Weekly Vulnerabilities Reports > March 25 to 31, 2024

Overview

33 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 10 high severity vulnerabilities. This weekly summary report vulnerabilities in 16 products from 7 vendors including Apple, Linux, IBM, Jetbrains, and Ivanti. Vulnerabilities are notably categorized as "SQL Injection", "Cross-site Scripting", "NULL Pointer Dereference", "Memory Leak", and "Command Injection".

  • 19 reported vulnerabilities are remotely exploitables.
  • 10 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 20 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 12 reported vulnerabilities.
  • Ivanti has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

6 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-29 CVE-2024-3094 Tukaani Embedded Malicious Code vulnerability in Tukaani XZ 5.6.0/5.6.1

Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0.

10.0
2024-03-31 CVE-2023-46808 Ivanti Unrestricted Upload of File with Dangerous Type vulnerability in Ivanti Neurons for Itsm

An file upload vulnerability in Ivanti ITSM before 2023.4, allows an authenticated remote user to perform file writes to the server.

9.9
2024-03-29 CVE-2023-6191 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Egehan Security WebPDKS allows SQL Injection.This issue affects WebPDKS: through 20240329. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
9.8
2024-03-27 CVE-2023-6153 Authentication Bypass by Primary Weakness vulnerability in TeoSOFT Software TeoBASE allows Authentication Bypass.This issue affects TeoBASE: through 20240327. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
9.8
2024-03-27 CVE-2023-6173 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TeoSOFT Software TeoBASE allows SQL Injection.This issue affects TeoBASE: through 27032024. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
9.8
2024-03-25 CVE-2024-2865 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mergen Software Quality Management System allows SQL Injection.This issue affects Quality Management System: through 25032024.
9.8

10 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-31 CVE-2023-41724 Ivanti Command Injection vulnerability in Ivanti Standalone Sentry

A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat actor to execute arbitrary commands on the underlying operating system of the appliance within the same physical or logical network.

8.8
2024-03-28 CVE-2023-42913 Apple Unspecified vulnerability in Apple Macos

This issue was addressed through improved state management.

8.8
2024-03-28 CVE-2023-42950 Apple Unspecified vulnerability in Apple products

A use after free issue was addressed with improved memory management.

8.8
2024-03-28 CVE-2023-42947 Apple Unspecified vulnerability in Apple products

A path handling issue was addressed with improved validation.

8.6
2024-03-27 CVE-2024-29946 Splunk Command Injection vulnerability in Splunk

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub lacks protections for risky SPL commands.

8.1
2024-03-28 CVE-2023-42892 Apple Unspecified vulnerability in Apple Macos

A use-after-free issue was addressed with improved memory management.

7.8
2024-03-28 CVE-2023-42931 Apple Unspecified vulnerability in Apple Macos

The issue was addressed with improved checks.

7.8
2024-03-31 CVE-2024-22353 IBM Allocation of Resources Without Limits or Throttling vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server Liberty 17.0.0.3 through 24.0.0.4 is vulnerable to a denial of service, caused by sending a specially crafted request.

7.5
2024-03-28 CVE-2023-42962 Apple Unspecified vulnerability in Apple Ipados

This issue was addressed with improved checks This issue is fixed in iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3.

7.5
2024-03-27 CVE-2024-29945 Splunk Information Exposure Through Log Files vulnerability in Splunk

In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the software potentially exposes authentication tokens during the token validation process.

7.2

17 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-03-31 CVE-2023-50959 IBM Unspecified vulnerability in IBM Cloud PAK for Business Automation

IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2,19.0.1, 19.0.2, 19.0.3,20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1,2 2.0.2, 23.0.1, and 23.0.2 may allow end users to query more documents than expected from a connected Enterprise Content Management system when configured to use a system account.

6.5
2024-03-28 CVE-2023-42956 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved memory handling.

6.5
2024-03-29 CVE-2023-6047 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Algoritim E-commerce Software allows Reflected XSS.This issue affects E-commerce Software: before 3.9.2.
6.1
2024-03-28 CVE-2024-31135 Jetbrains Open Redirect vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.03 open redirect was possible on the login page

6.1
2024-03-28 CVE-2024-31137 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.03 reflected XSS was possible via Space connection configuration

6.1
2024-03-31 CVE-2024-25027 IBM Missing Encryption of Sensitive Data vulnerability in IBM Security Verify Access 10.0.6

IBM Security Verify Access 10.0.6 could disclose sensitive snapshot information due to missing encryption.

5.5
2024-03-28 CVE-2023-40390 Apple Unspecified vulnerability in Apple Macos

A privacy issue was addressed by moving sensitive data to a protected location.

5.5
2024-03-28 CVE-2023-42893 Apple Unspecified vulnerability in Apple products

A permissions issue was addressed by removing vulnerable code and adding additional checks.

5.5
2024-03-28 CVE-2023-42896 Apple Unspecified vulnerability in Apple Ipados and Macos

An issue was addressed with improved handling of temporary files.

5.5
2024-03-28 CVE-2023-42930 Apple Unspecified vulnerability in Apple Macos

This issue was addressed with improved checks.

5.5
2024-03-28 CVE-2023-42936 Apple Unspecified vulnerability in Apple products

This issue was addressed with improved redaction of sensitive information.

5.5
2024-03-25 CVE-2021-47164 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix null deref accessing lag dev It could be the lag dev is null so stop processing the event. In bond_enslave() the active/backup slave being set before setting the upper dev so first event is without an upper dev. After setting the upper dev with bond_master_upper_dev_link() there is a second event and in that event we have an upper dev.

5.5
2024-03-25 CVE-2021-47171 Linux Memory Leak vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix memory leak in smsc75xx_bind Syzbot reported memory leak in smsc75xx_bind(). The problem was is non-freed memory in case of errors after memory allocation. backtrace: [<ffffffff84245b62>] kmalloc include/linux/slab.h:556 [inline] [<ffffffff84245b62>] kzalloc include/linux/slab.h:686 [inline] [<ffffffff84245b62>] smsc75xx_bind+0x7a/0x334 drivers/net/usb/smsc75xx.c:1460 [<ffffffff82b5b2e6>] usbnet_probe+0x3b6/0xc30 drivers/net/usb/usbnet.c:1728

5.5
2024-03-25 CVE-2021-47173 Linux Memory Leak vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe. Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leak unreferenced object 0xffff888101113800 (size 2048): comm "kworker/0:1", pid 7, jiffies 4294956777 (age 28.870s) hex dump (first 32 bytes): ff ff ff ff 31 00 00 00 00 00 00 00 00 00 00 00 ....1........... 00 00 00 00 00 00 00 00 00 00 00 00 03 00 00 00 ................ backtrace: [<ffffffff82b8e822>] kmalloc include/linux/slab.h:554 [inline] [<ffffffff82b8e822>] kzalloc include/linux/slab.h:684 [inline] [<ffffffff82b8e822>] usb_alloc_dev+0x32/0x450 drivers/usb/core/usb.c:582 [<ffffffff82b98441>] hub_port_connect drivers/usb/core/hub.c:5129 [inline] [<ffffffff82b98441>] hub_port_connect_change drivers/usb/core/hub.c:5363 [inline] [<ffffffff82b98441>] port_event drivers/usb/core/hub.c:5509 [inline] [<ffffffff82b98441>] hub_event+0x1171/0x20c0 drivers/usb/core/hub.c:5591 [<ffffffff81259229>] process_one_work+0x2c9/0x600 kernel/workqueue.c:2275 [<ffffffff81259b19>] worker_thread+0x59/0x5d0 kernel/workqueue.c:2421 [<ffffffff81261228>] kthread+0x178/0x1b0 kernel/kthread.c:292 [<ffffffff8100227f>] ret_from_fork+0x1f/0x30 arch/x86/entry/entry_64.S:294

5.5
2024-03-25 CVE-2021-47179 Linux NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix a NULL pointer dereference in pnfs_mark_matching_lsegs_return() Commit de144ff4234f changes _pnfs_return_layout() to call pnfs_mark_matching_lsegs_return() passing NULL as the struct pnfs_layout_range argument.

5.5
2024-03-28 CVE-2024-31138 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2024.03 xSS was possible via Agent Distribution settings

5.4
2024-03-31 CVE-2023-50311 IBM Insufficiently Protected Credentials vulnerability in IBM Cics Transaction Gateway 9.2/9.3

IBM CICS Transaction Gateway for Multiplatforms 9.2 and 9.3 transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval.

4.9

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS