Security
Headlines
HeadlinesLatestCVEs

Source

CVE

CVE-2023-32722: [ZBX-23390] Stack-buffer Overflow in library module zbxjson (CVE-2023-32722)

The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.

CVE
Open in Source
#vulnerability#js#rce#buffer_overflow
CVE-2023-32724: [ZBX-23391] JS engine memory pointers are directly available for Zabbix users for modification (CVE-2023-32724)

Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.

CVE-2023-32721: [ZBX-23389] Stored XSS in Maps element (CVE-2023-32721)

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.

CVE-2023-29453: [ZBX-23388] Agent 2 package are built with Go version affected by CVE-2023-24538 (CVE-2023-29453)

Templates do not properly consider backticks (`) as Javascript string delimiters, and do not escape them as expected. Backticks are used, since ES6, for JS template literals. If a template contains a Go template action within a Javascript template literal, the contents of the action can be used to terminate the literal, injecting arbitrary Javascript code into the Go template. As ES6 template literals are rather complex, and themselves can do string interpolation, the decision was made to simply disallow Go template actions from being used inside of them (e.g., "var a = {{.}}"), since there is no obviously safe way to allow this behavior. This takes the same approach as github.com/google/safehtml. With fix, Template. Parse returns an Error when it encounters templates like this, with an ErrorCode of value 12. This ErrorCode is currently unexported but will be exported in the release of Go 1.21. Users who rely on the previous behavior can re-enable it using the GODEBUG flag jstmpllitint...

CVE-2023-5531: Thumbnail Slider With Lightbox <= 1.0 - Cross-Site Request Forgery — Wordfence Intelligence

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality. This makes it possible for unauthenticated attackers to delete image lightboxes via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE-2023-40833: CVE-2023-40833

An issue in Thecosy IceCMS v.1.0.0 allows a remote attacker to gain privileges via the Id and key parameters in getCosSetting.

CVE-2023-40829: CVE-2023-40829 POC introduce

There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000.

CVE-2023-42298: Integer overflow issue in bifs/unquantize.c:298 · Issue #2567 · gpac/gpac

An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via the Q_DecCoordOnUnitSphere function of file src/bifs/unquantize.c.

CVE-2023-5474

Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium)