Weekly Vulnerabilities Reports > March 4 to 10, 2024

Overview

45 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 22 high severity vulnerabilities. This weekly summary report vulnerabilities in 14 products from 5 vendors including Apple, Qnap, Vmware, Jetbrains, and TP Link. Vulnerabilities are notably categorized as "Injection", "Out-of-bounds Write", "Stack-based Buffer Overflow", "NULL Pointer Dereference", and "Information Exposure".

23 reported vulnerabilities are remotely exploitables.
2 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
31 reported vulnerabilities are exploitable by an anonymous user.
Apple has the most reported vulnerabilities, with 12 reported vulnerabilities.
Jetbrains has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES

CRITICAL RISK
VULNERABILITIES

HIGH RISK
VULNERABILITIES

MEDIUM RISK
VULNERABILITIES

LOW RISK
VULNERABILITIES

REMOTELY
EXPLOITABLE

LOCALLY
EXPLOITABLE

EXPLOIT
AVAILABLE

EXPLOITABLE
ANONYMOUSLY

AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

7 Critical Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-03-08	CVE-2024-21899	Qnap	Improper Authentication vulnerability in Qnap QTS and Quts Hero An improper authentication vulnerability has been reported to affect several QNAP operating system versions.	9.8
2024-03-05	CVE-2023-7103		Authentication Bypass by Primary Weakness vulnerability in ZKSoftware Biometric Security Solutions UFace 5 allows Authentication Bypass.This issue affects UFace 5: through 12022024.	9.8
2024-03-04	CVE-2024-27198	Jetbrains	Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible	9.8
2024-03-04	CVE-2023-28582		Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake.	9.8
2024-03-04	CVE-2023-43552		Memory corruption while processing MBSSID beacon containing several subelement IE.	9.8
2024-03-04	CVE-2023-43553		Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.	9.8
2024-03-04	CVE-2023-28578		Memory corruption in Core Services while executing the command for removing a single event listener.	9.3

Expand/Hide

22 High Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-03-06	CVE-2023-43318	TP Link	Unspecified vulnerability in Tp-Link Tl-Sg2210P Firmware 5.0 TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests.	8.8
2024-03-04	CVE-2023-43540		Memory corruption while processing the IOCTL FM HCI WRITE request.	8.4
2024-03-04	CVE-2023-43546		Memory corruption while invoking HGSL IOCTL context create.	8.4
2024-03-04	CVE-2023-43547		Memory corruption while invoking IOCTLs calls in Automotive Multimedia.	8.4
2024-03-04	CVE-2023-43549		Memory corruption while processing TPC target power table in FTM TPC.	8.4
2024-03-08	CVE-2024-23268	Apple	Injection vulnerability in Apple Macos An injection issue was addressed with improved input validation.	7.8
2024-03-08	CVE-2024-23270	Apple	Unspecified vulnerability in Apple products The issue was addressed with improved memory handling.	7.8
2024-03-08	CVE-2024-23274	Apple	Injection vulnerability in Apple Macos An injection issue was addressed with improved input validation.	7.8
2024-03-08	CVE-2024-23276	Apple	Unspecified vulnerability in Apple Macos A logic issue was addressed with improved checks.	7.8
2024-03-05	CVE-2024-23225	Apple	Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved validation.	7.8
2024-03-05	CVE-2024-23296	Apple	Out-of-bounds Write vulnerability in Apple products A memory corruption issue was addressed with improved validation.	7.8
2024-03-04	CVE-2023-43550		Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.	7.8
2024-03-04	CVE-2023-33084		Transient DOS while processing IE fragments from server during DTLS handshake.	7.5
2024-03-04	CVE-2023-33086		Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.	7.5
2024-03-04	CVE-2023-33095		Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.	7.5
2024-03-04	CVE-2023-33096		Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.	7.5
2024-03-04	CVE-2023-33103		Transient DOS while processing CAG info IE received from NW.	7.5
2024-03-04	CVE-2023-33104		Transient DOS while processing PDU Release command with a parameter PDU ID out of range.	7.5
2024-03-04	CVE-2023-33105		Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.	7.5
2024-03-04	CVE-2023-43539		Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.	7.5
2024-03-04	CVE-2023-43548		Memory corruption while parsing qcp clip with invalid chunk data size.	7.3
2024-03-07	CVE-2023-48725		A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78.	7.2

Expand/Hide

16 Medium Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-03-08	CVE-2024-21900	Qnap	Injection vulnerability in Qnap QTS and Quts Hero An injection vulnerability has been reported to affect several QNAP operating system versions.	6.5
2024-03-08	CVE-2024-23277	Apple	Unspecified vulnerability in Apple Ipad OS, Iphone OS and Macos The issue was addressed with improved checks.	5.9
2024-03-07	CVE-2024-1460		MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.	5.6
2024-03-08	CVE-2024-23266	Apple	Unspecified vulnerability in Apple Macos The issue was addressed with improved checks.	5.5
2024-03-08	CVE-2024-23267	Apple	Unspecified vulnerability in Apple Macos The issue was addressed with improved checks.	5.5
2024-03-08	CVE-2024-23272	Apple	Unspecified vulnerability in Apple Macos A logic issue was addressed with improved checks.	5.5
2024-03-04	CVE-2023-33090		Transient DOS while processing channel information for speaker protection v2 module in ADSP.	5.5
2024-03-04	CVE-2023-41827		An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI.	5.1
2024-03-04	CVE-2023-33078		Information Disclosure while processing IOCTL request in FastRPC.	5.1
2024-03-04	CVE-2023-41829		An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization.	5.0
2024-03-08	CVE-2024-21901	Qnap	SQL Injection vulnerability in Qnap QTS A SQL injection vulnerability has been reported to affect myQNAPcloud.	4.7
2024-03-08	CVE-2024-23275	Apple	Race Condition vulnerability in Apple Macos A race condition was addressed with additional validation.	4.7
2024-03-07	CVE-2024-1443		MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.	4.4
2024-03-08	CVE-2024-23273	Apple	Unspecified vulnerability in Apple products This issue was addressed through improved state management.	4.3
2024-03-07	CVE-2024-26167		Microsoft Edge for Android Spoofing Vulnerability	4.3
2024-03-07	CVE-2024-22256	Vmware	Unspecified vulnerability in VMWare Cloud Director 10.5 VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance.	4.3

Expand/Hide

0 Low Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS