CVSS: 6.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-24023 – kernel: Bluetooth Forward and Future Secrecy Attacks and Defenses
https://notcve.org/view.php?id=CVE-2023-24023
Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4 allow certain man-in-the-middle attacks that force a short key length, and might lead to discovery of the encryption key and live injection, aka BLUFFS. Los dispositivos Bluetooth BR/EDR con emparejamiento simple seguro y emparejamiento de conexiones seguras en las especificaciones principales de Bluetooth 4.2 a 5.4 permiten ciertos ataques de intermediario que fuerzan una longitud de clave corta y pueden llevar al descubrimiento de la clave de cifrado y a la inyección en vivo, también conocido como BLUFFS. A flaw was found in Bluetooth BR/EDR devices with Secure Simple Pairing and Secure Connections pairing in Bluetooth Core Specification 4.2 through 5.4. This issue may allow certain man-in-the-middle attacks that force a short key length and might lead to discovery of the encryption key and live injection, aka BLUFFS. • https://dl.acm.org/doi/10.1145/3576915.3623066 https://www.bluetooth.com/learn-about-bluetooth/key-attributes/bluetooth-security/bluffs-vulnerability https://access.redhat.com/security/cve/CVE-2023-24023 https://bugzilla.redhat.com/show_bug.cgi?id=2254961 • CWE-300: Channel Accessible by Non-Endpoint •
CVSS: 7.5EPSS: 0%CPEs: 12EXPL: 0CVE-2023-49322
https://notcve.org/view.php?id=CVE-2023-49322
Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. Ciertos productos WithSecure permiten una Denegación de Servicio porque hay una falla en el controlador de descompresión que puede provocar una falla en el motor de escaneo. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection para Mac 17 y posteriores, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, y WithSecure Atlant 1.0.35-1. • https://www.withsecure.com/en/support/security-advisories/cve-2023-49322 •
CVSS: 5.3EPSS: 0%CPEs: 12EXPL: 0CVE-2023-49321
https://notcve.org/view.php?id=CVE-2023-49321
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. Ciertos productos WithSecure permiten una Denegación de Servicio porque el escaneo de un archivo manipulado lleva mucho tiempo y hace que el escáner se cuelgue. Esto afecta a WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 y posteriores, WithSecure Client Security para Mac 15, WithSecure Elements Endpoint Protection for Mac 17 y posteriores, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, y WithSecure Atlant 1.0.35-1. • https://www.withsecure.com/en/support/security-advisories/cve-2023-49321 •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4595 – Insertion of Sensitive Information into Externally-Accessible File or Directory in BVRP Software SLmail
https://notcve.org/view.php?id=CVE-2023-4595
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca. Se ha encontrado una vulnerabilidad de exposición de información, cuya explotación podría permitir a un usuario remoto recuperar información confidencial almacenada en el servidor, como archivos de credenciales, archivos de configuración, archivos de aplicaciones, etc., simplemente agregando cualquiera de los siguientes parámetros al final de la URL: %00 %0a, %20, %2a, %a0, %aa, %c0 y %ca. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-bvrp-software-slmail • CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-4594 – Cross-site Scripting in BVRP Software SLmail
https://notcve.org/view.php?id=CVE-2023-4594
Stored XSS vulnerability. This vulnerability could allow an attacker to store a malicious JavaScript payload via GET and POST methods on multiple parameters in the MailAdmin_dll.htm file. Vulnerabilidad XSS almacenada. Esta vulnerabilidad podría permitir a un atacante almacenar un payload de JavaScript malicioso mediante métodos GET y POST en múltiples parámetros en el archivo MailAdmin_dll.htm. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-bvrp-software-slmail • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •