Weekly Vulnerabilities Reports > April 1 to 7, 2024

Overview

51 new vulnerabilities reported during this period, including 7 critical vulnerabilities and 24 high severity vulnerabilities. This weekly summary report vulnerabilities in 32 products from 11 vendors including Google, Ivanti, Tenda, Dlink, and IBM. Vulnerabilities are notably categorized as "Out-of-bounds Write", "Cross-site Scripting", "NULL Pointer Dereference", "Use of a Broken or Risky Cryptographic Algorithm", and "Use of Uninitialized Resource".

  • 36 reported vulnerabilities are remotely exploitables.
  • 8 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 36 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 5 reported vulnerabilities.
  • Tenda has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

7 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-04-04 CVE-2024-21894 Ivanti Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack.

9.8
2024-04-04 CVE-2024-3272 Dlink Use of Hard-coded Credentials vulnerability in Dlink products

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.

9.8
2024-04-04 CVE-2024-3273 Dlink Command Injection vulnerability in Dlink products

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403.

9.8
2024-04-02 CVE-2024-30620 Tenda Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1

Tenda AX1803 v1.0.0.1 contains a stack overflow via the serviceName parameter in the function fromAdvSetMacMtuWan.

9.8
2024-04-02 CVE-2024-30621 Tenda Out-of-bounds Write vulnerability in Tenda Ax1803 Firmware 1.0.0.1

Tenda AX1803 v1.0.0.1 contains a stack overflow via the serverName parameter in the function fromAdvSetMacMtuWan.

9.8
2024-04-01 CVE-2024-21473 Memory corruption while redirecting log file to any file location with any file name.
9.8
2024-04-04 CVE-2024-2692 SiYuan version 3.0.3 allows executing arbitrary commands on the server.
9.6

24 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-04-06 CVE-2024-3156 Google Unspecified vulnerability in Google Chrome

Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8
2024-04-06 CVE-2024-3158 Google Use After Free vulnerability in Google Chrome

Use after free in Bookmarks in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2024-04-06 CVE-2024-3159 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome

Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page.

8.8
2024-04-05 CVE-2023-6523 Authorization Bypass Through User-Controlled Key vulnerability in ExtremePacs Extreme XDS allows Authentication Abuse.This issue affects Extreme XDS: before 3914.
8.8
2024-04-01 CVE-2023-28547 Memory corruption in SPS Application while requesting for public key in sorter TA.
8.4
2024-04-01 CVE-2023-33023 Memory corruption while processing finish_sign command to pass a rsp buffer.
8.4
2024-04-01 CVE-2024-21468 Memory corruption when there is failed unmap operation in GPU.
8.4
2024-04-01 CVE-2024-21470 Memory corruption while allocating memory for graphics.
8.4
2024-04-01 CVE-2024-21472 Memory corruption in Kernel while handling GPU operations.
8.4
2024-04-04 CVE-2024-22053 Ivanti Out-of-bounds Write vulnerability in Ivanti Connect Secure and Policy Secure

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory.

8.2
2024-04-05 CVE-2024-29748 Google Improper Handling of Exceptional Conditions vulnerability in Google Android

there is a possible way to bypass due to a logic error in the code.

7.8
2024-04-05 CVE-2024-27911 A vulnerability was reported in some Lenovo Printers that could allow an unauthenticated attacker to obtain the administrator password.
7.5
2024-04-05 CVE-2024-27912 A denial of service vulnerability was reported in some Lenovo Printers that could allow an attacker to cause the device to crash by sending crafted LPD packets.
7.5
2024-04-04 CVE-2024-22052 Ivanti NULL Pointer Dereference vulnerability in Ivanti Connect Secure and Policy Secure

A null pointer dereference vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack

7.5
2024-04-04 CVE-2024-27316 Apache
Fedoraproject
Netapp
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response.

7.5
2024-04-03 CVE-2024-2879 Layerslider SQL Injection vulnerability in Layerslider 7.10.0/7.9.11

The LayerSlider plugin for WordPress is vulnerable to SQL Injection via the ls_get_popup_markup action in versions 7.9.11 and 7.10.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.

