CVSS: 6.8EPSS: 0%CPEs: 11EXPL: 0CVE-2023-42669 – Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc
https://notcve.org/view.php?id=CVE-2023-42669
11 Oct 2023 — A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpcecho" service operates with only one worker in the main RPC task, allowing calls to the "rpcecho" server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a "sleep()" call in the "dcesrv_echo_TestSleep()" function u... • https://access.redhat.com/errata/RHSA-2023:6209 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 0%CPEs: 17EXPL: 0CVE-2023-4641 – Shadow-utils: possible password leak during passwd(1) change
https://notcve.org/view.php?id=CVE-2023-4641
10 Oct 2023 — A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. Se encontró una falla en Shadow-Utils. • https://access.redhat.com/errata/RHSA-2023:6632 • CWE-287: Improper Authentication CWE-303: Incorrect Implementation of Authentication Algorithm •
CVSS: 9.8EPSS: 94%CPEs: 444EXPL: 19CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://github.com/imabee101/CVE-2023-44487 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.0EPSS: 0%CPEs: 4EXPL: 0CVE-2023-39189 – Kernel: netfilter: nftables out-of-bounds read in nf_osf_match_one()
https://notcve.org/view.php?id=CVE-2023-39189
09 Oct 2023 — A flaw was found in the Netfilter subsystem in the Linux kernel. The nfnl_osf_add_callback function did not validate the user mode controlled opt_num field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an out-of-bounds read, leading to a crash or information disclosure. Se encontró una falla en el subsistema Netfilter en el kernel de Linux. La función nfnl_osf_add_callback no validó el campo opt_num controlado por el modo de usuario. • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-125: Out-of-bounds Read •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-5366 – Openvswitch don't match packets on nd_target field
https://notcve.org/view.php?id=CVE-2023-5366
06 Oct 2023 — A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. Se encontró una falla en Open vSwitch que permite que los paquetes de anuncios de vecinos ICMPv6 entre máquinas virtuales omitan las reglas de OpenFlow. Este problema puede permitir que un atac... • http://www.openwall.com/lists/oss-security/2024/02/08/4 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 6.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-4061 – Wildfly-core: management user rbac permission allows unexpected reading of system-properties to an unauthorized actor
https://notcve.org/view.php?id=CVE-2023-4061
06 Oct 2023 — A flaw was found in wildfly-core. A management user could use the resolve-expression in the HAL Interface to read possible sensitive information from the Wildfly system. This issue could allow a malicious user to access the system and obtain possible sensitive information from the system. Se encontró una falla en wildfly-core. Un usuario de administración podría usar la expresión de resolución en la interfaz HAL para leer posible información confidencial del sistema Wildfly. • https://access.redhat.com/errata/RHSA-2023:5484 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-3171 – Eap-7: heap exhaustion via deserialization
https://notcve.org/view.php?id=CVE-2023-3171
06 Oct 2023 — A flaw was found in EAP-7 during deserialization of certain classes, which permits instantiation of HashMap and HashTable with no checks on resources consumed. This issue could allow an attacker to submit malicious requests using these classes, which could eventually exhaust the heap and result in a Denial of Service. Se encontró una falla en EAP-7 durante la deserialización de ciertas clases, lo que permite la creación de instancias de HashMap y HashTable sin verificar los recursos consumidos. Este problem... • https://access.redhat.com/errata/RHSA-2023:5484 • CWE-770: Allocation of Resources Without Limits or Throttling CWE-789: Memory Allocation with Excessive Size Value •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-41175 – Libtiff: potential integer overflow in raw2tiff.c
https://notcve.org/view.php?id=CVE-2023-41175
05 Oct 2023 — A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. Se encontró una vulnerabilidad en libtiff debido a múltiples posibles desbordamientos de enteros en raw2tiff.c. Esta falla permite a atacantes remotos provocar una denegación de servicio o posiblemente ejecutar un código arbitrario a través de ... • https://access.redhat.com/errata/RHSA-2024:2289 • CWE-190: Integer Overflow or Wraparound CWE-680: Integer Overflow to Buffer Overflow •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-40745 – Libtiff: integer overflow in tiffcp.c
https://notcve.org/view.php?id=CVE-2023-40745
05 Oct 2023 — LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. LibTIFF es vulnerable a un desbordamiento de enteros. Esta falla permite a atacantes remotos provocar una denegación de servicio (caída de la aplicación) o posiblemente ejecutar un código arbitrario a través de una imagen tiff manipulada, lo que desencadena un desbordamient... • https://access.redhat.com/errata/RHSA-2024:2289 • CWE-190: Integer Overflow or Wraparound •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2023-42754 – Kernel: ipv4: null pointer dereference in ipv4_send_dest_unreach()
https://notcve.org/view.php?id=CVE-2023-42754
05 Oct 2023 — A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. Se encontró una falla de desreferencia del puntero NULL en la pila ipv4 del kernel de Linux. Se suponía que el búfer de socket (skb) estaba asociado con un dispositivo antes de llamar a _... • https://access.redhat.com/errata/RHSA-2024:2394 • CWE-476: NULL Pointer Dereference •