CyberAlerts

CVE-2023-36272

LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.

Description: LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_utf8_to_TU at bits.c.

CVSS: LOW (0.0)

EPSS Score: 0.21%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-36271

LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.

Description: LibreDWG v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.

CVSS: LOW (0.0)

EPSS Score: 0.21%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-36243

FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c.

Description: FLVMeta v1.2.1 was discovered to contain a buffer overflow via the xml_on_metadata_tag_only function at dump_xml.c.

CVSS: LOW (0.0)

EPSS Score: 0.1%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-36239

libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c.

Description: libming listswf 0.4.7 was discovered to contain a buffer overflow in the parseSWF_DEFINEFONTINFO() function at parser.c.

CVSS: LOW (0.0)

EPSS Score: 0.21%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-36193

Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c.

Description: Gifsicle v1.9.3 was discovered to contain a heap buffer overflow via the ambiguity_error component at /src/clp.c.

CVSS: LOW (0.0)

EPSS Score: 0.1%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-36097

funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins install.

Description: funadmin v3.3.2 and v3.3.3 are vulnerable to Insecure file upload via the plugins install.

CVSS: LOW (0.0)

EPSS Score: 0.3%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-36093

There is a storage type cross site scripting (XSS) vulnerability in the filing number of the Basic Information tab on the backend management page...

Description: There is a storage type cross site scripting (XSS) vulnerability in the filing number of the Basic Information tab on the backend management page of EyouCMS v1.6.3

CVSS: LOW (0.0)

EPSS Score: 0.05%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-35800

Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that...

Description: Stormshield Endpoint Security Evolution 2.0.0 through 2.4.2 has Insecure Permissions. An ACL entry on the SES Evolution agent directory that contains the agent logs displayed in the GUI allows interactive users to read data, which could allow access to information reserved to administrators.

CVSS: LOW (0.0)

EPSS Score: 0.07%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-35799

Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create...

Description: Stormshield Endpoint Security Evolution 2.0.0 through 2.3.2 has Insecure Permissions. An interactive user can use the SES Evolution agent to create arbitrary files with local system privileges.

CVSS: LOW (0.0)

EPSS Score: 0.04%

Source: CVE

December 3rd, 2024 (5 months ago)

CVE-2023-35690

In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation...

Description: In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS: LOW (0.0)

EPSS Score: 0.12%

Source: CVE

December 3rd, 2024 (5 months ago)

Threat and Vulnerability Intelligence Database

Example Searches: