ISHACK AI BOT

Gentoo Linux: CVE-2023-31132: Cacti: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/05/2023 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a privilege escalation vulnerability. A low-privileged OS user with access to a Windows host where Cacti is installed can create arbitrary PHP files in a web document directory. The user can then execute the PHP files under the security context of SYSTEM. This allows an attacker to escalate privilege from a normal user account to SYSTEM. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) gentoo-linux-upgrade-net-analyzer-cacti References https://attackerkb.com/topics/cve-2023-31132 CVE - 2023-31132 202412-02

Gentoo Linux: CVE-2023-39361: Cacti: Multiple Vulnerabilities Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/05/2023 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a SQL injection discovered in graph_view.php. Since guest users can access graph_view.php without authentication by default, if guest users are being utilized in an enabled state, there could be the potential for significant damage. Attackers may exploit this vulnerability, and there may be possibilities for actions such as the usurpation of administrative privileges or remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) gentoo-linux-upgrade-net-analyzer-cacti References https://attackerkb.com/topics/cve-2023-39361 CVE - 2023-39361 202412-02

VMware Photon OS: CVE-2023-4781 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 09/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4781 CVE - 2023-4781

VMware Photon OS: CVE-2023-4762 Severity 10 CVSS (AV:N/AC:L/Au:N/C:C/I:C/A:C) Published 09/05/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4762 CVE - 2023-4762

Alpine Linux: CVE-2023-39358: SQL Injection Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 09/05/2023 Created 08/23/2024 Added 08/22/2024 Modified 10/02/2024 Description Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_branch_select` function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) alpine-linux-upgrade-cacti References https://attackerkb.com/topics/cve-2023-39358 CVE - 2023-39358 https://security.alpinelinux.org/vuln/CVE-2023-39358

Debian: CVE-2023-39515: cacti -- security update Severity 4 CVSS (AV:N/AC:M/Au:M/C:P/I:P/A:N) Published 09/05/2023 Created 11/14/2023 Added 11/13/2023 Modified 01/30/2025 Description Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts and execute JavaScript code in the victim's browser at view-time. The script under `data_debug.php` displays data source related debugging information such as _data source paths, polling settings, meta-data on the data source_. _CENSUS_ found that an adversary that is able to configure a malicious data-source path, can deploy a stored XSS attack against any user that has privileges related to viewing the `data_debug.php` information. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the data source path in _cacti_. This configuration occurs through `http://<HOST>/cacti/data_sources.php`. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output. Solution(s) debian-upgrade-cacti References https://attackerkb.com/topics/cve-2023-39515 CVE - 2023-39515 DSA-5550-1

SUSE: CVE-2023-4762: SUSE Linux Security Advisory Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/05/2023 Created 09/13/2023 Added 09/13/2023 Modified 01/28/2025 Description Type Confusion in V8 in Google Chrome prior to 116.0.5845.179 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High) Solution(s) suse-upgrade-chromedriver suse-upgrade-chromium References https://attackerkb.com/topics/cve-2023-4762 CVE - 2023-4762

SUSE: CVE-2023-4574: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/05/2023 Created 09/06/2023 Added 09/06/2023 Modified 01/28/2025 Description When creating a callback over IPC for showing the Color Picker window, multiple of the same callbacks could have been created at a time and eventually all simultaneously destroyed as soon as one of the callbacks finished. This could have led to a use-after-free causing a potentially exploitable crash. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2023-4574 CVE - 2023-4574

SUSE: CVE-2023-4578: SUSE Linux Security Advisory Severity 7 CVSS (AV:N/AC:M/Au:N/C:N/I:N/A:C) Published 09/05/2023 Created 09/06/2023 Added 09/06/2023 Modified 01/28/2025 Description When calling `JS::CheckRegExpSyntax` a Syntax Error could have been set which would end in calling `convertToRuntimeErrorAndClear`. A path in the function could attempt to allocate memory when none is available which would have caused a newly created Out of Memory exception to be mishandled as a Syntax Error. This vulnerability affects Firefox < 117, Firefox ESR < 115.2, and Thunderbird < 115.2. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2023-4578 CVE - 2023-4578

SUSE: CVE-2023-4581: SUSE Linux Security Advisory Severity 4 CVSS (AV:N/AC:M/Au:N/C:P/I:N/A:N) Published 09/05/2023 Created 09/06/2023 Added 09/06/2023 Modified 01/28/2025 Description Excel `.xll` add-in files did not have a blocklist entry in Firefox's executable blocklist which allowed them to be downloaded without any warning of their potential harm. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) suse-upgrade-mozillafirefox suse-upgrade-mozillafirefox-branding-upstream suse-upgrade-mozillafirefox-devel suse-upgrade-mozillafirefox-translations-common suse-upgrade-mozillafirefox-translations-other suse-upgrade-mozillathunderbird suse-upgrade-mozillathunderbird-translations-common suse-upgrade-mozillathunderbird-translations-other References https://attackerkb.com/topics/cve-2023-4581 CVE - 2023-4581