7.5
2024-04-01 CVE-2023-33099 Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR.
7.5
2024-04-01 CVE-2023-33101 Transient DOS while processing DL NAS TRANSPORT message with payload length 0.
7.5
2024-04-01 CVE-2024-21453 Transient DOS while decoding message of size that exceeds the available system memory.
7.5
2024-04-01 CVE-2024-21454 Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics.
7.5
2024-04-01 CVE-2024-21452 Transient DOS while decoding an ASN.1 OER message containing a SEQUENCE of unknown extensions.
7.3
2024-04-01 CVE-2024-21463 Memory corruption while processing Codec2 during v13k decoder pitch synthesis.
7.3
2024-04-05 CVE-2023-6522 Incorrect Use of Privileged APIs vulnerability in ExtremePacs Extreme XDS allows Collect Data as Provided by Users.This issue affects Extreme XDS: before 3914.
7.2
2024-04-04 CVE-2024-25007 Ericsson Improper Neutralization of Formula Elements in a CSV File vulnerability in Ericsson Network Manager 21.2/22.1/22.2

Ericsson Network Manager (ENM), versions prior to 23.1, contains a vulnerability in the export function of application log where Improper Neutralization of Formula Elements in a CSV File can lead to code execution or information disclosure.

7.1

20 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-04-05 CVE-2023-25493 A potential vulnerability was reported in the BIOS update tool driver for some Desktop, Smart Edge, Smart Office, and ThinkStation products that could allow a local user with elevated privileges to execute arbitrary code.
6.7
2024-04-05 CVE-2023-5912 A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may allow a local attacker with elevated privileges to write to NVRAM variables.
6.7
2024-04-01 CVE-2023-43515 Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.
6.6
2024-04-05 CVE-2023-4605 A valid authenticated Lenovo XClarity Administrator (LXCA) user can potentially leverage an unauthenticated API endpoint to retrieve system event information.
6.5
2024-04-02 CVE-2023-50313 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Websphere Application Server 8.5/9.0

IBM WebSphere Application Server 8.5 and 9.0 could provide weaker than expected security for outbound TLS connections caused by a failure to honor user configuration.

6.5
2024-04-05 CVE-2024-23592 An authentication bypass vulnerability was reported in Lenovo devices with Synaptics fingerprint readers that could allow an attacker with physical access to replay fingerprints and bypass Windows Hello authentication.
6.3
2024-04-06 CVE-2024-3378 Iboss Cross-site Scripting vulnerability in Iboss Secure web Gateway

A vulnerability has been found in iboss Secure Web Gateway up to 10.1 and classified as problematic.

6.1
2024-04-05 CVE-2024-29745 Google Use of Uninitialized Resource vulnerability in Google Android

there is a possible Information Disclosure due to uninitialized data.

5.5
2024-04-01 CVE-2023-33111 Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command.
5.5
2024-04-04 CVE-2024-20800 Adobe Experience Manager versions 6.5.19 and earlier are affected by a DOM-based Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable web pages.
5.4
2024-04-02 CVE-2024-20799 Adobe Experience Manager versions 6.5.19 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.
5.4
2024-04-04 CVE-2024-22023 Ivanti NULL Pointer Dereference vulnerability in Ivanti Connect Secure and Policy Secure

An XML entity expansion or XEE vulnerability in SAML component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated attacker to send specially crafted XML requests in-order-to temporarily cause resource exhaustion thereby resulting in a limited-time DoS.

5.3
2024-04-05 CVE-2024-27908 A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service.
4.9
2024-04-05 CVE-2024-27909 A denial of service vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in a system reboot.
4.9
2024-04-03 CVE-2024-21870 A file write vulnerability exists in the OAS Engine Tags Configuration functionality of Open Automation Software OAS Platform V19.00.0057.
4.9
2024-04-03 CVE-2024-22178 A file write vulnerability exists in the OAS Engine Save Security Configuration functionality of Open Automation Software OAS Platform V19.00.0057.
4.9
2024-04-03 CVE-2024-24976 A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057.
4.9
2024-04-03 CVE-2024-27201 An improper input validation vulnerability exists in the OAS Engine User Configuration functionality of Open Automation Software OAS Platform V19.00.0057.
4.9
2024-04-04 CVE-2024-29981 Microsoft Edge (Chromium-based) Spoofing Vulnerability
4.3
2024-04-04 CVE-2024-29049 Microsoft Edge (Chromium-based) Webview2 Spoofing Vulnerability
4.1

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS