Weekly Vulnerabilities Reports > March 4 to 10, 2024

Overview

45 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 22 high severity vulnerabilities. This weekly summary report vulnerabilities in 14 products from 5 vendors including Apple, Qnap, Jetbrains, Vmware, and TP Link. Vulnerabilities are notably categorized as "Injection", "Out-of-bounds Write", "Stack-based Buffer Overflow", "NULL Pointer Dereference", and "Information Exposure".

  • 23 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 31 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 12 reported vulnerabilities.
  • Jetbrains has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

7 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-08 CVE-2024-21899 Qnap Improper Authentication vulnerability in Qnap QTS and Quts Hero

An improper authentication vulnerability has been reported to affect several QNAP operating system versions.

9.8
2024-03-05 CVE-2023-7103 Authentication Bypass by Primary Weakness vulnerability in ZKSoftware Biometric Security Solutions UFace 5 allows Authentication Bypass.This issue affects UFace 5: through 12022024.
9.8
2024-03-04 CVE-2024-27198 Jetbrains Unspecified vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2023.11.4 authentication bypass allowing to perform admin actions was possible

9.8
2024-03-04 CVE-2023-28582 Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake.
9.8
2024-03-04 CVE-2023-43552 Memory corruption while processing MBSSID beacon containing several subelement IE.
9.8
2024-03-04 CVE-2023-43553 Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.
9.8
2024-03-04 CVE-2023-28578 Memory corruption in Core Services while executing the command for removing a single event listener.
9.3

22 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-06 CVE-2023-43318 TP Link Unspecified vulnerability in Tp-Link Tl-Sg2210P Firmware 5.0

TP-Link JetStream Smart Switch TL-SG2210P 5.0 Build 20211201 allows attackers to escalate privileges via modification of the 'tid' and 'usrlvl' values in GET requests.

8.8
2024-03-04 CVE-2023-43540 Memory corruption while processing the IOCTL FM HCI WRITE request.
8.4
2024-03-04 CVE-2023-43546 Memory corruption while invoking HGSL IOCTL context create.
8.4
2024-03-04 CVE-2023-43547 Memory corruption while invoking IOCTLs calls in Automotive Multimedia.
8.4
2024-03-04 CVE-2023-43549 Memory corruption while processing TPC target power table in FTM TPC.
8.4
2024-03-08 CVE-2024-23268 Apple Injection vulnerability in Apple Macos

An injection issue was addressed with improved input validation.

7.8
2024-03-08 CVE-2024-23270 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

7.8
2024-03-08 CVE-2024-23274 Apple Injection vulnerability in Apple Macos

An injection issue was addressed with improved input validation.

7.8
2024-03-08 CVE-2024-23276 Apple Unspecified vulnerability in Apple Macos

A logic issue was addressed with improved checks.

7.8
2024-03-05 CVE-2024-23225 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved validation.

7.8
2024-03-05 CVE-2024-23296 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved validation.

7.8
2024-03-04 CVE-2023-43550 Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.
7.8
2024-03-04 CVE-2023-33084 Transient DOS while processing IE fragments from server during DTLS handshake.
7.5
2024-03-04 CVE-2023-33086 Transient DOS while processing multiple IKEV2 Informational Request to device from IPSEC server with different identifiers.
7.5
2024-03-04 CVE-2023-33095 Transient DOS while processing multiple payload container type with incorrect container length received in DL NAS transport OTA in NR.
7.5
2024-03-04 CVE-2023-33096 Transient DOS while processing DL NAS Transport message, as specified in 3GPP 24.501 v16.
7.5
2024-03-04 CVE-2023-33103 Transient DOS while processing CAG info IE received from NW.
7.5
2024-03-04 CVE-2023-33104 Transient DOS while processing PDU Release command with a parameter PDU ID out of range.
7.5
2024-03-04 CVE-2023-33105 Transient DOS in WLAN Host and Firmware when large number of open authentication frames are sent with an invalid transaction sequence number.
7.5
2024-03-04 CVE-2023-43539 Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame.
7.5
2024-03-04 CVE-2023-43548 Memory corruption while parsing qcp clip with invalid chunk data size.
7.3
2024-03-07 CVE-2023-48725 A stack-based buffer overflow vulnerability exists in the JSON Parsing getblockschedule() functionality of Netgear RAX30 1.0.11.96 and 1.0.7.78.
7.2

16 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-08 CVE-2024-21900 Qnap Injection vulnerability in Qnap QTS and Quts Hero

An injection vulnerability has been reported to affect several QNAP operating system versions.

6.5
2024-03-08 CVE-2024-23277 Apple Unspecified vulnerability in Apple Ipad OS, Iphone OS and Macos

The issue was addressed with improved checks.

5.9
2024-03-07 CVE-2024-1460 MSI Afterburner v4.6.5.16370 is vulnerable to a Kernel Memory Leak vulnerability by triggering the 0x80002040 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.
5.6
2024-03-08 CVE-2024-23266 Apple Unspecified vulnerability in Apple Macos

The issue was addressed with improved checks.

5.5
2024-03-08 CVE-2024-23267 Apple Unspecified vulnerability in Apple Macos

The issue was addressed with improved checks.

5.5
2024-03-08 CVE-2024-23272 Apple Unspecified vulnerability in Apple Macos

A logic issue was addressed with improved checks.

5.5
2024-03-04 CVE-2023-33090 Transient DOS while processing channel information for speaker protection v2 module in ADSP.
5.5
2024-03-04 CVE-2023-41827 An improper export vulnerability was reported in the Motorola OTA update application, that could allow a malicious, local application to inject an HTML-based message on screen UI.
5.1
2024-03-04 CVE-2023-33078 Information Disclosure while processing IOCTL request in FastRPC.
5.1
2024-03-04 CVE-2023-41829 An improper export vulnerability was reported in the Motorola Carrier Services application that could allow a malicious, local application to read files without authorization.
5.0
2024-03-08 CVE-2024-21901 Qnap SQL Injection vulnerability in Qnap QTS

A SQL injection vulnerability has been reported to affect myQNAPcloud.

4.7
2024-03-08 CVE-2024-23275 Apple Race Condition vulnerability in Apple Macos

A race condition was addressed with additional validation.

4.7
2024-03-07 CVE-2024-1443 MSI Afterburner v4.6.5.16370 is vulnerable to a Denial of Service vulnerability by triggering the 0x80002000 IOCTL code of the RTCore64.sys driver. The handle to the driver can only be obtained from a high integrity process.
4.4
2024-03-08 CVE-2024-23273 Apple Unspecified vulnerability in Apple products

This issue was addressed through improved state management.

4.3
2024-03-07 CVE-2024-26167 Microsoft Edge for Android Spoofing Vulnerability
4.3
2024-03-07 CVE-2024-22256 Vmware Unspecified vulnerability in VMWare Cloud Director 10.5

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance.

4.3

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS