CVE-2023-45144 – Remote code execution from login screen through unescaped URL parameter in OAuth Identity XWiki App
https://notcve.org/view.php?id=CVE-2023-45144
com.xwiki.identity-oauth:identity-oauth-ui is a package to aid in building identity and service providers based on OAuth authorizations. When a user logs in via the OAuth method, the identityOAuth parameters sent in the GET request is vulnerable to cross site scripting (XSS) and XWiki syntax injection. This allows remote code execution via the groovy macro and thus affects the confidentiality, integrity and availability of the whole XWiki installation. The issue has been fixed in Identity OAuth version 1.6. There are no known workarounds for this vulnerability and users are advised to upgrade. com.xwiki.identity-oauth:identity-oauth-ui es un paquete para ayudar a crear identidades y proveedores de servicios basados en autorizaciones OAuth. • https://github.com/xwikisas/identity-oauth/blob/master/ui/src/main/resources/IdentityOAuth/LoginUIExtension.vm#L58 https://github.com/xwikisas/identity-oauth/commit/d805d3154b17c6bf455ddf5deb0a3461a3833bc6 https://github.com/xwikisas/identity-oauth/commit/d805d3154b17c6bf455ddf5deb0a3461a3833bc6#diff-2ab2e0716443d790d7d798320e4a45151661f4eca5440331f4a227b29c87c188 https://github.com/xwikisas/identity-oauth/security/advisories/GHSA-h2rm-29ch-wfmh https://jira.xwiki.org/browse/XWIKI-20719 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-45853 – zlib: integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6
https://notcve.org/view.php?id=CVE-2023-45853
This value is further used in memory allocations and indexing, which can cause an out-of-bounds write, leading to heap corruption and possible arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/10/20/9 http://www.openwall.com/lists/oss-security/2024/01/24/10 https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356 https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61 https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4 https://github.com/madler/zlib/pull/843 https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html https: • CWE-122: Heap-based Buffer Overflow CWE-190: Integer Overflow or Wraparound •
CVE-2023-45162 – Blind SQL vulnerability in 1E platform
https://notcve.org/view.php?id=CVE-2023-45162
Affected 1E Platform versions have a Blind SQL Injection vulnerability that can lead to arbitrary code execution. Application of the relevant hotfix remediates this issue. for v8.1.2 apply hotfix Q23166 for v8.4.1 apply hotfix Q23164 for v9.0.1 apply hotfix Q23169 SaaS implementations on v23.7.1 will automatically have hotfix Q23173 applied. • https://www.1e.com/trust-security-compliance/cve-info • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-38250 – Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)
https://notcve.org/view.php?id=CVE-2023-38250
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. • https://helpx.adobe.com/security/products/magento/apsb23-50.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2023-38249 – Adobe Commerce | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') (CWE-89)
https://notcve.org/view.php?id=CVE-2023-38249
Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could lead in arbitrary code execution by an admin-privilege authenticated attacker. • https://helpx.adobe.com/security/products/magento/apsb23-50.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •