Total
34393 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38704 | 1 Datadoghq | 1 Import-in-the-middle | 2024-11-21 | 8.1 High |
| import-in-the-middle is a module loading interceptor specifically for ESM modules. The import-in-the-middle loader works by generating a wrapper module on the fly. The wrapper uses the module specifier to load the original module and add some wrapping code. Prior to version 1.4.2, it allows for remote code execution in cases where an application passes user-supplied input directly to the `import()` function. This vulnerability has been patched in import-in-the-middle version 1.4.2. Some workarounds are available. Do not pass any user-supplied input to `import()`. Instead, verify it against a set of allowed values. If using import-in-the-middle, directly or indirectly, and support for EcmaScript Modules is not needed, ensure that no options are set, either via command-line or the `NODE_OPTIONS` environment variable, that would enable loader hooks. | ||||
| CVE-2023-38701 | 1 Iohk | 1 Hydra | 2024-11-21 | 9.1 Critical |
| Hydra is the layer-two scalability solution for Cardano. Users of the Hydra head protocol send the UTxOs they wish to commit into the Hydra head first to the `commit` validator, where they remain until they are either collected into the `head` validator or the protocol initialisation is aborted and the value in the committed UTxOs is returned to the users who committed them. Prior to version 0.12.0, the `commit` validator contains a flawed check when the `ViaAbort` redeemer is used, which allows any user to spend any UTxO which is at the validator arbitrarily, meaning an attacker can steal the funds that users are trying to commit into the head validator. The intended behavior is that the funds must be returned to the user which committed the funds and can only be performed by a participant of the head. The `initial` validator also is similarly affected as the same flawed check is performed for the `ViaAbort` redeemer. Due to this issue, an attacker can steal any funds that user's try to commit into a Hydra head. Also, an attacker can prevent any Hydra head from being successfully opened. It does not allow an attacker to take funds which have been successfully collected into and currently reside in the `head` validator. Version 0.12.0 contains a fix for this issue. | ||||
| CVE-2023-38700 | 1 Matrix | 1 Matrix Irc Bridge | 2024-11-21 | 3.5 Low |
| matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such that it would leak part of a targeted message event from another bridged room. This required knowing an event ID to target. Version 1.0.1n fixes this issue. As a workaround, set the `matrixHandler.eventCacheSize` config value to `0`. This workaround may impact performance. | ||||
| CVE-2023-38685 | 1 Discourse | 1 Discourse | 2024-11-21 | 4.3 Medium |
| Discourse is an open source discussion platform. Prior to version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches, information about restricted-visibility topic tags could be obtained by unauthorized users. The issue is patched in version 3.0.6 of the `stable` branch and version 3.1.0.beta7 of the `beta` and `tests-passed` branches. | ||||
| CVE-2023-38666 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 5.5 Medium |
| Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4encrypt. | ||||
| CVE-2023-38646 | 1 Metabase | 1 Metabase | 2024-11-21 | 9.8 Critical |
| Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2. | ||||
| CVE-2023-38608 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.5. An app may be able to access user-sensitive data. | ||||
| CVE-2023-38602 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system. | ||||
| CVE-2023-38580 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-11-21 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-38564 | 1 Apple | 1 Macos | 2024-11-21 | 7.5 High |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. An app may be able to modify protected parts of the file system. | ||||
| CVE-2023-38561 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | 5.5 Medium |
| Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-38556 | 1 Epson | 24 Ep-801a, Ep-801a Firmware, Ep-802a and 21 more | 2024-11-21 | 7.5 High |
| Improper input validation vulnerability in SEIKO EPSON printer Web Config allows a remote attacker to turned off the printer. [Note] Web Config is the software that allows users to check the status and change the settings of SEIKO EPSON printers via a web browser. Web Config is pre-installed in some printers provided by SEIKO EPSON CORPORATION. For the details of the affected product names/model numbers, refer to the information provided by the vendor. | ||||
| CVE-2023-38544 | 2 Ivanti, Linux | 2 Secure Access Client, Linux Kernel | 2024-11-21 | 5.5 Medium |
| A logged in user can modify specific files that may lead to unauthorized changes in system-wide configuration settings. This vulnerability could be exploited to compromise the integrity and security of the network on the affected system. | ||||
| CVE-2023-38504 | 1 Sailsjs | 1 Sails | 2024-11-21 | 7.5 High |
| Sails is a realtime MVC Framework for Node.js. In Sails apps prior to version 1.5.7,, an attacker can send a virtual request that will cause the node process to crash. This behavior was fixed in Sails v1.5.7. As a workaround, disable the sockets hook and remove the `sails.io.js` client. | ||||
| CVE-2023-38502 | 1 Tdengine | 1 Tdengine | 2024-11-21 | 6.5 Medium |
| TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to version 3.0.7.1, TDengine DataBase crashes on UDF nested query. This issue affects TDengine Databases which let users connect and run arbitrary queries. Version 3.0.7.1 has a patch for this issue. | ||||
| CVE-2023-38499 | 1 Typo3 | 1 Typo3 | 2024-11-21 | 3.7 Low |
| TYPO3 is an open source PHP based web content management system. Starting in version 9.4.0 and prior to versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, and 12.4.4, in multi-site scenarios, enumerating the HTTP query parameters `id` and `L` allowed out-of-scope access to rendered content in the website frontend. For instance, this allowed visitors to access content of an internal site by adding handcrafted query parameters to the URL of a site that was publicly available. TYPO3 versions 9.5.42 ELTS, 10.4.39 ELTS, 11.5.30, 12.4.4 fix the problem. | ||||
| CVE-2023-38496 | 1 Lfprojects | 1 Apptainer | 2024-11-21 | 6.1 Medium |
| Apptainer is an open source container platform. Version 1.2.0-rc.2 introduced an ineffective privilege drop when requesting container network setup, therefore subsequent functions are called with root privileges, the attack surface is rather limited for users but an attacker could possibly craft a starter config to delete any directory on the host filesystems. A security fix has been included in Apptainer 1.2.1. There is no known workaround outside of upgrading to Apptainer 1.2.1. | ||||
| CVE-2023-38493 | 1 Linecorp | 1 Armeria | 2024-11-21 | 7.5 High |
| Armeria is a microservice framework Spring supports Matrix variables. When Spring integration is used, Armeria calls Spring controllers via `TomcatService` or `JettyService` with the path that may contain matrix variables. Prior to version 1.24.3, the Armeria decorators might not invoked because of the matrix variables. If an attacker sends a specially crafted request, the request may bypass the authorizer. Version 1.24.3 contains a patch for this issue. | ||||
| CVE-2023-38425 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 7.2 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-38424 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. An app may be able to execute arbitrary code with kernel privileges. | ||||