» 2023 » 7월

CVE-2023-25770

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-25770

Controller DoS may occur due to buffer overflow when an error is generated in response to a specially crafted message.

Source: CVE-2023-25770

CVE-2023-25178

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-25178

Controller may be loaded with malicious firmware which could enable remote code execution

Source: CVE-2023-25178

CVE-2023-3659

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-3659

A vulnerability has been found in SourceCodester AC Repair and Services System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file admin/?page=user/manage_user. The manipulation of the argument firstname/middlename leads to cross site scripting. The attack can be launched remotely. The identifier VDB-234013 was assigned to this vulnerability.

Source: CVE-2023-3659

CVE-2023-22435

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-22435

Experion server may experience a DoS due to a stack overflow when handling a specially crafted message.

Source: CVE-2023-22435

CVE-2023-24480

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-24480

Controller DoS due to stack overflow when decoding a message from the server

Source: CVE-2023-24480

CVE-2023-24474

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-24474

Experion server may experience a DoS due to a heap overflow which could occur when handling a specially crafted message

Source: CVE-2023-24474

CVE-2023-23585

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-23585

Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation.

Source: CVE-2023-23585

CVE-2023-3657

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-3657

A vulnerability, which was classified as critical, has been found in SourceCodester AC Repair and Services System 1.0. This issue affects some unknown processing of the file Master.php?f=save_book of the component HTTP POST Request Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-234011.

Source: CVE-2023-3657

CVE-2023-29451

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-29451

Specially crafted string can cause a buffer overrun in the JSON parser library leading to a crash of the Zabbix Server or a Zabbix Proxy.

Source: CVE-2023-29451

CVE-2023-29458

Posted on 2023년 7월 13일2023년 7월 13일 by admin

CVE-2023-29458

Duktape is an 3rd-party embeddable JavaScript engine, with a focus on portability and compact footprint. When adding too many values in valstack JavaScript will crash. This issue occurs due to bug in Duktape 2.6 which is an 3rd-party solution that we use.

Source: CVE-2023-29458