CVSS: 6.2EPSS: 0%CPEs: 14EXPL: 0CVE-2022-4900 – Potential buffer overflow in php_cli_server_startup_workers
https://notcve.org/view.php?id=CVE-2022-4900
02 Nov 2023 — A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. Se encontró una vulnerabilidad en PHP donde establecer la variable de entorno PHP_CLI_SERVER_WORKERS en un valor grande provoca un desbordamiento del búfer del heap. USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem. • https://access.redhat.com/security/cve/CVE-2022-4900 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38473 – Reachable assertion in avahi_alternative_host_name
https://notcve.org/view.php?id=CVE-2023-38473
02 Nov 2023 — A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function. Se encontró una vulnerabilidad en Avahi. Existe una afirmación alcanzable en la función avahi_alternative_host_name(). Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. • https://access.redhat.com/security/cve/CVE-2023-38473 • CWE-617: Reachable Assertion •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38472 – Reachable assertion in avahi_rdata_parse
https://notcve.org/view.php?id=CVE-2023-38472
02 Nov 2023 — A vulnerability was found in Avahi. A reachable assertion exists in the avahi_rdata_parse() function. Se encontró una vulnerabilidad en Avahi. Existe una afirmación alcanzable en la función avahi_rdata_parse(). Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. • https://access.redhat.com/security/cve/CVE-2023-38472 • CWE-617: Reachable Assertion •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38471 – Reachable assertion in dbus_set_host_name
https://notcve.org/view.php?id=CVE-2023-38471
02 Nov 2023 — A vulnerability was found in Avahi. A reachable assertion exists in the dbus_set_host_name function. Se encontró una vulnerabilidad en Avahi. Existe una afirmación alcanzable en la función dbus_set_host_name. Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. • https://access.redhat.com/security/cve/CVE-2023-38471 • CWE-617: Reachable Assertion •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38470 – Reachable assertion in avahi_escape_label
https://notcve.org/view.php?id=CVE-2023-38470
02 Nov 2023 — A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function. Se encontró una vulnerabilidad en Avahi. Existe una afirmación alcanzable en la función avahi_escape_label(). • https://access.redhat.com/security/cve/CVE-2023-38470 • CWE-617: Reachable Assertion •
CVSS: 6.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-38469 – Reachable assertion in avahi_dns_packet_append_record
https://notcve.org/view.php?id=CVE-2023-38469
02 Nov 2023 — A vulnerability was found in Avahi, where a reachable assertion exists in avahi_dns_packet_append_record. Se encontró una vulnerabilidad en Avahi, donde existe una afirmación alcanzable en avahi_dns_packet_append_record. Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service. • https://access.redhat.com/security/cve/CVE-2023-38469 • CWE-617: Reachable Assertion •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3164 – Heap-buffer-overflow in extractimagesection()
https://notcve.org/view.php?id=CVE-2023-3164
02 Nov 2023 — A heap-buffer-overflow vulnerability was found in LibTIFF, in extractImageSection() at tools/tiffcrop.c:7916 and tools/tiffcrop.c:7801. This flaw allows attackers to cause a denial of service via a crafted tiff file. Se encontró un error de lectura fuera de los límites en el paquete gawk de buildin.c. Este problema puede provocar un bloqueo y podría utilizarse para leer información confidencial. It was discovered that LibTIFF incorrectly handled memory when performing certain cropping operations, leading to... • https://access.redhat.com/security/cve/CVE-2023-3164 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') CWE-787: Out-of-bounds Write •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2023-1192 – Use-after-free in smb2_is_status_io_timeout()
https://notcve.org/view.php?id=CVE-2023-1192
01 Nov 2023 — A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory region, and if the system call frees it faster than CIFS uses it, CIFS will access a free memory region, leading to a denial of service. Se encontró una falla de use-after-free en smb2_is_status_io_timeout() en CIFS en el kernel de Linux. Después de que CIFS transfiere datos de respuesta a una llamada al sistema, ... • https://access.redhat.com/security/cve/CVE-2023-1192 • CWE-416: Use After Free •
CVSS: 9.8EPSS: 14%CPEs: 12EXPL: 1CVE-2023-5178 – Kernel: use after free in nvmet_tcp_free_crypto in nvme
https://notcve.org/view.php?id=CVE-2023-5178
01 Nov 2023 — A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Se encontró una vulnerabilidad de use-after-free en drivers/nvme/target/tcp.c` en `nvmet_tcp_free_crypto` debido a un error lógico en el subsistema NVMe-oF/TCP en el kernel de Lin... • https://github.com/rockrid3r/CVE-2023-5178 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2023-3972 – Insights-client: unsafe handling of temporary files and directories
https://notcve.org/view.php?id=CVE-2023-3972
01 Nov 2023 — A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could ... • https://access.redhat.com/errata/RHSA-2023:6264 • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •