of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1827
CWE-ID: CWE-120
Common Platform Enumerations (CPE): Not Found
72. CVE-2023-38618
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
73. CVE-2023-38619
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
74. CVE-2023-38620
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
75. CVE-2023-38621
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
76. CVE-2023-38622
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
77. CVE-2023-38623
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `vindex_offset` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1812
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
78. CVE-2023-38648
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1813
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
79. CVE-2023-38649
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_get_facname decompression functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1813
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
80. CVE-2023-38650
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1814
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
81. CVE-2023-38651
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode times parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1814
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
82. CVE-2023-38652
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is not zero.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1815
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
83. CVE-2023-38653
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the VZT vzt_rd_block_vch_decode dict parsing functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when num_time_ticks is zero.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1815
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
84. CVE-2023-38657
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: An out-of-bounds write vulnerability exists in the LXT2 zlib block decompression functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1823
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
85. CVE-2023-39234
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->numrealfacs`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1817
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
86. CVE-2023-39235
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the VZT vzt_rd_process_block autosort functionality of GTKWave 3.3.115. A specially crafted .vzt file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write when looping over `lt->num_time_ticks`.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1817
CWE-ID: CWE-129
Common Platform Enumerations (CPE): Not Found
87. CVE-2023-39270
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `rows` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
88. CVE-2023-39271
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `msb` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
89. CVE-2023-39272
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `lsb` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
90. CVE-2023-39273
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `flags` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
91. CVE-2023-39274
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `len` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
92. CVE-2023-39275
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 facgeometry parsing functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `value` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1818
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
93. CVE-2023-39316
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_pointers` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1820
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
94. CVE-2023-39317
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_lens` array.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1820
CWE-ID: CWE-190
Common Platform Enumerations (CPE): Not Found
95. CVE-2023-39413
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the left shift operation.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824
CWE-ID: CWE-191
Common Platform Enumerations (CPE): Not Found
96. CVE-2023-39414
Base Score: 7.0
Base Severity: HIGH
Exploitability Score: 1.0
Impact Score: 5.9
Description: Multiple integer underflow vulnerabilities exist in the LXT2 lxt2_rd_iter_radix shift operation functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to memory corruption. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer underflow when performing the right shift operation.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1824
CWE-ID: CWE-191
Common Platform Enumerations (CPE): Not Found
97. CVE-2023-39443
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the prefix copy loop.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
98. CVE-2023-39444
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: Multiple out-of-bounds write vulnerabilities exist in the LXT2 parsing functionality of GTKWave 3.3.115. A specially-crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the out-of-bounds write perfomed by the string copy loop.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1826
CWE-ID: CWE-119
Common Platform Enumerations (CPE): Not Found
99. CVE-2023-47211
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 5.3
Description: A directory traversal vulnerability exists in the uploadMib functionality of ManageEngine OpManager 12.7.258. A specially crafted HTTP request can lead to arbitrary file creation. An attacker can send a malicious MiB file to trigger this vulnerability.
References: https://talosintelligence.com/vulnerability_reports/TALOS-2023-1851
https://www.manageengine.com/itom/advisory/cve-2023-47211.html
CWE-ID: CWE-22
Common Platform Enumerations (CPE): Not Found
100. CVE-2024-21650
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote code execution (RCE) attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the "first name" or "last name" fields during user registration. This impacts all installations that have user registration enabled for guests. This vulnerability has been patched in XWiki 14.10.17, 15.5.3 and 15.8 RC1.
References: https://github.com/xwiki/xwiki-platform/commit/b290bfd573c6f7db6cc15a88dd4111d9fcad0d31
https://github.com/xwiki/xwiki-platform/security/advisories/GHSA-rj7p-xjv7-7229
https://jira.xwiki.org/browse/XWIKI-21173
CWE-ID: CWE-95
Common Platform Enumerations (CPE): Not Found
101. CVE-2024-21747
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in weDevs WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting.This issue affects WP ERP | Complete HR solution with recruitment & job listings | WooCommerce CRM & Accounting: from n/a through 1.12.8.
