CVE-2023-1718
Improper file stream access in /desktop_app/file.ajax.php?action=uploadfile in Bitrix24 22.0.300 allows unauthenticated remote attackers to cause denial-of-service via a crafted "tmp_url".
Source: CVE-2023-1718
[글쓴이:] admin
CVE-2022-48454
CVE-2022-48454
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
Source: CVE-2022-48454
CVE-2022-48455
CVE-2022-48455
In wifi service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed
Source: CVE-2022-48455
CVE-2022-48456
CVE-2022-48456
In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This could lead to local denial of service with System execution privileges needed
Source: CVE-2022-48456
CVE-2022-48457
CVE-2022-48457
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
Source: CVE-2022-48457
CVE-2022-48458
CVE-2022-48458
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
Source: CVE-2022-48458
CVE-2022-48459
CVE-2022-48459
In TeleService, there is a possible system crash due to improper input validation. This could lead to local denial of service with no additional execution privileges needed
Source: CVE-2022-48459
CVE-2022-48460
CVE-2022-48460
In setting service, there is a possible undefined behavior due to incorrect error handling. This could lead to local denial of service with no additional execution privileges needed
Source: CVE-2022-48460
CVE-2022-48461
CVE-2022-48461
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
Source: CVE-2022-48461
CVE-2023-1713
CVE-2023-1713
Insecure temporary file creation in bitrix/modules/crm/lib/order/import/instagram.php in Bitrix24 22.0.300 hosted on Apache HTTP Server allows remote authenticated attackers to execute arbitrary code via uploading a crafted ".htaccess" file.
Source: CVE-2023-1713