CVE-2023-3627
published 2023-07-11CVE-2023-3627: Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1.
PriorityP335high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EPSS
0.30%
21.8th percentile
Cross-Site Request Forgery (CSRF) in GitHub repository salesagility/suitecrm-core prior to 8.3.1.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| salesagility | salesagility_suitecrm-core | >= unspecified < 8.3.1 | 8.3.1 |
| salesagility | suitecrm | < 8.3.1 | 8.3.1 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.08.1HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2023-52528 kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
bugzilla·2024-03-04·CVSS 5.5
CVE-2023-52528 [MEDIUM] CVE-2023-52528 kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
CVE-2023-52528 kernel: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
In the Linux kernel, the following vulnerability has been resolved:
net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg
The Linux kernel CVE team has assigned CVE-2023-52528 to this issue.
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52528-c33b@gregkh/T/#u
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:3618 https://access.redhat.com/errata/RHSA-2024:3618
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:3627 https://access.redhat.com/errata/RHSA-2024:3627
---
The result of automatic check (that is developed by Alexander Lar
Bugzilla
CVE-2023-52513 kernel: RDMA/siw: Fix connection failure handling
bugzilla·2024-03-04·CVSS 5.5
CVE-2023-52513 [MEDIUM] CVE-2023-52513 kernel: RDMA/siw: Fix connection failure handling
CVE-2023-52513 kernel: RDMA/siw: Fix connection failure handling
In the Linux kernel, the following vulnerability has been resolved:
RDMA/siw: Fix connection failure handling
The Linux kernel CVE team has assigned CVE-2023-52513 to this issue.
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024030251-CVE-2023-52513-5224@gregkh/T/#u
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:3618 https://access.redhat.com/errata/RHSA-2024:3618
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:3627 https://access.redhat.com/errata/RHSA-2024:3627
---
The result of automatic check (that is developed by Alexander Larkin) for this CVE-2023-52513 is: CHECK Maybe valid
Bugzilla
CVE-2023-52520 kernel: platform/x86: think-lmi: Fix reference leak
bugzilla·2024-03-04·CVSS 5.5
CVE-2023-52520 [MEDIUM] CVE-2023-52520 kernel: platform/x86: think-lmi: Fix reference leak
CVE-2023-52520 kernel: platform/x86: think-lmi: Fix reference leak
In the Linux kernel, the following vulnerability has been resolved:
platform/x86: think-lmi: Fix reference leak
The Linux kernel CVE team has assigned CVE-2023-52520 to this issue.
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024030252-CVE-2023-52520-0a4e@gregkh/T/#u
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:3618 https://access.redhat.com/errata/RHSA-2024:3618
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:3627 https://access.redhat.com/errata/RHSA-2024:3627
---
The result of automatic check (that is developed by Alexander Larkin) for this CVE-2023-52520 is: CHECK Maybe v
Bugzilla
CVE-2023-52565 kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()
bugzilla·2024-03-04·CVSS 7.1
CVE-2023-52565 [HIGH] CVE-2023-52565 kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()
CVE-2023-52565 kernel: media: uvcvideo: out-of-bounds read in uvc_query_v4l2_menu()
In the Linux kernel, the following vulnerability has been resolved:
media: uvcvideo: Fix OOB read
The Linux kernel CVE team has assigned CVE-2023-52565 to this issue.
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024030254-CVE-2023-52565-07ce@gregkh/
Discussion:
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:3618 https://access.redhat.com/errata/RHSA-2024:3618
---
This issue has been addressed in the following products:
Red Hat Enterprise Linux 8
Via RHSA-2024:3627 https://access.redhat.com/errata/RHSA-2024:3627
---
The result of automatic check (that is developed by Alexander Larkin) for this CVE-2023-52565 is: CHECK Maybe va
https://github.com/salesagility/suitecrm-core/commit/78285702d76317f081b1fbc59cb2754e93b9a4c3https://huntr.dev/bounties/558b3dce-db03-47ba-b60b-c6eb578e04f1https://github.com/salesagility/suitecrm-core/commit/78285702d76317f081b1fbc59cb2754e93b9a4c3https://huntr.dev/bounties/558b3dce-db03-47ba-b60b-c6eb578e04f1
2023-07-11
Published