Security Vulnerabilities - CVEs Published In February 2023
Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-02-01
Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.
CVSS Score
8.8
EPSS Score
0.009
Published
2023-02-01
Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3.
CVSS Score
6.5
EPSS Score
0.005
Published
2023-02-01
Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3.
CVSS Score
5.4
EPSS Score
0.001
Published
2023-02-01
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214 to solve it.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-02-01
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-02-01
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate these potential vulnerabilities.
CVSS Score
7.8
EPSS Score
0.003
Published
2023-02-01
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.
CVSS Score
7.0
EPSS Score
0.001
Published
2023-02-01
HPSFViewer might allow Escalation of Privilege. This potential vulnerability was remediated on July 29th, 2022. Customers who opted for automatic updates should have already received the remediation.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-02-01
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-02-01