Gentoo Linux: CVE-2023-20897: Salt: Multiple Vulnerabilities Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:P) Published 09/05/2023 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description Salt masters prior to 3005.2 or 3006.2 contain a DOS in minion return. After receiving several bad packets on the request server equal to the number of worker threads, the master will become unresponsive to return requests until restarted. Solution(s) gentoo-linux-upgrade-app-admin-salt References https://attackerkb.com/topics/cve-2023-20897 CVE - 2023-20897 202412-09

Red Hat: CVE-2023-41909: frr: NULL pointer dereference in bgp_nlri_parse_flowspec() in bgpd/bgp_flowspec.c (Multiple Advisories) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 09/05/2023 Created 05/01/2024 Added 05/01/2024 Modified 09/03/2024 Description An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. Solution(s) redhat-upgrade-frr redhat-upgrade-frr-debuginfo redhat-upgrade-frr-debugsource redhat-upgrade-frr-selinux References CVE-2023-41909 RHSA-2024:2156 RHSA-2024:2981

SUSE: CVE-2023-20898: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:S/C:C/I:C/A:C) Published 09/05/2023 Created 09/30/2023 Added 09/29/2023 Modified 01/28/2025 Description Git Providers can read from the wrong environment because they get the same cache directory base name in Salt masters prior to 3005.2 or 3006.2. Anything that uses Git Providers with different environments can get garbage data or the wrong data, which can lead to wrongful data disclosure, wrongful executions, data corruption and/or crash. Solution(s) suse-upgrade-python3-salt suse-upgrade-salt suse-upgrade-salt-api suse-upgrade-salt-bash-completion suse-upgrade-salt-cloud suse-upgrade-salt-doc suse-upgrade-salt-fish-completion suse-upgrade-salt-master suse-upgrade-salt-minion suse-upgrade-salt-proxy suse-upgrade-salt-ssh suse-upgrade-salt-standalone-formulas-configuration suse-upgrade-salt-syndic suse-upgrade-salt-tests suse-upgrade-salt-transactional-update suse-upgrade-salt-zsh-completion References https://attackerkb.com/topics/cve-2023-20898 CVE - 2023-20898

Gentoo Linux: CVE-2023-39358: Cacti: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 09/05/2023 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `reports_user.php` file. In `ajax_get_branches`, the `tree_id` parameter is passed to the `reports_get_branch_select` function without any validation. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) gentoo-linux-upgrade-net-analyzer-cacti References https://attackerkb.com/topics/cve-2023-39358 CVE - 2023-39358 202412-02

Gentoo Linux: CVE-2023-39510: Cacti: Multiple Vulnerabilities Severity 4 CVSS (AV:N/AC:M/Au:M/C:P/I:P/A:N) Published 09/05/2023 Created 12/10/2024 Added 12/09/2024 Modified 01/30/2025 Description Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The`reports_admin.php` script displays reporting information about graphs, devices, data sources etc. CENSUS found that an adversary that is able to configure a malicious Device name, can deploy a stored XSS attack against any user of the same (or broader) privileges. A user that possesses the _General Administration>Sites/Devices/Data_ permissions can configure the device names in _cacti_. This configuration occurs through `http://<HOST>/cacti/host.php`, while the rendered malicious payload is exhibited at `http://<HOST>/cacti/reports_admin.php` when the a graph with the maliciously altered device name is linked to the report. This vulnerability has been addressed in version 1.2.25. Users are advised to upgrade. Users unable to update should manually filter HTML output. Solution(s) gentoo-linux-upgrade-net-analyzer-cacti References https://attackerkb.com/topics/cve-2023-39510 CVE - 2023-39510 202412-02

Gentoo Linux: CVE-2023-39359: Cacti: Multiple Vulnerabilities Severity 9 CVSS (AV:N/AC:L/Au:S/C:C/I:C/A:C) Published 09/05/2023 Created 12/10/2024 Added 12/09/2024 Modified 01/28/2025 Description Cacti is an open source operational monitoring and fault management framework. An authenticated SQL injection vulnerability was discovered which allows authenticated users to perform privilege escalation and remote code execution. The vulnerability resides in the `graphs.php` file. When dealing with the cases of ajax_hosts and ajax_hosts_noany, if the `site_id` parameter is greater than 0, it is directly reflected in the WHERE clause of the SQL statement. This creates an SQL injection vulnerability. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. Solution(s) gentoo-linux-upgrade-net-analyzer-cacti References https://attackerkb.com/topics/cve-2023-39359 CVE - 2023-39359 202412-02

Huawei EulerOS: CVE-2023-4752: vim security update Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 01/11/2024 Added 01/10/2024 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1858. Solution(s) huawei-euleros-2_0_sp10-upgrade-vim-common huawei-euleros-2_0_sp10-upgrade-vim-enhanced huawei-euleros-2_0_sp10-upgrade-vim-filesystem huawei-euleros-2_0_sp10-upgrade-vim-minimal References https://attackerkb.com/topics/cve-2023-4752 CVE - 2023-4752 EulerOS-SA-2023-3233

Ubuntu: USN-6452-1 (CVE-2023-4750): Vim vulnerabilities Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 10/27/2023 Added 10/27/2023 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1857. Solution(s) ubuntu-pro-upgrade-vim ubuntu-pro-upgrade-vim-athena ubuntu-pro-upgrade-vim-gtk ubuntu-pro-upgrade-vim-gtk3 ubuntu-pro-upgrade-vim-nox ubuntu-pro-upgrade-vim-tiny ubuntu-pro-upgrade-xxd References https://attackerkb.com/topics/cve-2023-4750 CVE - 2023-4750 USN-6452-1

Amazon Linux 2023: CVE-2023-4733: Important priority package update for vim Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1840. A flaw was found in Vim, where it is vulnerable to a use-after-free in the buflist_altfpos function. This flaw allows a specially crafted file to crash software, use unexpected values, or possibly execute code when opened in Vim. Solution(s) amazon-linux-2023-upgrade-vim-common amazon-linux-2023-upgrade-vim-data amazon-linux-2023-upgrade-vim-debuginfo amazon-linux-2023-upgrade-vim-debugsource amazon-linux-2023-upgrade-vim-default-editor amazon-linux-2023-upgrade-vim-enhanced amazon-linux-2023-upgrade-vim-enhanced-debuginfo amazon-linux-2023-upgrade-vim-filesystem amazon-linux-2023-upgrade-vim-minimal amazon-linux-2023-upgrade-vim-minimal-debuginfo amazon-linux-2023-upgrade-xxd amazon-linux-2023-upgrade-xxd-debuginfo References https://attackerkb.com/topics/cve-2023-4733 CVE - 2023-4733 https://alas.aws.amazon.com/AL2023/ALAS-2023-360.html

Amazon Linux 2023: CVE-2023-4752: Important priority package update for vim Severity 6 CVSS (AV:L/AC:H/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 02/14/2025 Added 02/14/2025 Modified 02/14/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1858. A flaw was found in Vim, where it is vulnerable to a use-after-free in the ins_compl_get_exp function. This flaw allows a specially crafted file to crash software, use unexpected values, or possibly execute code when opened in Vim. Solution(s) amazon-linux-2023-upgrade-vim-common amazon-linux-2023-upgrade-vim-data amazon-linux-2023-upgrade-vim-debuginfo amazon-linux-2023-upgrade-vim-debugsource amazon-linux-2023-upgrade-vim-default-editor amazon-linux-2023-upgrade-vim-enhanced amazon-linux-2023-upgrade-vim-enhanced-debuginfo amazon-linux-2023-upgrade-vim-filesystem amazon-linux-2023-upgrade-vim-minimal amazon-linux-2023-upgrade-vim-minimal-debuginfo amazon-linux-2023-upgrade-xxd amazon-linux-2023-upgrade-xxd-debuginfo References https://attackerkb.com/topics/cve-2023-4752 CVE - 2023-4752 https://alas.aws.amazon.com/AL2023/ALAS-2023-360.html

SUSE: CVE-2023-4750: SUSE Linux Security Advisory Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 03/08/2024 Added 03/07/2024 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1857. Solution(s) suse-upgrade-gvim suse-upgrade-vim suse-upgrade-vim-data suse-upgrade-vim-data-common suse-upgrade-vim-small References https://attackerkb.com/topics/cve-2023-4750 CVE - 2023-4750

VMware Photon OS: CVE-2023-4750 Severity 7 CVSS (AV:L/AC:L/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1857. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4750 CVE - 2023-4750

VMware Photon OS: CVE-2023-4733 Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 09/04/2023 Created 01/21/2025 Added 01/20/2025 Modified 02/04/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1840. Solution(s) vmware-photon_os_update_tdnf References https://attackerkb.com/topics/cve-2023-4733 CVE - 2023-4733

Amazon Linux AMI: CVE-2023-4752: Security patch for vim (ALAS-2023-1837) Severity 7 CVSS (AV:L/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 10/11/2023 Added 10/07/2023 Modified 01/28/2025 Description Use After Free in GitHub repository vim/vim prior to 9.0.1858. Solution(s) amazon-linux-upgrade-vim References ALAS-2023-1837 CVE-2023-4752

Alma Linux: CVE-2023-4584: Important: firefox security update (Multiple Advisories) Severity 9 CVSS (AV:N/AC:M/Au:N/C:C/I:C/A:C) Published 09/04/2023 Created 09/07/2023 Added 09/07/2023 Modified 01/28/2025 Description Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, Thunderbird < 102.15, and Thunderbird < 115.2. Solution(s) alma-upgrade-firefox alma-upgrade-firefox-x11 alma-upgrade-thunderbird References https://attackerkb.com/topics/cve-2023-4584 CVE - 2023-4584 https://errata.almalinux.org/8/ALSA-2023-4952.html https://errata.almalinux.org/8/ALSA-2023-4954.html https://errata.almalinux.org/9/ALSA-2023-4955.html https://errata.almalinux.org/9/ALSA-2023-4958.html