Security
Headlines
HeadlinesLatestCVEs

Source

CVE

CVE-2023-39806

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the bakupdata function.

CVE
Open in Source
#sql#vulnerability
CVE-2023-39805: CVE-2023-39805

iCMS v7.0.16 was discovered to contain a SQL injection vulnerability via the where parameter at admincp.php.

CVE-2023-28129: Ivanti Community

Desktop & Server Management (DSM) may have a possible execution of arbitrary commands.

CVE-2023-40014: Adjust ERC2771Context._msgData for msg.data.length < 20 (#4484) · OpenZeppelin/openzeppelin-contracts@9445f96

OpenZeppelin Contracts is a library for secure smart contract development. Starting in version 4.0.0 and prior to version 4.9.3, contracts using `ERC2771Context` along with a custom trusted forwarder may see `_msgSender` return `address(0)` in calls that originate from the forwarder with calldata shorter than 20 bytes. This combination of circumstances does not appear to be common, in particular it is not the case for `MinimalForwarder` from OpenZeppelin Contracts, or any deployed forwarder the team is aware of, given that the signer address is appended to all calls that originate from these forwarders. The problem has been patched in v4.9.3.

CVE-2023-38034

A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.53 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update UniFi Switches to Version 6.5.59 or later.

CVE-2023-23342: Knowledge Article View HCL - Customer Support

If certain local files are manipulated in a certain manner, the validation to use the cryptographic keys can be circumvented. 

CVE-2023-32567: Ivanti Community

Ivanti Avalanche decodeToMap XML External Entity Processing. Fixed in version 6.4.1.

CVE-2023-39966: Release v1.5.0 · 1Panel-dev/1Panel

1Panel is an open source Linux server operation and maintenance management panel. In version 1.4.3, an arbitrary file write vulnerability could lead to direct control of the server. In the `api/v1/file.go` file, there is a function called `SaveContentthat,It `recieves JSON data sent by users in the form of a POST request. And the lack of parameter filtering allows for arbitrary file write operations. Version 1.5.0 contains a patch for this issue.

CVE-2023-39962: files_external: getStorage before remove by ArtificialOwl · Pull Request #39323 · nextcloud/server

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 19.0.0 and prior to versions 19.0.13.10, 20.0.14.15, 21.0.9.13, 22.2.10.14, 23.0.12.8, 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1, a malicious user could delete any personal or global external storage, making them inaccessible for everyone else as well. Nextcloud server versions 25.0.9, 26.0.4, and 27.0.1 and Nextcloud Enterprise Server versions 19.0.13.10, 20.0.14.15, 21.0.9.13, 22.2.10.14, 23.0.12.9, 24.0.12.5, 25.0.9, 26.0.4, and 27.0.1 contain a patch for this issue. As a workaround, disable app files_external. This also makes the external storage inaccessible but retains the configurations until a patched version has been deployed.