Total
139 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6253 | 1 Fortra | 1 Digital Guardian Agent | 2023-11-30 | N/A | 6.0 MEDIUM |
| A saved encryption key in the Uninstaller in Digital Guardian's Agent before version 7.9.4 allows a local attacker to retrieve the uninstall key and remove the software by extracting the uninstaller key from the memory of the uninstaller file. | |||||
| CVE-2023-22469 | 1 Nextcloud | 1 Deck | 2023-11-07 | N/A | 3.5 LOW |
| Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. When getting the reference preview for Deck cards the user has no access to, unauthorized user could eventually get the cached data of a user that has access. There are currently no known workarounds. It is recommended that the Nextcloud app Deck is upgraded to 1.8.2. | |||||
| CVE-2023-0580 | 1 Abb | 1 My Control System | 2023-11-07 | N/A | 9.8 CRITICAL |
| Insecure Storage of Sensitive Information vulnerability in ABB My Control System (on-premise) allows an attacker who successfully exploited this vulnerability to gain access to the secure application data or take control of the application. Of the services that make up the My Control System (on-premise) application, the following ones are affected by this vulnerability: User Interface System Monitoring1 Asset Inventory This issue affects My Control System (on-premise): from 5.0;0 through 5.13. | |||||
| CVE-2022-44619 | 1 Intel | 1 Data Center Manager | 2023-11-07 | N/A | 7.8 HIGH |
| Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-43475 | 1 Intel | 1 Data Center Manager | 2023-11-07 | N/A | 7.8 HIGH |
| Insecure storage of sensitive information in the Intel(R) DCM software before version 5.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-34354 | 2 Ibm, Linux | 2 Partner Engagement Manager, Linux Kernel | 2023-11-07 | N/A | 3.3 LOW |
| IBM Sterling Partner Engagement Manager 2.0 allows encrypted storage of client data to be stored locally which can be read by another user on the system. IBM X-Force ID: 230424. | |||||
| CVE-2022-34312 | 1 Ibm | 1 Cics Tx | 2023-11-07 | N/A | 3.3 LOW |
| IBM CICS TX 11.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 229447. | |||||
| CVE-2022-1257 | 1 Mcafee | 1 Agent | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| Insecure storage of sensitive information vulnerability in MA for Linux, macOS, and Windows prior to 5.7.6 allows a local user to gain access to sensitive information through storage in ma.db. The sensitive information has been moved to encrypted database files. | |||||
| CVE-2021-43512 | 1 Flightradar24 | 1 Flightradar24 Flight Tracker | 2023-11-07 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in FlightRadar24 v8.9.0, v8.10.0, v8.10.2, v8.10.3, v8.10.4 for Android, allows attackers to cause unspecified consequences due to being able to decompile a local application and extract their API keys. | |||||
| CVE-2019-20060 | 1 Mfscripts | 1 Yetishare | 2023-11-07 | 5.0 MEDIUM | 7.5 HIGH |
| MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitive information. | |||||
| CVE-2019-13719 | 2 Google, Opensuse | 2 Chrome, Backports Sle | 2023-11-07 | 4.3 MEDIUM | 4.3 MEDIUM |
| Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page. | |||||
| CVE-2019-13717 | 2 Google, Opensuse | 2 Chrome, Backports Sle | 2023-11-07 | 4.3 MEDIUM | 4.3 MEDIUM |
| Incorrect security UI in full screen mode in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to hide security UI via a crafted HTML page. | |||||
| CVE-2017-16560 | 1 Sandisk | 1 Secureaccess | 2023-11-07 | 2.1 LOW | 4.3 MEDIUM |
| SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, such as if the file is being edited when the user exits the application or if the application crashes. | |||||
| CVE-2023-43633 | 1 Lfedge | 1 Eve | 2023-10-16 | N/A | 8.8 HIGH |
| On boot, the Pillar eve container checks for the existence and content of “/config/GlobalConfig/global.json”. If the file exists, it overrides the existing configuration on the device on boot. This allows an attacker to change the system’s configuration, which also includes some debug functions. This could be used to unlock the ssh with custom “authorized_keys” via the “debug.enable.ssh” key, similar to the “authorized_keys” finding that was noted before. Other usages include unlocking the usb to enable the keyboard via the “debug.enable.usb” key, allowing VNC access via the “app.allow.vnc” key, and more. An attacker could easily enable these debug functionalities without triggering the “measured boot” mechanism implemented by EVE OS, and without marking the device as “UUD” (“Unknown Update Detected”). This is because the “/config” partition is not protected by “measured boot”, it is mutable and it is not encrypted in any way. An attacker can gain full control over the device without changing the PCR values, thereby not triggering the “measured boot” mechanism, and having full access to the vault. Note: This issue was partially fixed in these commits (after disclosure to Zededa), where the config partition measurement was added to PCR13: • aa3501d6c57206ced222c33aea15a9169d629141 • 5fef4d92e75838cc78010edaed5247dfbdae1889. This issue was made viable in version 9.0.0 when the calculation was moved to PCR14 but it was not included in the measured boot. | |||||
| CVE-2023-43634 | 1 Lfedge | 1 Eve | 2023-10-16 | N/A | 8.8 HIGH |
| When sealing/unsealing the “vault” key, a list of PCRs is used, which defines which PCRs are used. In a previous project, CYMOTIVE found that the configuration is not protected by the secure boot, and in response Zededa implemented measurements on the config partition that was mapped to PCR 13. In that process, PCR 13 was added to the list of PCRs that seal/unseal the key. In commit “56e589749c6ff58ded862d39535d43253b249acf”, the config partition measurement moved from PCR 13 to PCR 14, but PCR 14 was not added to the list of PCRs that seal/unseal the key. This change makes the measurement of PCR 14 effectively redundant as it would not affect the sealing/unsealing of the key. An attacker could modify the config partition without triggering the measured boot, this could result in the attacker gaining full control over the device with full access to the contents of the encrypted “vault” | |||||
| CVE-2023-43631 | 1 Linuxfoundation | 1 Edge Virtualization Engine | 2023-09-28 | N/A | 8.8 HIGH |
| On boot, the Pillar eve container checks for the existence and content of “/config/authorized_keys”. If the file is present, and contains a supported public key, the container will go on to open port 22 and enable sshd with the given keys as the authorized keys for root login. An attacker could easily add their own keys and gain full control over the system without triggering the “measured boot” mechanism implemented by EVE OS, and without marking the device as “UUD” (“Unknown Update Detected”). This is because the “/config” partition is not protected by “measured boot”, it is mutable, and it is not encrypted in any way. An attacker can gain full control over the device without changing the PCR values, thus not triggering the “measured boot” mechanism, and having full access to the vault. Note: This issue was partially fixed in these commits (after disclosure to Zededa), where the config partition measurement was added to PCR13: • aa3501d6c57206ced222c33aea15a9169d629141 • 5fef4d92e75838cc78010edaed5247dfbdae1889. This issue was made viable in version 9.0.0 when the calculation was moved to PCR14 but it was not included in the measured boot. | |||||
| CVE-2023-43630 | 1 Linuxfoundation | 1 Edge Virtualization Engine | 2023-09-28 | N/A | 8.8 HIGH |
| PCR14 is not in the list of PCRs that seal/unseal the “vault” key, but due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, fixing this issue alone would not solve the problem of the config partition not being measured correctly. Also, the “vault” key is sealed/unsealed with SHA1 PCRs instead of SHA256. This issue was somewhat mitigated due to all of the PCR extend functions updating both the values of SHA256 and SHA1 for a given PCR ID. However, due to the change that was implemented in commit “7638364bc0acf8b5c481b5ce5fea11ad44ad7fd4”, this is no longer the case for PCR14, as the code in “measurefs.go” explicitly updates only the SHA256 instance of PCR14, which means that even if PCR14 were to be added to the list of PCRs sealing/unsealing the “vault” key, changes to the config partition would still not be measured. An attacker could modify the config partition without triggering the measured boot, this could result in the attacker gaining full control over the device with full access to the contents of the encrypted “vault” | |||||
| CVE-2023-32184 | 1 Opensuse | 1 Welcome | 2023-09-22 | N/A | 7.8 HIGH |
| A Insecure Storage of Sensitive Information vulnerability in openSUSE opensuse-welcome allows local attackers to execute code as the user that runs opensuse-welcome if a custom layout is chosen This issue affects opensuse-welcome: from 0.1 before 0.1.9+git.35.4b9444a. | |||||
| CVE-2023-37879 | 1 Wftpserver | 1 Wing Ftp Server | 2023-09-15 | N/A | 7.5 HIGH |
| Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.This issue affects Wing FTP Server: <= 7.2.0. | |||||
| CVE-2023-40728 | 1 Siemens | 1 Qms Automotive | 2023-09-14 | N/A | 7.8 HIGH |
| A vulnerability has been identified in QMS Automotive (All versions < V12.39). The QMS.Mobile module of the affected application stores sensitive application data in an external insecure storage. This could allow an attacker to alter content, leading to arbitrary code execution or denial-of-service condition. | |||||