Weekly Vulnerabilities Reports > May 13 to 19, 2024

Overview

85 new vulnerabilities reported during this period, including 10 critical vulnerabilities and 32 high severity vulnerabilities. This weekly summary report vulnerabilities in 43 products from 19 vendors including Apple, Huawei, Adobe, Fortinet, and Oretnom23. Vulnerabilities are notably categorized as "Out-of-bounds Read", "Use After Free", "Unrestricted Upload of File with Dangerous Type", "Server-Side Request Forgery (SSRF)", and "Out-of-bounds Write".

  • 34 reported vulnerabilities are remotely exploitables.
  • 3 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 53 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 27 reported vulnerabilities.
  • Oretnom23 has the most reported critical vulnerabilities, with 5 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

10 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-05-18 CVE-2024-3658 The Build App Online plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.0.21.
9.8
2024-05-16 CVE-2024-4931 Oretnom23 Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability, which was classified as critical, has been found in SourceCodester Simple Online Bidding System 1.0.

9.8
2024-05-16 CVE-2024-4932 Oretnom23 Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability, which was classified as critical, was found in SourceCodester Simple Online Bidding System 1.0.

9.8
2024-05-16 CVE-2024-4933 Oretnom23 Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability has been found in SourceCodester Simple Online Bidding System 1.0 and classified as critical.

9.8
2024-05-16 CVE-2024-4927 Oretnom23 Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0.

9.8
2024-05-16 CVE-2024-4928 Oretnom23 Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability was found in SourceCodester Simple Online Bidding System 1.0.

9.8
2024-05-14 CVE-2024-32991 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Permission verification vulnerability in the wpa_supplicant module Impact: Successful exploitation of this vulnerability will affect availability.

9.8
2024-05-15 CVE-2024-4947 Google
Fedoraproject
Type Confusion vulnerability in multiple products

Type Confusion in V8 in Google Chrome prior to 125.0.6422.60 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

9.6
2024-05-14 CVE-2024-4671 Google
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6
2024-05-14 CVE-2024-32002 GIT Link Following vulnerability in GIT

Git is a revision control system.

9.0

32 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-05-16 CVE-2024-4930 Oretnom23 Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability classified as critical was found in SourceCodester Simple Online Bidding System 1.0.

8.8
2024-05-14 CVE-2024-4761 Google
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Out of bounds write in V8 in Google Chrome prior to 124.0.6367.207 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page.

8.8
2024-05-14 CVE-2024-27813 Apple Unspecified vulnerability in Apple Macos

The issue was addressed with improved checks.

8.6
2024-05-16 CVE-2024-21835 Intel Incorrect Permission Assignment for Critical Resource vulnerability in Intel Extreme Tuning Utility

Insecure inherited permissions in some Intel(R) XTU software before version 7.14.0.15 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2024-05-16 CVE-2024-30314 Adobe Unspecified vulnerability in Adobe Dreamweaver

Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability that could lead in arbitrary code execution by an attacker.

7.8
2024-05-16 CVE-2024-20791 Adobe Out-of-bounds Read vulnerability in Adobe Illustrator

Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure.

7.8
2024-05-16 CVE-2024-20792 Adobe Use After Free vulnerability in Adobe Illustrator

Illustrator versions 28.4, 27.9.3 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-05-16 CVE-2024-30274 Adobe Out-of-bounds Write vulnerability in Adobe Substance 3D Painter

Substance3D - Painter versions 9.1.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-05-16 CVE-2024-30275 Adobe Use After Free vulnerability in Adobe Aero

Adobe Aero Desktop versions 23.4 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-05-15 CVE-2024-34097 Adobe Unspecified vulnerability in Adobe products

Acrobat Reader versions 20.005.30574, 24.002.20736 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2024-05-14 CVE-2024-30030 Microsoft NULL Pointer Dereference vulnerability in Microsoft Windows Server 2008 R2

Win32k Elevation of Privilege Vulnerability

7.8
2024-05-14 CVE-2024-27793 Apple Unspecified vulnerability in Apple Itunes

The issue was addressed with improved checks.

7.8
2024-05-14 CVE-2024-27796 Apple Unspecified vulnerability in Apple Iphone OS and Macos

The issue was addressed with improved checks.

7.8
2024-05-14 CVE-2024-27798 Apple Incorrect Authorization vulnerability in Apple Macos

An authorization issue was addressed with improved state management.

7.8
2024-05-14 CVE-2024-27818 Apple Unspecified vulnerability in Apple Iphone OS and Macos

The issue was addressed with improved memory handling.

7.8
2024-05-14 CVE-2024-27822 Apple Unspecified vulnerability in Apple Macos

A logic issue was addressed with improved restrictions.

7.8
2024-05-14 CVE-2024-27824 Apple Unspecified vulnerability in Apple Macos

This issue was addressed by removing the vulnerable code.

7.8
2024-05-14 CVE-2024-27829 Apple Unspecified vulnerability in Apple Macos

The issue was addressed with improved memory handling.

7.8
2024-05-14 CVE-2024-27842 Apple Unspecified vulnerability in Apple Macos

The issue was addressed with improved checks.

7.8
2024-05-14 CVE-2024-27843 Apple Unspecified vulnerability in Apple Macos

A logic issue was addressed with improved checks.

7.8
2024-05-16 CVE-2024-34905 Cloudwise Classic Buffer Overflow vulnerability in Cloudwise Flyfish 3.0.0

FlyFish v3.0.0 was discovered to contain a buffer overflow via the password parameter on the login page.

7.5
2024-05-14 CVE-2024-23105 Fortinet Unspecified vulnerability in Fortinet Fortiportal

A Use Of Less Trusted Source [CWE-348] vulnerability in Fortinet FortiPortal version 7.0.0 through 7.0.6 and version 7.2.0 through 7.2.1 allows an unauthenticated attack to bypass IP protection through crafted HTTP or HTTPS packets.

7.5
2024-05-14 CVE-2024-26007 Fortinet Unspecified vulnerability in Fortinet Fortios 7.4.1

An improper check or handling of exceptional conditions vulnerability [CWE-703] in Fortinet FortiOS version 7.4.1 allows an unauthenticated attacker to provoke a denial of service on the administrative interface via crafted HTTP requests.

7.5
2024-05-14 CVE-2024-32989 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Insufficient verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability.

7.5
2024-05-14 CVE-2024-32990 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Permission verification vulnerability in the system sharing pop-up module Impact: Successful exploitation of this vulnerability will affect availability.

7.5
2024-05-14 CVE-2024-32992 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Insufficient verification vulnerability in the baseband module Impact: Successful exploitation of this vulnerability will affect availability.

7.5
2024-05-14 CVE-2024-27790 Claris Unspecified vulnerability in Claris Filemaker Server

Claris International has resolved an issue of potentially allowing unauthorized access to records stored in databases hosted on FileMaker Server.

7.5
2024-05-14 CVE-2023-44247 Fortinet Unspecified vulnerability in Fortinet Fortios

A double free vulnerability [CWE-415] in Fortinet FortiOS before 7.0.0 may allow a privileged attacker to execute code or commands via crafted HTTP or HTTPs requests.

7.2
2024-05-14 CVE-2023-45583 Fortinet Unspecified vulnerability in Fortinet products

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.5, 7.0.0 through 7.0.11, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6 FortiPAM versions 1.1.0, 1.0.0 through 1.0.3 FortiOS versions 7.4.0, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15 FortiSwitchManager versions 7.2.0 through 7.2.2, 7.0.0 through 7.0.2 allows attacker to execute unauthorized code or commands via specially crafted cli commands and http requests.

7.2
2024-05-14 CVE-2023-46714 Fortinet Unspecified vulnerability in Fortinet Fortios

A stack-based buffer overflow [CWE-121] vulnerability in Fortinet FortiOS version 7.2.1 through 7.2.6 and version 7.4.0 through 7.4.1 allows a privileged attacker over the administrative interface to execute arbitrary code or commands via crafted HTTP or HTTPs requests.

7.2
2024-05-14 CVE-2023-40720 Fortinet Unspecified vulnerability in Fortinet Fortivoice

An authorization bypass through user-controlled key vulnerability [CWE-639] in FortiVoiceEntreprise version 7.0.0 through 7.0.1 and before 6.4.8 allows an authenticated attacker to read the SIP configuration of other users via crafted HTTP or HTTPS requests.

7.1
2024-05-14 CVE-2024-27825 Apple Unspecified vulnerability in Apple Macos

A downgrade issue affecting Intel-based Mac computers was addressed with additional code-signing restrictions.

7.1

39 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-05-14 CVE-2023-36640 Fortinet Unspecified vulnerability in Fortinet Fortiproxy

A use of externally-controlled format string in Fortinet FortiProxy versions 7.2.0 through 7.2.4, 7.0.0 through 7.0.10, 2.0.0 through 2.0.13, 1.2.0 through 1.2.13, 1.1.0 through 1.1.6, 1.0.0 through 1.0.7, FortiPAM versions 1.0.0 through 1.0.3, FortiOS versions 7.2.0, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.16 allows attacker to execute unauthorized code or commands via specially crafted commands

6.7
2024-05-14 CVE-2024-27852 Apple Unspecified vulnerability in Apple Ipados

A privacy issue was addressed with improved client ID handling for alternative app marketplaces.

6.5
2024-05-14 CVE-2024-4542 The WP Shortcodes Plugin — Shortcodes Ultimate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's su_lightbox shortcode in all versions up to, and including, 7.1.1 due to insufficient input sanitization and output escaping on user supplied attributes.
6.4
2024-05-16 CVE-2024-20793 Adobe Out-of-bounds Read vulnerability in Adobe Illustrator

Illustrator versions 28.4, 27.9.3 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-05-16 CVE-2024-30281 Adobe Out-of-bounds Read vulnerability in Adobe Substance 3D Designer 12.4.0/13.1.0

Substance3D - Designer versions 13.1.1 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-05-16 CVE-2024-30298 Adobe Out-of-bounds Read vulnerability in Adobe Animate

Animate versions 24.0.2, 23.0.5 and earlier Answer: are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory.

5.5
2024-05-14 CVE-2023-50180 Fortinet Unspecified vulnerability in Fortinet Fortiadc

An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiADC version 7.4.1 and below, version 7.2.3 and below, version 7.1.4 and below, version 7.0.5 and below, version 6.2.6 and below may allow a read-only admin to view data pertaining to other admins.

5.5
2024-05-14 CVE-2024-4046 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect availability.

5.5
2024-05-14 CVE-2024-32993 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Out-of-bounds access vulnerability in the memory module Impact: Successful exploitation of this vulnerability will affect availability.

5.5
2024-05-14 CVE-2024-32995 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Denial of service (DoS) vulnerability in the AMS module Impact: Successful exploitation of this vulnerability will affect availability.

5.5
2024-05-14 CVE-2024-32996 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Privilege escalation vulnerability in the account module Impact: Successful exploitation of this vulnerability will affect availability.

5.5
2024-05-14 CVE-2024-32998 Huawei Access of Uninitialized Pointer vulnerability in Huawei Emui and Harmonyos

NULL pointer access vulnerability in the clock module Impact: Successful exploitation of this vulnerability will affect availability.

5.5
2024-05-14 CVE-2024-32999 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Cracking vulnerability in the OS security module Impact: Successful exploitation of this vulnerability will affect availability.

5.5
2024-05-14 CVE-2024-27789 Apple Unspecified vulnerability in Apple Iphone OS and Macos

A logic issue was addressed with improved checks.

5.5
2024-05-14 CVE-2024-27804 Apple Allocation of Resources Without Limits or Throttling vulnerability in Apple products

The issue was addressed with improved memory handling.

5.5
2024-05-14 CVE-2024-27810 Apple Path Traversal vulnerability in Apple products

A path handling issue was addressed with improved validation.

5.5
2024-05-14 CVE-2024-27816 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved checks.

5.5
2024-05-14 CVE-2024-27827 Apple Unspecified vulnerability in Apple Macos

This issue was addressed through improved state management.

5.5
2024-05-14 CVE-2024-27834 Apple
Webkitgtk
Wpewebkit
Fedoraproject
The issue was addressed with improved checks.
5.5
2024-05-14 CVE-2024-27841 Apple Unspecified vulnerability in Apple Ipados and Macos

The issue was addressed with improved memory handling.

5.5
2024-05-14 CVE-2024-27847 Apple Unspecified vulnerability in Apple Iphone OS and Macos

This issue was addressed with improved checks This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5.

5.5
2024-05-14 CVE-2024-23229 Apple Unspecified vulnerability in Apple Macos

This issue was addressed with improved redaction of sensitive information.

5.5
2024-05-14 CVE-2024-23236 Apple Unspecified vulnerability in Apple Macos

A correctness issue was addressed with improved checks.

5.5
2024-05-14 CVE-2023-52719 Huawei Unspecified vulnerability in Huawei Emui and Harmonyos

Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnerability may affect service confidentiality.

5.5
2024-05-14 CVE-2023-52721 Huawei Unspecified vulnerability in Huawei Harmonyos 3.1.0/4.0.0/4.2.0

The WindowManager module has a vulnerability in permission control. Impact: Successful exploitation of this vulnerability may affect confidentiality.