References: https://patchstack.com/database/vulnerability/erp/wordpress-wp-erp-plugin-1-12-8-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
102. CVE-2022-3328
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: Race condition in snap-confine's must_mkdir_and_open_with_perms()
References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3328
https://ubuntu.com/security/notices/USN-5753-1
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
103. CVE-2023-52215
Base Score: 9.3
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in UkrSolution Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce.This issue affects Simple Inventory Management – just scan barcode to manage products and orders. For WooCommerce: from n/a through 1.5.1.
References: https://patchstack.com/database/vulnerability/barcode-scanner-lite-pos-to-manage-products-inventory-and-orders/wordpress-barcode-scanner-with-inventory-order-manager-plugin-1-5-1-unauthenticated-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
104. CVE-2023-52218
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Anton Bond Woocommerce Tranzila Payment Gateway.This issue affects Woocommerce Tranzila Payment Gateway: from n/a through 1.0.8.
References: https://patchstack.com/database/vulnerability/woo-tranzila-gateway/wordpress-woocommerce-tranzila-gateway-plugin-1-0-8-unauthenticated-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
105. CVE-2023-52219
Base Score: 9.9
Base Severity: CRITICAL
Exploitability Score: 3.1
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Gecka Gecka Terms Thumbnails.This issue affects Gecka Terms Thumbnails: from n/a through 1.1.
References: https://patchstack.com/database/vulnerability/gecka-terms-thumbnails/wordpress-gecka-terms-thumbnails-plugin-1-1-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
106. CVE-2023-52225
Base Score: 10.0
Base Severity: CRITICAL
Exploitability Score: 3.9
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in Tagbox Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics.This issue affects Tagbox – UGC Galleries, Social Media Widgets, User Reviews & Analytics: from n/a through 3.1.
References: https://patchstack.com/database/vulnerability/taggbox-widget/wordpress-tagbox-widget-plugin-3-1-unauthenticated-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
107. CVE-2021-3600
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.1
Impact Score: 6.0
Description: It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.
References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3600
https://git.kernel.org/linus/e88b2c6e5a4d9ce30d75391e4d950da74bb2bd90
https://ubuntu.com/security/notices/USN-5003-1
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
108. CVE-2023-52190
Base Score: 7.5
Base Severity: HIGH
Exploitability Score: 3.9
Impact Score: 3.6
Description: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2.
References: https://patchstack.com/database/vulnerability/coupon-referral-program/wordpress-coupon-referral-program-plugin-1-7-2-unauthenticated-sensitive-data-pii-coupon-data-exposure-vulnerability?_s_id=cve
CWE-ID: CWE-200
Common Platform Enumerations (CPE): Not Found
109. CVE-2023-52207
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with Playlist Free.This issue affects HTML5 MP3 Player with Playlist Free: from n/a through 3.0.0.
References: https://patchstack.com/database/vulnerability/html5-mp3-player-with-playlist/wordpress-html5-mp3-player-plugin-3-0-0-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
110. CVE-2023-6631
Base Score: 7.8
Base Severity: HIGH
Exploitability Score: 1.8
Impact Score: 5.9
Description: PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
References: https://subnet.com/contact/
https://www.cisa.gov/news-events/ics-advisories/icsa-23-353-01
CWE-ID: CWE-428
Common Platform Enumerations (CPE): Not Found
111. CVE-2023-50982
Base Score: 9.0
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Stud.IP 5.x through 5.3.3 allows XSS with resultant upload of executable files, because upload_action and edit_action in Admin_SmileysController do not check the file extension. This leads to remote code execution with the privileges of the www-data user. The fixed versions are 5.3.4, 5.2.6, 5.1.7, and 5.0.9.
References: https://gitlab.studip.de/studip/studip/-/tags
https://rehmeinfosec.de/labor/cve-2023-50982
https://sourceforge.net/projects/studip/files/Stud.IP/5.4/
CWE-ID: Not assigned as of now
Common Platform Enumerations (CPE): Not Found
112. CVE-2023-52200
Base Score: 9.6
Base Severity: CRITICAL
Exploitability Score: 2.8
Impact Score: 6.0
Description: Cross-Site Request Forgery (CSRF), Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup.This issue affects ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup: n/a.
References: https://patchstack.com/database/vulnerability/armember-membership/wordpress-armember-lite-plugin-4-0-22-cross-site-request-forgery-csrf-to-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-352 CWE-502
Common Platform Enumerations (CPE): Not Found
113. CVE-2023-52204
Base Score: 8.5
Base Severity: HIGH
Exploitability Score: 3.1
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Javik Randomize.This issue affects Randomize: from n/a through 1.4.3.
References: https://patchstack.com/database/vulnerability/randomize/wordpress-randomize-plugin-1-4-3-contributor-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
114. CVE-2023-52205
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 SoundCloud Player with Playlist Free.This issue affects HTML5 SoundCloud Player with Playlist Free: from n/a through 2.8.0.
References: https://patchstack.com/database/vulnerability/html5-soundcloud-player-with-playlist/wordpress-html5-soundcloud-player-plugin-2-8-0-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
115. CVE-2023-52206
Base Score: 7.7
Base Severity: HIGH
Exploitability Score: 1.3
Impact Score: 5.8
Description: Deserialization of Untrusted Data vulnerability in Live Composer Team Page Builder: Live Composer live-composer-page-builder.This issue affects Page Builder: Live Composer: from n/a through 1.5.25.
References: https://patchstack.com/database/vulnerability/live-composer-page-builder/wordpress-page-builder-live-composer-plugin-1-5-25-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
116. CVE-2023-52213
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VideoWhisper Rate Star Review – AJAX Reviews for Content, with Star Ratings allows Reflected XSS.This issue affects Rate Star Review – AJAX Reviews for Content, with Star Ratings: from n/a through 1.5.1.
References: https://patchstack.com/database/vulnerability/rate-star-review/wordpress-rate-star-review-plugin-1-5-1-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
117. CVE-2023-52142
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Cool Plugins Events Shortcodes For The Events Calendar.This issue affects Events Shortcodes For The Events Calendar: from n/a through 2.3.1.
References: https://patchstack.com/database/vulnerability/template-events-calendar/wordpress-events-shortcodes-for-the-events-calendar-plugin-2-3-1-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
118. CVE-2023-52196
Base Score: 7.1
Base Severity: HIGH
Exploitability Score: 2.8
Impact Score: 3.7
Description: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Phil Ewels CPT Bootstrap Carousel allows Reflected XSS.This issue affects CPT Bootstrap Carousel: from n/a through 1.12.
References: https://patchstack.com/database/vulnerability/cpt-bootstrap-carousel/wordpress-cpt-bootstrap-carousel-plugin-1-12-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve
CWE-ID: CWE-79
Common Platform Enumerations (CPE): Not Found
119. CVE-2023-52201
Base Score: 7.6
Base Severity: HIGH
Exploitability Score: 2.3
Impact Score: 4.7
Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brian D. Goad pTypeConverter.This issue affects pTypeConverter: from n/a through 0.2.8.1.
References: https://patchstack.com/database/vulnerability/ptypeconverter/wordpress-ptypeconverter-plugin-0-2-8-1-subscriber-sql-injection-vulnerability?_s_id=cve
CWE-ID: CWE-89
Common Platform Enumerations (CPE): Not Found
120. CVE-2023-52202
Base Score: 9.1
Base Severity: CRITICAL
Exploitability Score: 2.3
Impact Score: 6.0
Description: Deserialization of Untrusted Data vulnerability in SVNLabs Softwares HTML5 MP3 Player with Folder Feedburner Playlist Free.This issue affects HTML5 MP3 Player with Folder Feedburner Playlist Free: from n/a through 2.8.0.
References: https://patchstack.com/database/vulnerability/html5-mp3-player-with-mp3-folder-feedburner-playlist/wordpress-html5-mp3-player-with-folder-feedburner-plugin-2-8-0-php-object-injection-vulnerability?_s_id=cve
CWE-ID: CWE-502
Common Platform Enumerations (CPE): Not Found
121. CVE-2023-7218
Base Score: 7.2
Base Severity: HIGH
Exploitability Score: 1.2
Impact Score: 5.9
Description: A vulnerability, which was classified as critical, was found in Totolink N350RT 9.3.5u.6139_B202012. Affected is the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to stack-based buffer overflow. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-249852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
References: https://github.com/jylsec/vuldb/blob/main/TOTOLINK/N350RT/4/README.md
https://vuldb.com/?ctiid.249852
https://vuldb.com/?id.249852
CWE-ID: CWE-121
Common Platform Enumerations (CPE): Not Found