Security Vulnerabilities - CVEs Published In January 2024
An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file.
CVSS Score
7.5
EPSS Score
0.005
Published
2024-01-02
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-01-02
In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a
possible way to access adb before SUW completion due to an insecure default
value. This could lead to local escalation of privilege with no additional
execution privileges needed. User interaction is not needed for
exploitation
CVSS Score
10.0
EPSS Score
0.0
Published
2024-01-02
omniauth-microsoft_graph provides an Omniauth strategy for the Microsoft Graph API. Prior to versions 2.0.0, the implementation did not validate the legitimacy of the `email` attribute of the user nor did it give/document an option to do so, making it susceptible to nOAuth misconfiguration in cases when the `email` is used as a trusted user identifier. This could lead to account takeover. Version 2.0.0 contains a fix for this issue.
CVSS Score
8.6
EPSS Score
0.003
Published
2024-01-02
An issue was discovered in open5gs v2.6.6. InitialUEMessage, Registration request sent at a specific time can crash AMF due to incorrect error handling of Nudm_UECM_Registration response.
CVSS Score
5.9
EPSS Score
0.003
Published
2024-01-02
An issue was discovered in open5gs v2.6.6. SIGPIPE can be used to crash AMF.
CVSS Score
7.5
EPSS Score
0.003
Published
2024-01-02
Google Nest WiFi Pro root code-execution & user-data compromise
CVSS Score
10.0
EPSS Score
0.0
Published
2024-01-02
A vulnerability has been found in Magic-Api up to 2.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /resource/file/api/save?auto=1. The manipulation leads to code injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249511.
CVSS Score
6.3
EPSS Score
0.002
Published
2024-01-02
PrestaShop is an open-source e-commerce platform. Prior to version 8.1.3, the isCleanHtml method is not used on this this form, which makes it possible to store a cross-site scripting payload in the database. The impact is low because the HTML is not interpreted in BO, thanks to twig's escape mechanism. In FO, the cross-site scripting attack is effective, but only impacts the customer sending it, or the customer session from which it was sent. This issue affects those who have a module fetching these messages from the DB and displaying it without escaping HTML. Version 8.1.3 contains a patch for this issue.
CVSS Score
5.4
EPSS Score
0.004
Published
2024-01-02
Rust EVM is an Ethereum Virtual Machine interpreter. In `rust-evm`, a feature called `record_external_operation` was introduced, allowing library users to record custom gas changes. This feature can have some bogus interactions with the call stack. In particular, during finalization of a `CREATE` or `CREATE2`, in the case that the substack execution happens successfully, `rust-evm` will first commit the substate, and then call `record_external_operation(Write(out_code.len()))`. If `record_external_operation` later fails, this error is returned to the parent call stack, instead of `Succeeded`. Yet, the substate commitment already happened. This causes smart contracts able to commit state changes, when the parent caller contract receives zero address (which usually indicates that the execution has failed). This issue only impacts library users with custom `record_external_operation` that returns errors. The issue is patched in release 0.41.1. No known workarounds are available.
CVSS Score
5.9
EPSS Score
0.006
Published
2024-01-02