CVE & Exploit Intelligence Database

CVE-2023-36013 6.5 MEDIUM EPSS 0.02

PowerShell Information Disclosure Vulnerability

CWE-798 Nov 20, 2023

CVE-2023-36043 6.5 MEDIUM EPSS 0.00

Open Management Infrastructure Information Disclosure Vulnerability

CWE-200 Nov 14, 2023

CVE-2023-5545 3.3 LOW EPSS 0.00

H5P metadata automatically populated the author with the user's username, which could be sensitive information.

CWE-200 Nov 09, 2023

CVE-2023-5542 3.3 LOW EPSS 0.00

Students in "Only see own membership" groups could see other students in the group, which should be hidden.

CWE-284 Nov 09, 2023

CVE-2023-42551 5.5 MEDIUM EPSS 0.00

Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CWE-668 Nov 07, 2023

CVE-2023-42549 5.5 MEDIUM EPSS 0.00

Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CWE-668 Nov 07, 2023

CVE-2023-42547 5.5 MEDIUM EPSS 0.00

Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CWE-668 Nov 07, 2023

CVE-2023-42546 5.5 MEDIUM EPSS 0.00

Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity in Samsung Account prior to version 14.5.00.7 allows attackers to access arbitrary file with Samsung Account privilege.

CWE-668 Nov 07, 2023

CVE-2023-4910 5.5 MEDIUM EPSS 0.00

A flaw was found In 3Scale Admin Portal. If a user logs out from the personal tokens page and then presses the back button in the browser, the tokens page is rendered from the browser cache.

CWE-668 Nov 06, 2023

CVE-2023-4217 3.1 LOW EPSS 0.00

A vulnerability has been identified in PT-G503 Series versions prior to v5.2, where the session cookies attribute is not set properly in the affected application. The vulnerability may lead to security risks, potentially exposing user session data to unauthorized access and manipulation.

CWE-668 Nov 02, 2023

CVE-2023-3972 7.8 HIGH EPSS 0.00

A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could then control the directory content that insights are using by putting malicious scripts into it and executing arbitrary code as root (trivially bypassing SELinux protections because insights processes are allowed to disable SELinux system-wide).

CWE-379 Nov 01, 2023

CVE-2023-2622 2.7 LOW EPSS 0.00

Authenticated clients can read arbitrary files on the MAIN Computer system using the remote procedure call (RPC) of the InspectSetup service endpoint. The low privilege client is then allowed to read arbitrary files that they do not have authorization to read.

CWE-668 Nov 01, 2023

CVE-2023-38994 7.9 HIGH EPSS 0.00

The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuration of UCS does not allow local ssh access for regular users.

CWE-668 Oct 31, 2023

CVE-2023-37911 6.5 MEDIUM 1 Writeup EPSS 0.00

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Starting in version 9.4-rc-1 and prior to versions 14.10.8 and 15.3-rc-1, when a document has been deleted and re-created, it is possible for users with view right on the re-created document but not on the deleted document to view the contents of the deleted document. Such a situation might arise when rights were added to the deleted document. This can be exploited through the diff feature and, partially, through the REST API by using versions such as `deleted:1` (where the number counts the deletions in the wiki and is thus guessable). Given sufficient rights, the attacker can also re-create the deleted document, thus extending the scope to any deleted document as long as the attacker has edit right in the location of the deleted document. This vulnerability has been patched in XWiki 14.10.8 and 15.3 RC1 by properly checking rights when deleted revisions of a document are accessed. The only workaround is to regularly clean deleted documents to minimize the potential exposure. Extra care should be taken when deleting sensitive documents that are protected individually (and not, e.g., by being placed in a protected space) or deleting a protected space as a whole.

CWE-668 Oct 25, 2023

CVE-2023-45145 3.6 LOW 1 Writeup EPSS 0.01

Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. This problem has existed since Redis 2.6.0-RC1. This issue has been addressed in Redis versions 7.2.2, 7.0.14 and 6.2.14. Users are advised to upgrade. For users unable to upgrade, it is possible to work around the problem by disabling Unix sockets, starting Redis with a restrictive umask, or storing the Unix socket file in a protected directory.

CWE-668 Oct 18, 2023

CVE-2023-45911 9.8 CRITICAL 2 Writeups EPSS 0.00

An issue in WIPOTEC GmbH ComScale v4.3.29.21344 and v4.4.12.723 allows unauthenticated attackers to login as any user without a password.

CWE-668 Oct 18, 2023

CVE-2023-45357 4.3 MEDIUM EPSS 0.00

Archer Platform 6.x before 6.13 P2 HF2 (6.13.0.2.2) contains a sensitive information disclosure vulnerability. An authenticated attacker could potentially obtain access to sensitive information via a popup warning message. 6.14 (6.14.0) is also a fixed release.

CWE-668 Oct 17, 2023

CVE-2023-44394 4.3 MEDIUM 1 Writeup EPSS 0.00

MantisBT is an open source bug tracker. Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs. This issue has been addressed in commit `65c44883f` which has been included in release `2.25.8`. Users are advised to upgrade. Users unable to upgrade should disable wiki integration ( `$g_wiki_enable = OFF;`).

CWE-200 Oct 16, 2023

CVE-2023-35013 2.3 LOW EPSS 0.00

IBM Security Verify Governance 10.0, Identity Manager could allow a local privileged user to obtain sensitive information from source code. IBM X-Force ID: 257769.

CWE-540 Oct 16, 2023

CVE-2023-42792 6.5 MEDIUM EPSS 0.01

Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't. Users of Apache Airflow are strongly advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.

CWE-668 Oct 14, 2023