5.5
2024-05-14 CVE-2023-52383 Huawei Double Free vulnerability in Huawei Emui and Harmonyos

Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect availability.

5.5
2024-05-14 CVE-2023-52384 Huawei Double Free vulnerability in Huawei Emui and Harmonyos

Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability will affect availability.

5.5
2024-05-15 CVE-2024-34906 Dootask Unrestricted Upload of File with Dangerous Type vulnerability in Dootask 0.30.13

An arbitrary file upload vulnerability in dootask v0.30.13 allows attackers to execute arbitrary code via uploading a crafted PDF file.

5.4
2024-05-15 CVE-2024-34909 Kykms Unrestricted Upload of File with Dangerous Type vulnerability in Kykms

An arbitrary file upload vulnerability in KYKMS v1.0.1 and below allows attackers to execute arbitrary code via uploading a crafted PDF file.

5.4
2024-05-15 CVE-2024-34913 Technocking Unrestricted Upload of File with Dangerous Type vulnerability in Technocking R-Pan-Scaffolding

An arbitrary file upload vulnerability in r-pan-scaffolding v5.0 and below allows attackers to execute arbitrary code via uploading a crafted PDF file.

5.4
2024-05-14 CVE-2024-4562 Progress Server-Side Request Forgery (SSRF) vulnerability in Progress Whatsup Gold

In WhatsUp Gold versions released before 2023.1.2 , an SSRF vulnerability exists in Whatsup Gold's Issue exists in the HTTP Monitoring functionality.  Due to the lack of proper authorization, any authenticated user can access the HTTP monitoring functionality, what leads to the Server Side Request Forgery.

5.4
2024-05-14 CVE-2024-32077 Apache Unspecified vulnerability in Apache Airflow 2.9.0

Apache Airflow version 2.9.0 has a vulnerability that allows an authenticated attacker to inject malicious data into the task instance logs.  Users are recommended to upgrade to version 2.9.1, which fixes this issue.

5.4
2024-05-14 CVE-2024-4561 Progress Server-Side Request Forgery (SSRF) vulnerability in Progress Whatsup Gold

In WhatsUp Gold versions released before 2023.1.2 , a blind SSRF vulnerability exists in Whatsup Gold's FaviconController that allows an attacker to send arbitrary HTTP requests on behalf of the vulnerable server.

5.3
2024-05-14 CVE-2023-45586 Fortinet Insufficient Verification of Data Authenticity vulnerability in Fortinet Fortios and Fortiproxy

An insufficient verification of data authenticity vulnerability [CWE-345] in Fortinet FortiOS SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.12 & FortiProxy SSL-VPN tunnel mode version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.7 and before 7.0.13 allows an authenticated VPN user to send (but not receive) packets spoofing the IP of another user via crafted network packets.

5.0
2024-05-14 CVE-2023-42955 Claris Insufficiently Protected Credentials vulnerability in Claris Filemaker Server

Claris International has successfully resolved an issue of potentially exposing password information to front-end websites when signed in to the Admin Console with an administrator role.

4.9
2024-05-14 CVE-2024-32997 Huawei Race Condition vulnerability in Huawei Emui and Harmonyos

Race condition vulnerability in the binder driver module Impact: Successful exploitation of this vulnerability will affect availability.

4.7
2024-05-14 CVE-2024-27821 Apple Path Traversal vulnerability in Apple products

A path handling issue was addressed with improved validation.

4.7
2024-05-16 CVE-2024-4929 Oretnom23 Unspecified vulnerability in Oretnom23 Simple Online Bidding System 1.0

A vulnerability classified as problematic has been found in SourceCodester Simple Online Bidding System 1.0.

4.3
2024-05-14 CVE-2023-52720 Huawei Race Condition vulnerability in Huawei Emui and Harmonyos

Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vulnerability will affect availability.

4.1

4 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2024-05-14 CVE-2024-27837 Apple Unspecified vulnerability in Apple Macos

A downgrade issue was addressed with additional code-signing restrictions.

3.3
2024-05-14 CVE-2024-27839 Apple Unspecified vulnerability in Apple Ipados

A privacy issue was addressed by moving sensitive data to a more secure location.

3.3
2024-05-14 CVE-2024-27803 Apple Unspecified vulnerability in Apple Ipados

A permissions issue was addressed with improved validation.

2.4
2024-05-14 CVE-2024-27835 Apple Unspecified vulnerability in Apple Iphone OS

This issue was addressed through improved state management.

2.4