» 2023 » 7월

CVE-2023-35983

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-35983

This issue was addressed with improved data protection. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. An app may be able to modify protected parts of the file system.

Source: CVE-2023-35983

CVE-2023-32433

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-32433

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

Source: CVE-2023-32433

CVE-2023-32381

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-32381

A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.6.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.

Source: CVE-2023-32381

CVE-2023-28012

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-28012

HCL BigFix Mobile is vulnerable to a command injection attack. An authenticated attacker could run arbitrary shell commands on the WebUI server.

Source: CVE-2023-28012

CVE-2023-28014

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-28014

HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.

Source: CVE-2023-28014

CVE-2023-3451

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-3451

** REJECT ** Duplicate CVE. Please use CVE-2023-32297.

Source: CVE-2023-3451

CVE-2023-28013

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-28013

HCL BigFix Mobile is vulnerable to a cross-site scripting attack. An authenticated attacker could inject malicious scripts into the application.

Source: CVE-2023-28013

CVE-2023-37692

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-37692

An arbitrary file upload vulnerability in October CMS v3.4.4 allows attackers to execute arbitrary code via a crafted file.

Source: CVE-2023-37692

CVE-2023-37732

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-37732

Yasm v1.3.0.78 was found prone to NULL Pointer Dereference in /libyasm/intnum.c and /elf/elf.c, which allows the attacker to cause a denial of service via a crafted file.

Source: CVE-2023-37732

CVE-2023-38285

Posted on 2023년 7월 27일2023년 7월 27일 by admin

CVE-2023-38285

Trustwave ModSecurity 3.x before 3.0.10 has Inefficient Algorithmic Complexity.

Source: CVE-2023-38285