CyberAlerts

CVE-2023-52345

In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System...

Description: In modem driver, there is a possible system crash due to improper input validation. This could lead to local information disclosure with System execution privileges needed

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-51796

Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the...

Description: Buffer Overflow vulnerability in Ffmpeg v.N113007-g8d24a28d06 allows a local attacker to execute arbitrary code via the libavfilter/f_reverse.c:269:26 in areverse_request_frame.

CVSS: LOW (0.0)

EPSS Score: 0.05%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-5084

Cross-site Scripting (XSS) - Reflected in hestiacp/hestiacp

Description: Cross-site Scripting (XSS) - Reflected in GitHub repository hestiacp/hestiacp prior to 1.8.8.

CVSS: LOW (3.9)

EPSS Score: 0.06%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-49559

An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the...

Description: An issue in vektah gqlparser open-source-library v.2.5.10 allows a remote attacker to cause a denial of service via a crafted script to the parserDirectives function.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-4886

Foreman: world readable file containing secrets

Description: A sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.

EPSS Score: 0.05%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-4751

Heap-based Buffer Overflow in vim/vim

Description: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331.

CVSS: HIGH (7.8)

EPSS Score: 0.08%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-46846

Squid: request/response smuggling in http/1.1 and icap

Description: SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.

EPSS Score: 2.48%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-4662

RCE in Saphira Connect

Description: Execution with Unnecessary Privileges vulnerability in Saphira Saphira Connect allows Remote Code Inclusion.This issue affects Saphira Connect: before 9.

CVSS: CRITICAL (9.8)

EPSS Score: 0.04%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-4607

An authenticated XCC user can change permissions for any user through a crafted API command.

Description: An authenticated XCC user can change permissions for any user through a crafted API command.

CVSS: HIGH (7.5)

EPSS Score: 0.09%

Source: CVE

December 4th, 2024 (5 months ago)

CVE-2023-4527

Glibc: stack read overflow in getaddrinfo in no-aaaa mode

Description: A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack contents through the function returned address data, and may cause a crash.

EPSS Score: 0.15%

Source: CVE

December 4th, 2024 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches: