Security Vulnerabilities - CVEs Published In April 2023
ARC (aka ARC2) through 2011-12-01 allows blind SQL Injection in getTriplePatternSQL in ARC2_StoreSelectQueryHandler.php via comments in a SPARQL WHERE clause.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-04-26
ARC (aka ARC2) through 2011-12-01 allows reflected XSS via the end_point.php query parameter in an output=htmltab action.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-04-26
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176.
We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96
CVSS Score
4.7
EPSS Score
0.002
Published
2023-04-25
Dradis before 4.8.0 allows persistent XSS by authenticated author users, related to avatars.
CVSS Score
8.7
EPSS Score
0.001
Published
2023-04-25
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
CVSS Score
8.2
EPSS Score
0.023
Published
2023-04-25
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
CVSS Score
6.0
EPSS Score
0.001
Published
2023-04-25
VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-04-25
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
CVSS Score
8.8
EPSS Score
0.008
Published
2023-04-25
The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information.
CVSS Score
6.5
EPSS Score
0.005
Published
2023-04-25
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVision
CVSS Score
8.8
EPSS Score
0.001
Published
2023-04-25