Weekly Vulnerabilities Reports > April 1 to 7, 2024

Overview

51 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 24 high severity vulnerabilities. This weekly summary report vulnerabilities in 32 products from 11 vendors including Google, Ivanti, Tenda, Dlink, and Apache. Vulnerabilities are notably categorized as "Out-of-bounds Write", "Cross-site Scripting", "NULL Pointer Dereference", "Use of a Broken or Risky Cryptographic Algorithm", and "Use of Uninitialized Resource".

36 reported vulnerabilities are remotely exploitables.
8 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
36 reported vulnerabilities are exploitable by an anonymous user.
Google has the most reported vulnerabilities, with 5 reported vulnerabilities.
Tenda has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES

CRITICAL RISK
VULNERABILITIES

HIGH RISK
VULNERABILITIES

MEDIUM RISK
VULNERABILITIES

LOW RISK
VULNERABILITIES

REMOTELY
EXPLOITABLE

LOCALLY
EXPLOITABLE

EXPLOIT
AVAILABLE

EXPLOITABLE
ANONYMOUSLY

AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

7 Critical Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-04-04	CVE-2024-21894	Ivanti	Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack.	9.8
2024-04-04	CVE-2024-3272	Dlink	Use of Hard-coded Credentials vulnerability in Dlink products UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.	9.8
2024-04-04	CVE-2024-3273	Dlink	Command Injection vulnerability in Dlink products UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.	9.8
2024-04-02	CVE-2024-30620	Tenda	Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAdvSetMacMtuWan.	9.8
2024-04-02	CVE-2024-30621	Tenda	Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1 Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName parameter in the function fromAdvSetMacMtuWan.	9.8
2024-04-01	CVE-2024-21473		Memory corruption while redirecting log file to any file location with any file name.	9.8
2024-04-04	CVE-2024-2692		SiYuan version 3.0.3 allows executing arbitrary commands on the server.	9.6

Expand/Hide

24 High Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-04-06	CVE-2024-3156	Google	Unspecified vulnerability in Google Chrome Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.	8.8
2024-04-06	CVE-2024-3158	Google	Use After Free vulnerability in Google Chrome Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.	8.8
2024-04-06	CVE-2024-3159	Google	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.	8.8
2024-04-05	CVE-2023-6523		Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse.This issue affects Extreme XDS: before 3914.	8.8
2024-04-01	CVE-2023-28547		Memory corruption in SPS Application while requesting for public key in sorter TA.	8.4
2024-04-01	CVE-2023-33023		Memory corruption while processing finish_sign command to pass a rsp buffer.	8.4
2024-04-01	CVE-2024-21468		Memory corruption when there is failed unmap operation in GPU.	8.4
2024-04-01	CVE-2024-21470		Memory corruption while allocating memory for graphics.	8.4
2024-04-01	CVE-2024-21472		Memory corruption in Kernel while handling GPU operations.	8.4
2024-04-04	CVE-2024-22053	Ivanti	Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.	8.2
2024-04-05	CVE-2024-29748	Google	Unspecified vulnerability in Google Android there is a possible way to bypass due to a logic error in the code.	7.8
2024-04-05	CVE-2024-27911		A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password.	7.5
2024-04-05	CVE-2024-27912		A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets.	7.5
2024-04-04	CVE-2024-22052	Ivanti	NULL Pointer Dereference vulnerability in Ivanti Connect Secure and Policy Secure A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack	7.5
2024-04-04	CVE-2024-27316	Apache Fedoraproject Netapp	Allocation of Resources Without Limits or Throttling vulnerability in multiple products HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response.	7.5
2024-04-03	CVE-2024-2879	Layerslider	SQL Injection vulnerability in Layerslider 7.10.0/7.9.11 The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.	7.5
2024-04-01	CVE-2023-33099		Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.	7.5
2024-04-01	CVE-2023-33101		Transient DOS while processing DL NAS TRANSPORT message with payload length 0.	7.5
2024-04-01	CVE-2024-21453		Transient DOS while decoding message of size that exceeds the available system memory.	7.5
2024-04-01	CVE-2024-21454		Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics.	7.5
2024-04-01	CVE-2024-21452		Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions.	7.3
2024-04-01	CVE-2024-21463		Memory corruption while processing Codec2 during v13k decoder pitch synthesis.	7.3
2024-04-05	CVE-2023-6522		Improper Privilege Management vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3914.	7.2
2024-04-04	CVE-2024-25007	Ericsson	Improper Neutralization of Formula Elements in a CSV File vulnerability in Ericsson Network Manager 21.2/22.1/22.2 Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure.	7.1

Expand/Hide

20 Medium Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS
2024-04-05	CVE-2023-25493		A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code.	6.7
2024-04-05	CVE-2023-5912		A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may allow a local attacker with elevated privileges to write to NVRAM variables.	6.7
2024-04-01	CVE-2023-43515		Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.	6.6
2024-04-05	CVE-2023-4605		A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information.	6.5
2024-04-02	CVE-2023-50313	IBM	Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server 8.5/9.0 IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration.	6.5
2024-04-05	CVE-2024-23592		An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with physical access to replay fingerprints and bypass Windows Hello authentication.	6.3
2024-04-06	CVE-2024-3378	Iboss	Cross-site Scripting vulnerability in Iboss Secure web Gateway A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic.	6.1
2024-04-05	CVE-2024-29745	Google	Use of Uninitialized Resource vulnerability in Google Android there is a possible Information Disclosure due to uninitialized data.	5.5
2024-04-01	CVE-2023-33111		Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.	5.5
2024-04-04	CVE-2024-20800		Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages.	5.4
2024-04-02	CVE-2024-20799		Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.	5.4
2024-04-04	CVE-2024-22023	Ivanti	NULL Pointer Dereference vulnerability in Ivanti Connect Secure and Policy Secure An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.	5.3
2024-04-05	CVE-2024-27908		A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service.	4.9
2024-04-05	CVE-2024-27909		A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot.	4.9
2024-04-03	CVE-2024-21870		A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057.	4.9
2024-04-03	CVE-2024-22178		A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057.	4.9
2024-04-03	CVE-2024-24976		A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057.	4.9
2024-04-03	CVE-2024-27201		An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057.	4.9
2024-04-04	CVE-2024-29981		Microsoft Edge (Chromium-based) Spoofing Vulnerability	4.3
2024-04-04	CVE-2024-29049		Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability	4.1

Expand/Hide

0 Low Vulnerabilities

DATE	CVE	VENDOR	VULNERABILITY	CVSS