homepage
Open menu
Contact Sales

@RISK

The Consensus Security Vulnerability Alert

June 15, 2023  |  Vol. 23, Num. 24

Internet Storm Center SpotlightInternet Storm Center EntriesRecent CVEs

Internet Storm Center Spotlight

INTERNET STORM CENTER SPOTLIGHT

ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html

June 2023 Microsoft Patch Tuesday

Published: 2023-06-13

Last Updated: 2023-06-13 18:30:28 UTC

by Johannes Ullrich (Version: 1)

Today's Microsoft patch Tuesday addresses 94 vulnerabilities. This includes 14 Chromium vulnerabilities patched in Microsoft Edge, and five GitHub vulnerabilities. Six of these vulnerabilities are rated as critical.

Three critical vulnerabilities are remote code execution vulnerabilities related to the Windows Pragmatic Multicast (PGM) service. Past PGM vulnerabilities were related to the Microsoft Message Queue (MSMQ), for example, CVE-2023-28250, which was patched in April.

Two of the important vulnerabilities are caused by Microsoft Exchange. Exploitation requires authentication, so these remote code execution vulnerabilities are only regarded as important. But based on history with similar flaws, this issue is worth watching.

A critical vulnerability patched in Sharepoint allows the spoofing of JWT authentication tokens to gain access as an authenticated user.

This month, none of the vulnerabilities were made public before patch Tuesday, and none of them are already exploited.

Read the full entry: https://isc.sans.edu/diary/June+2023+Microsoft+Patch+Tuesday/29942/

Geoserver Attack Details: More Cryptominers against Unconfigured WebApps

Published: 2023-06-12

Last Updated: 2023-06-12 12:46:13 UTC

by Johannes Ullrich (Version: 1)

Last week, I noted increased scans against "GeoServer." GeoServer is an open-source Java application with a simple web-based interface to share geospatial data like maps.

I followed our usual playbook of redirecting these scans to an instance of GeoServer. Geoserver had a few vulnerabilities in the past. I installed an older version of GeoServer to verify if the vulnerability was exploited. However, it looks like a vulnerability wasn't necessary. Instead, similar to what we have seen with NiFi recently, the attacker is just using a built-in code execution feature, and the default install, as deployed by me, did not require credentials.

GeoServer was installed in a docker container, which prevented any actual execution of the attack code. The container did not provide tools like curl to download additional payload. Instead, I downloaded the payloads later manually.

Soon after I configured the honeypot, several exploit requests arrived from 109.237.96.251. These requests took advantage of the Web Processing Server (WPS).

Read the full entry: https://isc.sans.edu/diary/Geoserver+Attack+Details+More+Cryptominers+against+Unconfigured+WebApps/29936/

Undetected PowerShell Backdoor Disguised as a Profile File

Published: 2023-06-09

Last Updated: 2023-06-09 08:05:43 UTC

by Xavier Mertens (Version: 1)

PowerShell remains an excellent way to compromise computers. Many PowerShell scripts found in the wild are usually obfuscated. Most of the time, this helps to have the script detected by fewer antivirus vendors. Yesterday, I found a script that scored 0/59 on VT! Let’s have a look at it.

The file was found with the name « Microsoft.PowerShell_profile.ps1 ». The attacker nicely selected this name because this is a familiar name used by Microsoft to manage PowerShell profiles. You may compare this to the « .bashrc » on Linux. It’s a way to customize your environment. Everything you launch a PowerShell, it will look for several locations, and if a file is found, it will execute it. Note that it’s also an excellent way to implement persistence because the malicious code will be re-executed every time a new PowerShell is launched. It’s listed as T1546.013[2] in the MITRE framework.

Let’s reverse the script (SHA256: a3d265a0ab00466aab978d0ccf94bb48808861b528603bddead6649eea7c0d16). When opened in a text editor, we can see that it is heavily obfuscated...

Read the full entry: https://isc.sans.edu/diary/Undetected+PowerShell+Backdoor+Disguised+as+a+Profile+File/29930/

Internet Storm Center Entries

Deobfuscating a VBS Script With Custom Encoding (2023.06.14)

https://isc.sans.edu/diary/Deobfuscating+a+VBS+Script+With+Custom+Encoding/29940/

DShield Honeypot Activity for May 2023 (2023.06.11)

https://isc.sans.edu/diary/DShield+Honeypot+Activity+for+May+2023/29932/

Ongoing scans for Geoserver (2023.06.08)

https://isc.sans.edu/diary/Ongoing+scans+for+Geoserver/29926/

Recent CVEs

The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.


CVE-2023-27997 - FortiOS and FortiProxy versions 7.2.4 and below, 7.0.11 and below, 6.4.12 and below, 6.0.16 and below may allow remote execution of arbitrary code via crafted requests.

Product: Fortinet FortiOS and FortiProxy

CVSS Score: 9.8

** KEV since 2023-06-13 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-27997

ISC Podcast: https://isc.sans.edu/podcastdetail.html?podcastid=8534

NVD References: https://fortiguard.com/psirt/FG-IR-23-097




CVE-2023-3079 - Chromium: CVE-2023-3079 Type Confusion in V8

Product: Google Chrome

CVSS Score: 0

** KEV since 2023-06-07 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3079

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-3079




CVE-2023-29357 - Microsoft SharePoint Server Elevation of Privilege Vulnerability

Product: Microsoft SharePoint Server

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29357

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29357




CVE-2023-29363 - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Product: Microsoft Windows

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29363

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29363




CVE-2023-32014 - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Product: Microsoft Windows

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32014

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32014




CVE-2023-32015 - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability

Product: Microsoft  Windows

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32015

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32015




CVE-2022-26134 - Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

Product: Atlassian Confluence_Server 7.18.0

CVSS Score: 0

** KEV since 2022-06-02 **

NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-26134

ISC Diary: https://isc.sans.edu/diary/29936




CVE-2023-32540 - Advantech WebAccess/SCADA v9.1.3 and earlier versions allow attackers to overwrite any file in the OS, inject code into XLS files, and execute arbitrary code by modifying file extensions.

Product: Advantech WebAccss/SCADA v9.1.3

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32540

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01




CVE-2023-32628 - Advantech WebAccess/SCADA v9.1.3 and earlier allows remote code execution via an arbitrary file upload vulnerability.

Product: Advantech WebAccss/SCADA v9.1.3

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32628

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-23-152-01




CVE-2023-31569 - TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function.

Product: Totolink X5000R

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-31569

NVD References: 

- http://totolink.com

- https://github.com/JeeseenSec/Report/tree/main/TOTOLINK,Thanks

- https://github.com/JeeseenSec/Report/tree/main/TOTOLINK/CVE-2023-31569

- https://www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/218.html




CVE-2023-33532 - The Netgear R6250 router with Firmware Version 1.0.4.48 has a command injection vulnerability, allowing an attacker with web management privileges to gain shell privileges via post request parameter injection.

Product: Netgear R6250

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33532

NVD References: 

- http://netgear.com

- https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-33532/Netgear_R6250_RCE.pdf




CVE-2023-32550 - Landscape's server-status page exposes sensitive system information through GET requests, allowing for potential attackers to exploit and access further information from the API.

Product: Landscape API

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32550

NVD References: https://bugs.launchpad.net/landscape/+bug/1929037




CVE-2023-34111 - The github repo Taosdata/grafanaplugin's `Release PR Merged` workflow has a command injection vulnerability allowing for arbitrary code execution within the github action context.

Product: TDengine Grafana Plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34111

NVD References: 

- https://github.com/taosdata/grafanaplugin/blob/master/.github/workflows/release-pr-merged.yaml#L25

- https://github.com/taosdata/grafanaplugin/security/advisories/GHSA-23wp-p848-hcgr

- https://securitylab.github.com/research/github-actions-untrusted-input/




CVE-2023-29632 - PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php.

Product: Joommasters Jmspagebuilder

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29632

NVD References: https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmspagebuilder.html




CVE-2016-15033 - The WordPress Delete All Comments plugin before version 2.1 allows unauthenticated remote code execution via arbitrary file uploads.

Product: Delete All Comments Project 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2016-15033

NVD References: 

- http://blog.nintechnet.com/arbitrary-file-upload-vulnerability-in-wordpress-delete-all-comments-plugin/

- https://wordpress.org/plugins/delete-all-comments/#developers

- https://www.wordfence.com/threat-intel/vulnerabilities/id/b1e98d2d-20b1-4fff-96d4-0fb8e0d2615a?source=cve




CVE-2019-25138 - The User Submitted Posts plugin for WordPress allows unauthenticated attackers to upload arbitrary files, leading to possible remote code execution.

Product: Plugin-Planet User Submitted Posts

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-25138

NVD References: 

- https://blog.nintechnet.com/arbitrary-file-upload-vulnerability-in-wordpress-user-submitted-posts-plugin/

- https://wordpress.org/plugins/user-submitted-posts/#developers

- https://www.wordfence.com/threat-intel/vulnerabilities/id/5a97877b-fb4d-4e87-bcff-56be65fee6ce?source=cve




CVE-2019-25141 - Easy WP SMTP plugin for WordPress <= 1.3.9 allows unauthenticated attackers to inject new admin accounts and modify plugin settings due to missing capability checks and insufficient input validation.

Product: Easy WP SMTP plugin for WordPress

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-25141

NVD References: 

- https://blog.nintechnet.com/critical-0day-vulnerability-fixed-in-wordpress-easy-wp-smtp-plugin/

- https://plugins.trac.wordpress.org/changeset?old_path=%2Feasy-wp-smtp&old=2052057&new_path=%2Feasy-wp-smtp&new=2052058&sfp_email=&sfph_mail=

- https://wordpress.org/support/topic/vulnerability-26/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/84b75f7d-7258-46f6-aee6-b96d70bee264?source=cve




CVE-2020-36708 -  Multiple WordPress themes are vulnerable to function injections, allowing remote code execution, due to epsilon_framework_ajax_action in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4.

Product: WordPress multiple themes

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36708

NVD References: 

- https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-fixed-in-15-wordpress-themes/

- https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-in-wordpress-sparkling-theme/

- https://wpscan.com/vulnerability/bec52a5b-c892-4763-a962-05da7100eca5

- https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/5b75c322-539d-44e9-8f26-5ff929874b67?source=cve




CVE-2020-36713 - The MStore API plugin for WordPress allows unauthenticated attackers to create and escalate privileges on administrator accounts due to an authentication bypass vulnerability.

Product: InspireUI MStore API

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36713

NVD References: 

- https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-mstore-api-plugin/

- https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-mstore-api-security-bypass-2-1-5/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/934c3ce9-cf2d-4bf6-9a34-f448cb2e5a1d?source=cve




CVE-2020-36718 - GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to 2.3 via deserialization of untrusted input, allowing unauthenticated attackers to inject a PHP Object.

Product: Ninjateam Gpdr Ccpa Compliance Support

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36718

NVD References: 

- https://blog.nintechnet.com/gdpr-ccpa-compliance-support-plugin-fixed-insecure-deserialization-vulnerability/

- https://plugins.trac.wordpress.org/changeset/2408938

- https://plugins.trac.wordpress.org/changeset/2411356/ninja-gdpr-compliance

- https://wordpress.org/plugins/ninja-gdpr-compliance/#developers

- https://wpscan.com/vulnerability/92f1d6fb-c665-419e-a13b-688b1df6c395

- https://www.wordfence.com/threat-intel/vulnerabilities/id/a2871261-3231-4a52-9a38-bb3caf461e7d?source=cve




CVE-2020-36719 - ListingPro WordPress Directory & Listing Theme is vulnerable to unauthenticated arbitrary plugin installation, activation, and deactivation due to a missing capability check on the lp_cc_addons_actions function in versions prior to 2.6.1.

Product: Cridio ListingPro

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36719

NVD References: 

- https://blog.nintechnet.com/wordpress-listingpro-theme-fixed-a-critical-vulnerability/

- https://themeforest.net/item/listingpro-multipurpose-directory-theme/19386460

- https://www.wordfence.com/threat-intel/vulnerabilities/id/a08fa649-3092-4c26-a009-2dd576b9b1ac?source=cve




CVE-2020-36724 - Wordable plugin for WordPress versions up to 3.1.1 allows unauthenticated attackers to gain administrator privileges due to an authentication bypass vulnerability.

Product: Wordable 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36724

NVD References: 

- https://blog.nintechnet.com/wordpress-plugins-and-themes-vulnerabilities-roundup/

- https://plugins.trac.wordpress.org/changeset/2234193/wordable/trunk/wordable.php

- https://www.wordfence.com/threat-intel/vulnerabilities/id/be1ab218-37bd-407a-8cb9-66f761849c21?source=cve




CVE-2020-36726 - The Ultimate Reviews plugin for WordPress up to version 2.1.32 is susceptible to PHP Object Injection via untrusted input, allowing unauthenticated attackers to inject a PHP Object.

Product: Etoile Web Design Ultimate Reviews

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36726

NVD References: 

- https://blog.nintechnet.com/wordpress-ultimate-reviews-plugin-fixed-insecure-deserialization-vulnerability/

- https://plugins.trac.wordpress.org/changeset/2409141

- https://www.wordfence.com/threat-intel/vulnerabilities/id/db30acd7-ce51-45d9-8ff0-6ceea8237a8c?source=cve




CVE-2020-36727 - The WordPress Newsletter Manager plugin up to version 1.5.1 allows unauthenticated attackers to inject a serialized PHP object through the 'customFieldsDetails' parameter, due to insecure deserialization.

Product: XYZ Scripts Newsletter Manager

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36727

NVD References: 

- https://blog.nintechnet.com/insecure-deserialization-vulnerability-in-wordpress-newsletter-manager-plugin-unpatched/

- https://wpscan.com/vulnerability/b82124b1-e5e1-4f1e-9513-90474fd3f066

- https://www.wordfence.com/threat-intel/vulnerabilities/id/dcfd8c4d-d48b-468d-a7d5-1ec05b068f79?source=cve




CVE-2020-36730 - WordPress CMP versions up to and including 3.8.1 are vulnerable to authorization bypass leading to potential post reading, subscriber list export, and plugin deactivation by unauthenticated attackers due to a missing capability check on several functions.

Product: NiteoThemes CMP

CVSS Score: 9.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36730

NVD References: 

- https://blog.nintechnet.com/multiple-vulnerabilities-fixed-in-cmp-coming-soon-and-maintenance-plugin/

- https://wpscan.com/vulnerability/10341

- https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-cmp-coming-soon-maintenance-by-niteothemes-security-bypass-3-8-1/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/f1ef067b-e4b4-4174-b6ff-ec94a7afd55d?source=cve




CVE-2021-4341 - The uListing plugin for WordPress can be exploited by unauthenticated attackers to change any WordPress option via an authorization bypass vulnerability in versions up to and including 1.6.6.

Product: StylemixThemes uListing WordPress Plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4341

NVD References: 

- https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/1814537d-8307-4d1f-86c8-801519172be5?source=cve




CVE-2021-4343 - The Unauthenticated Account Creation plugin for WordPress up to version 1.6.6 allows unauthenticated attackers to create administrator accounts due to unprotected AJAX action.

Product: StylemixThemes uListing WordPress Plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4343

NVD References: 

- https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2456786%40ulisting&new=2456786%40ulisting&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/1c6bf45b-b02d-43bb-b682-7f1ae994e1d3?source=cve




CVE-2021-4370 - The uListing plugin for WordPress has an authorization bypass vulnerability allowing unauthenticated users to perform administrative actions.

Product: StylemixThemes uListing WordPress Plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4370

NVD References: 

- https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2456786%40ulisting&new=2456786%40ulisting&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/c5ada976-03b8-4219-9ae3-9060fb7b9de5?source=cve



CVE-2021-4381 - uListing plugin for WordPress allows unauthenticated attackers to change any WordPress option in the database due to missing capability checks and security nonce in versions up to 1.6.6.

Product: StylemixThemes uListing WordPress Plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4381

NVD References: 

- https://blog.nintechnet.com/wordpress-ulisting-plugin-fixed-multiple-critical-vulnerabilities/

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2456786%40ulisting&new=2456786%40ulisting&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/ff5755dc-2262-47f6-ac3a-6bca9529d088?source=cve




CVE-2021-4356 - The Frontend File Manager plugin for WordPress up to version 18.2 is vulnerable to unauthenticated arbitrary file download through the wpfm_file_meta_update AJAX action, allowing attackers to potentially take over the site.

Product: Najeebmedia Frontend File Manager Plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4356

NVD References: 

- https://blog.nintechnet.com/wordpress-frontend-file-manager-plugin-fixed-multiple-critical-vulnerabilities/

- https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=2554359%40nmedia-user-file-uploader&new=2554359%40nmedia-user-file-uploader&sfp_email=&sfph_mail=

- https://www.wordfence.com/threat-intel/vulnerabilities/id/79e2011c-5e4d-4d02-831f-6b4dcfcaa51e?source=cve




CVE-2021-4362 - The Kiwi Social Share plugin for WordPress allows unauthorized access to critical site options, facilitating complete takeover by attackers.

Product: Wpkube Kiwi Social Share

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4362

NVD References: 

- https://blog.nintechnet.com/wordpress-kiwi-social-sharing-plugin-fixed-critical-vulnerability/

- https://wordpress.org/plugins/kiwi-social-share/#developers

- https://www.wordfence.com/threat-intel/vulnerabilities/id/8148b6d0-190a-4b97-8af7-edd6943116d1?source=cve




CVE-2021-4374 -  The WordPress Automatic Plugin is vulnerable to arbitrary options updates, allowing unauthenticated attackers to compromise the entire site.

Product: Valvepress Wordpress Automatic Plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4374

NVD References: 

- https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-automatic-plugin/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/d0567dc8-7a4c-42f4-bf45-f31a8efaa354?source=cve




CVE-2023-33604 -  Imperial CMS v7.5 arbitrary file deletion vulnerability via crafted POST request.

Product: Imperial CMS Project 

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33604

NVD References: https://exchange.xforce.ibmcloud.com/vulnerabilities/257484




CVE-2023-0667 - Wireshark version 4.0.5 and prior is vulnerable to a heap-based buffer overflow and possible code execution due to inadequate validation of an attacker-crafted MSMMS packet.

Product: Wireshark 

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-0667

NVD References: 

- https://gitlab.com/wireshark/wireshark/-/issues/19086

- https://takeonme.org/cves/CVE-2023-0667.html




CVE-2020-36705 - The Adning Advertising plugin for WordPress allows unauthenticated attackers to upload and execute arbitrary files due to missing file type validation.

Product: WordPress Adning Advertising plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36705

NVD References: 

- https://blog.nintechnet.com/critical-vulnerability-in-adning-advertising-plugin-actively-exploited-in-the-wild/

- https://codecanyon.net/item/wp-pro-advertising-system-all-in-one-ad-manager/269693

- https://wpscan.com/vulnerability/e9873fe3-fc06-4a52-aa32-6922cab7830c

- https://www.wordfence.com/blog/2020/07/critical-vulnerabilities-patched-in-adning-advertising-plugin/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/4a263b74-e9ae-4fd2-be9b-9b8e9eee5982?source=cve




CVE-2021-4380 - The Pinterest Automatic plugin for WordPress allows unauthorized attackers to create admin accounts or redirect visitors due to missing capability checks on certain functions and scripts.

Product: WordPress Pinterest Automatic plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2021-4380

NVD References: 

- https://blog.nintechnet.com/critical-vulnerability-fixed-in-wordpress-pinterest-automatic-plugin/

- https://wpscan.com/vulnerability/ffd344fd-de2c-4f27-8932-41aa0a3c3d05

- https://www.acunetix.com/vulnerabilities/web/wordpress-plugin-pinterest-automatic-pin-security-bypass-4-14-3/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/e4fdc902-4cfe-4116-a294-9a0fcb2de346?source=cve




CVE-2023-33556 - TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.

Product: Totolink A7100RU

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33556

NVD References: https://github.com/Am1ngl/ttt/tree/main/37




CVE-2023-23482 - IBM Sterling Partner Engagement Manager versions 6.1-6.2.1 are vulnerable to remote click hijacking, potentially leading to further attacks.

Product: IBM Sterling Partner Engagement Manager

CVSS Score: 9.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-23482

NVD References: 

- https://exchange.xforce.ibmcloud.com/vulnerabilities/245891

- https://www.ibm.com/support/pages/node/7001569




CVE-2023-2986 - The Abandoned Cart Lite plugin for WooCommerce on WordPress allows unauthenticated attackers to impersonate abandoned cart customers due to insufficient encryption of user data.

Product: WordPress Abandoned Cart Lite for WooCommerce plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2986

NVD References: 

- https://plugins.trac.wordpress.org/browser/woocommerce-abandoned-cart/trunk/woocommerce-ac.php#L1815

- https://plugins.trac.wordpress.org/browser/woocommerce-abandoned-cart/trunk/woocommerce-ac.php?rev=2916178#L1800

- https://plugins.trac.wordpress.org/changeset/2922242/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/68052614-204f-4237-af0e-4b8210ebd59f?source=cve




CVE-2023-0291 - Quiz And Survey Master for WordPress allows unauthenticated attackers to delete arbitrary media files due to an authorization bypass vulnerability.

Product: Expresstech Quiz And Survey Master

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-0291

NVD References: 

- https://packetstormsecurity.com/files/171011/wpqsm808-xsrf.txt

- https://plugins.trac.wordpress.org/changeset/2834471/quiz-master-next

- https://wordpress.org/plugins/quiz-master-next/

- https://www.wordfence.com/threat-intel/vulnerabilities/id/68110321-db1a-4634-98cd-0afd3ec933b8?source=cve




CVE-2023-22582 - The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting.

Product: Danfoss AK-EM100

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-22582

NVD References: 

- https://csirt.divd.nl/DIVD-2023-00021

- https://divd.nl/cves/CVE-2023-22582




CVE-2023-22583 - The Danfoss AK-EM100 web forms allow for SQL injection in the login forms.

Product: Danfoss AK-EM100

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-22583

NVD References: 

- https://csirt.divd.nl/DIVD-2023-00021

- https://divd.nl/cves/CVE-2023-22583




CVE-2023-22585 - The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter.

Product: Danfoss AK-EM100

CVSS Score: 9.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-22585

NVD References:

- https://csirt.divd.nl/DIVD-2023-00021

- https://divd.nl/cves/CVE-2023-22585




CVE-2023-25911 - The Danfoss AK-EM100 web applications allow for OS command injection through the web application parameters.

Product: Danfoss AK-EM100

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25911

NVD References: 

- https://csirt.divd.nl/DIVD-2023-00021

- https://divd.nl/cves/CVE-2023-25911




CVE-2022-36331 - The Western Digital My Cloud and SanDisk ibi devices had an impersonation vulnerability that could expose user data.

Product: Western Digital My Cloud

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-36331

NVD References: https://https://www.westerndigital.com/support/product-security/wdc-22020-my-cloud-os-5-my-cloud-home-ibi-firmware-update




CVE-2023-1897 - Atlas Copco Power Focus 6000 web server stores login info in an insecure way, enabling attackers with computer access to steal controller credentials.

Product: Atlas Copco Power Focus 6000

CVSS Score: 9.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-1897

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01




CVE-2023-1898 - Atlas Copco Power Focus 6000 web server allows attackers to retrieve data from an active user's session using session ID numbers.

Product: Atlas Copco Power Focus 6000

CVSS Score: 9.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-1898

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01




CVE-2023-1899 - Atlas Copco Power Focus 6000 web server allows an attacker to gain sensitive information through unsecured network traffic.

Product: Atlas Copco Power Focus 6000

CVSS Score: 9.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-1899

NVD References: https://www.cisa.gov/news-events/ics-advisories/icsa-23-159-01




CVE-2023-2278 - The WP Directory Kit plugin for WordPress up to version 1.1.9 is vulnerable to Local File Inclusion via 'wdk_public_action', allowing unauthenticated attackers to execute arbitrary PHP code on the server.

Product: WordPress WP Directory Kit plugin

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2278

NVD References: 

- https://plugins.trac.wordpress.org/browser/wpdirectorykit/tags/1.1.8/vendor/Winter_MVC/core/mvc_loader.php#L91

- https://plugins.trac.wordpress.org/changeset/2904689/wpdirectorykit/trunk/vendor/Winter_MVC/core/mvc_loader.php

- https://www.wordfence.com/threat-intel/vulnerabilities/id/87399a07-d2d8-42cd-81f0-9060f6cfff48?source=cve




CVE-2023-25910 - SIMATIC PCS 7, SIMATIC S7-PM, and SIMATIC STEP 7 V5 versions prior to V5.7 allow remote users to execute code with elevated privileges in the database management system's server.

Product: Siemens SIMATIC PCS 7, SIMATIC S7-PM, SIMATIC STEP 7 V5

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25910

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-968170.pdf




CVE-2023-29129 - Mendix SAML versions 1.16.4 to 1.18.0 and versions 2.2.0 to 2.4.0, and versions 3.1.8 to 3.6.1, have an insufficient verification of SAML assertions vulnerability that allows unauthenticated remote attackers to bypass authentication and access the application.

Product: Mendix SAML

CVSS Score: 9.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29129

NVD References: https://cert-portal.siemens.com/productcert/pdf/ssa-851884.pdf




CVE-2023-3047 - TMT Lockcell before 15 allows SQL Injection due to improper neutralization of special elements in an SQL command.

Product: TMT Lockcell

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3047

NVD References: https://www.usom.gov.tr/bildirim/tr-23-0345




CVE-2023-3049 - Unrestricted Upload of File with Dangerous Type vulnerability in TMT Lockcell allows Command Injection.This issue affects Lockcell: before 15.

Product: TMT Lockcell

CVSS Score: 10.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3049

NVD References: https://www.usom.gov.tr/bildirim/tr-23-0345




CVE-2023-3050 - Lockcell before 15 relies on cookies without validation and integrity checking, allowing for privilege abuse and authentication bypass.

Product: TMT Lockcell

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-3050

NVD References: https://www.usom.gov.tr/bildirim/tr-23-0345




CVE-2023-35064 - Satos Mobile before 20230607 is vulnerable to SQL Injection through SOAP Parameter Tampering.

Product: Satos Mobile

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-35064

NVD References: https://https://www.usom.gov.tr/bildirim/tr-23-0346




CVE-2023-34249 - PyBB is vulnerable to SQL Injection prior to commit dcaeccd37198ecd3e41ea766d1099354b60d69c2, but has since been fixed; a manual update or sanitization of user queries can be used as a workaround.

Product: benjjvi PyBB

CVSS Score: 9.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34249

NVD References: 

- https://github.com/benjjvi/PyBB/commit/dcaeccd37198ecd3e41ea766d1099354b60d69c2

- https://github.com/benjjvi/PyBB/security/advisories/GHSA-5qrx-fgxq-95gg




CVE-2022-43684 - ServiceNow has an ACL bypass issue that could allow an authenticated user to obtain sensitive information from tables missing authorization controls.

Product: ServiceNow Core functionality

CVSS Score: 9.9

NVD: https://nvd.nist.gov/vuln/detail/CVE-2022-43684

NVD References: https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1303489




CVE-2023-21565 - Azure DevOps Server Spoofing Vulnerability

Product: Microsoft Azure DevOps Server

CVSS Score: 7.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21565

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21565




CVE-2023-29346 - NTFS Elevation of Privilege Vulnerability

Product: Microsoft NTFS

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29346

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29346




CVE-2023-29351 - Windows Group Policy Elevation of Privilege Vulnerability

Product: Microsoft Windows

CVSS Score: 8.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29351

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29351




CVE-2023-29358 - Windows GDI Elevation of Privilege Vulnerability

Product: Microsoft Windows

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29358

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29358




CVE-2023-29359 - GDI Elevation of Privilege Vulnerability

Product: Microsoft  Windows

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29359

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29359




CVE-2023-29360 - Windows TPM Device Driver Elevation of Privilege Vulnerability

Product: Microsoft  Windows TPM Device Driver

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29360

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29360




CVE-2023-29361 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability

Product: Microsoft Windows Cloud Files Mini Filter Driver

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29361

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29361




CVE-2023-29362 - Remote Desktop Client Remote Code Execution Vulnerability

Product: Microsoft Remote Desktop Client

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29362

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29362




CVE-2023-29364 - Windows Authentication Elevation of Privilege Vulnerability

Product: Microsoft Windows

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29364

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29364




CVE-2023-29365 - Windows Media Remote Code Execution Vulnerability

Product: Microsoft  Windows Media Player

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29365

ISC Diary: https://isc.sans.edu/diary/29942




CVE-2023-29366 - Windows Geolocation Service Remote Code Execution Vulnerability

Product: Microsoft  Windows Geolocation Service

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29366

ISC Diary: https://isc.sans.edu/diary/29942




CVE-2023-29367 - iSCSI Target WMI Provider Remote Code Execution Vulnerability

Product: Microsoft iSCSI Target WMI Provider

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29367

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29367




CVE-2023-29368 - Windows Filtering Platform Elevation of Privilege Vulnerability

Product: Microsoft Windows Filtering Platform

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29368

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29368




CVE-2023-29370 - Windows Media Remote Code Execution Vulnerability

Product: Microsoft Windows Media Player

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29370

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29370




CVE-2023-29371 - Windows GDI Elevation of Privilege Vulnerability

Product: Microsoft Windows

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29371

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29371




CVE-2023-29372 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability

Product: Microsoft WDAC OLE DB provider for SQL Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29372

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29372




CVE-2023-29373 - Microsoft ODBC Driver Remote Code Execution Vulnerability

Product: Microsoft ODBC Driver

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29373

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29373




CVE-2023-32008 - Windows Resilient File System (ReFS) Remote Code Execution Vulnerability

Product: Microsoft Windows Resilient File System (ReFS)

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32008

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32008

NVD References: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32008




CVE-2023-32009 - Windows Collaborative Translation Framework Elevation of Privilege Vulnerability

Product: Microsoft Windows Collaborative Translation Framework

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32009

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32009




CVE-2023-32010 - Windows Bus Filter Driver Elevation of Privilege Vulnerability

Product: Microsoft Windows Bus Filter Driver

CVSS Score: 7.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32010

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32010




CVE-2023-32011 - Windows iSCSI Discovery Service Denial of Service Vulnerability

Product: Microsoft Windows iSCSI Discovery Service

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32011

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32011




CVE-2023-32017 - Microsoft PostScript Printer Driver Remote Code Execution Vulnerability

Product: Microsoft PostScript Printer Driver

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32017

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32017




CVE-2023-32018 - Windows Hello Remote Code Execution Vulnerability

Product: Microsoft Windows Hello

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32018

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32018




CVE-2023-32021 - Windows SMB Witness Service Security Feature Bypass Vulnerability

Product: Microsoft Windows SMB Witness Service

CVSS Score: 7.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32021

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32021



 

CVE-2023-32022 - Windows Server Service Security Feature Bypass Vulnerability

Product: Microsoft Windows Server Service

CVSS Score: 7.6

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32022

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32022




CVE-2023-32029 - Microsoft Excel Remote Code Execution Vulnerability

Product: Microsoft Excel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32029

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32029




CVE-2023-33126 - .NET and Visual Studio Remote Code Execution Vulnerability

Product: Microsoft .NET and Visual Studio

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33126

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33126




CVE-2023-33128 - .NET and Visual Studio Remote Code Execution Vulnerability

Product: Microsoft .NET and Visual Studio

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33128

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33128




CVE-2023-33130 - Microsoft SharePoint Server Spoofing Vulnerability

Product: Microsoft SharePoint Server

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33130

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33130




CVE-2023-33131 - Microsoft Outlook Remote Code Execution Vulnerability

Product: Microsoft Outlook

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33131

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33131




CVE-2023-33133 - Microsoft Excel Remote Code Execution Vulnerability

Product: Microsoft  Excel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33133

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33133




CVE-2023-33135 - .NET and Visual Studio Elevation of Privilege Vulnerability

Product: Microsoft .NET and Visual Studio

CVSS Score: 7.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33135

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33135




CVE-2023-33137 - Microsoft Excel Remote Code Execution Vulnerability

Product: Microsoft Excel

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33137

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33137




CVE-2023-33146 - Microsoft Office Remote Code Execution Vulnerability

Product: Microsoft Office

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33146

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33146




CVE-2023-28310 - Microsoft Exchange Server Remote Code Execution Vulnerability

Product: Microsoft Exchange Server

CVSS Score: 8.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-28310

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28310




CVE-2023-24897 - .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

Product: Microsoft .NET Framework and Visual Studio

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24897

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24897




CVE-2023-29326 - .NET Framework Remote Code Execution Vulnerability

Product: Microsoft .NET Framework

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29326

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29326




CVE-2023-32031 - Microsoft Exchange Server Remote Code Execution Vulnerability

Product: Microsoft  Exchange Server

CVSS Score: 8.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32031

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32031




CVE-2023-33143 - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability

Product: Microsoft Edge (Chromium-based)

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33143

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33143




CVE-2023-24895 - .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability

Product: Microsoft .NET Framework and Visual Studio

CVSS Score: 7.8

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24895

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24895




CVE-2023-24936 - .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

Product: Microsoft .NET Framework

CVSS Score: 8.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24936

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24936




CVE-2023-29331 - .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability

Product: Microsoft .NET Framework

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29331

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29331




CVE-2023-29337 - NuGet Client Remote Code Execution Vulnerability

Product: Microsoft NuGet Client

CVSS Score: 7.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29337

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29337




CVE-2023-29012 - GitHub: CVE-2023-29012 Git CMD erroneously executes `doskey.exe` in current directory, if it exists

Product: Git for Windows

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29012

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29012




CVE-2023-29011 - GitHub: CVE-2023-29011 The config file of `connect.exe` is susceptible to malicious placing

Product: Git for Windows connect.exe

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29011

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29011




CVE-2023-25815 - GitHub: CVE-2023-25815 Git looks for localized messages in an unprivileged place

Product: Git for Windows

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25815

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-25815




CVE-2023-29007 - GitHub: CVE-2023-29007 Arbitrary configuration injection via `git submodule deinit`

Product: Git revision control system

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29007

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29007




CVE-2023-25652 - GitHub: CVE-2023-25652 "git apply --reject" partially-controlled arbitrary file write

Product: Git revision control system

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-25652

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-25652




CVE-2023-32030 - .NET and Visual Studio Denial of Service Vulnerability

Product: Microsoft .NET and Visual Studio

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32030

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32030




CVE-2023-27909 - Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK 2020 or prior

Product: Autodesk FBX SDK

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-27909

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27909




CVE-2023-27910 - Stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior

Product: Autodesk FBX SDK

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-27910

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27910




CVE-2023-27911 - Heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior

Product: Autodesk  FBX SDK

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-27911

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-27911




CVE-2023-33141 - Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability

Product: No vendor name or product name is mentioned. 

CVSS Score: 7.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33141

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33141




CVE-2023-2929 - Chromium: CVE-2023-2929 Out of bounds write in Swiftshader

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2929

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2929




CVE-2023-2930 - Chromium: CVE-2023-2930 Use after free in Extensions

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2930

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2930




CVE-2023-2931 - Chromium: CVE-2023-2931 Use after free in PDF

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2931

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2931




CVE-2023-2932 - Chromium: CVE-2023-2932 Use after free in PDF

Product: Google Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2932

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2932




CVE-2023-2933 - Chromium: CVE-2023-2933 Use after free in PDF

Product: Google Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2933

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2933




CVE-2023-2934 - Chromium: CVE-2023-2934 Out of bounds memory access in Mojo

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2934

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2934




CVE-2023-2935 - Chromium: CVE-2023-2935 Type Confusion in V8

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2935

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2935




CVE-2023-2936 - Chromium: CVE-2023-2936 Type Confusion in V8

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2936

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2936




CVE-2023-2937 - Chromium: CVE-2023-2937 Inappropriate implementation in Picture In Picture

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2937

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2937




CVE-2023-2938 - Chromium: CVE-2023-2938 Inappropriate implementation in Picture In Picture

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2938

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2938




CVE-2023-2939 - Chromium: CVE-2023-2939 Insufficient data validation in Installer

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2939

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2939




CVE-2023-2940 - Chromium: CVE-2023-2940 Inappropriate implementation in Downloads

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2940

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2940




CVE-2023-2941 - Chromium: CVE-2023-2941 Inappropriate implementation in Extensions API

Product: Google Chrome

CVSS Score: 0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-2941

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-2941




CVE-2023-29345 - Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

Product: Microsoft Edge (Chromium-based)

CVSS Score: 6.1

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29345

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29345




CVE-2023-21569 - Azure DevOps Server Spoofing Vulnerability

Product: Microsoft Azure DevOps Server

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-21569

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21569




CVE-2023-24938 - Windows CryptoAPI  Denial of Service Vulnerability

Product: Microsoft Windows CryptoAPI

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24938

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24938




CVE-2023-29352 - Windows Remote Desktop Security Feature Bypass Vulnerability

Product: Microsoft Windows Remote Desktop

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29352

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29352




CVE-2023-29353 - Sysinternals Process Monitor for Windows Denial of Service Vulnerability

Product: Microsoft Sysinternals Process Monitor

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29353

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29353




CVE-2023-29355 - DHCP Server Service Information Disclosure Vulnerability

Product: Microsoft DHCP Server Service

CVSS Score: 5.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29355

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29355




CVE-2023-29369 - Remote Procedure Call Runtime Denial of Service Vulnerability

Product: Microsoft Remote Procedure Call (RPC) runtime

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29369

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-29369




CVE-2023-32012 - Windows Container Manager Service Elevation of Privilege Vulnerability

Product: Microsoft Windows Container Manager Service

CVSS Score: 6.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32012

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32012




CVE-2023-32013 - Windows Hyper-V Denial of Service Vulnerability

Product: Microsoft Windows Hyper-V

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32013

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32013




CVE-2023-32016 - Windows Installer Information Disclosure Vulnerability

Product: Microsoft Windows Installer

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32016

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32016




CVE-2023-32019 - Windows Kernel Information Disclosure Vulnerability

Product: Microsoft Windows Kernel

CVSS Score: 4.7

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32019

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32019




CVE-2023-32032 - .NET and Visual Studio Elevation of Privilege Vulnerability

Product: Microsoft .NET and Visual Studio

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32032

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32032




CVE-2023-33129 -  Microsoft SharePoint Denial of Service Vulnerability

Product: Microsoft SharePoint

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33129

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33129




CVE-2023-33132 - Microsoft SharePoint Server Spoofing Vulnerability

Product: Microsoft SharePoint Server

CVSS Score: 6.3

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33132

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33132




CVE-2023-33139 - Visual Studio Information Disclosure Vulnerability

Product: Microsoft Visual Studio

CVSS Score: 5.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33139

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33139




CVE-2023-33140 -  Microsoft OneNote Spoofing Vulnerability

Product: Microsoft OneNote

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33140

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33140




CVE-2023-33142 - Microsoft SharePoint Server Elevation of Privilege Vulnerability

Product: Microsoft SharePoint Server

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33142

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33142




CVE-2023-33144 - Visual Studio Code Spoofing Vulnerability

Product: Microsoft Visual Studio Code

CVSS Score: 5.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33144

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33144




CVE-2023-33145 - Microsoft Edge (Chromium-based) Information Disclosure Vulnerability

Product: Microsoft Edge (Chromium-based)

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33145

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-33145




CVE-2023-24937 - Windows CryptoAPI  Denial of Service Vulnerability

Product: Microsoft Windows CryptoAPI

CVSS Score: 6.5

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24937

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24937




CVE-2023-24896 - Dynamics 365 Finance Spoofing Vulnerability

Product: Microsoft Dynamics 365 Finance

CVSS Score: 5.4

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-24896

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-24896




CVE-2023-32020 - Windows DNS Spoofing Vulnerability

Product: Microsoft Windows DNS

CVSS Score: 3.7

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32020

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32020




CVE-2023-32024 - Microsoft Power Apps Spoofing Vulnerability

Product: Microsoft Power Apps

CVSS Score: 3.0

NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32024

ISC Diary: https://isc.sans.edu/diary/29942

MSFT Details: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-32024




The following vulnerability needs a manual review:


CVE: CVE-2023-28250

CISA KEV: 

Vendor: unknown

Product: unknown

Description: unknown