Page 101 of 8866 results (0.026 seconds)

CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 1

CVE-2023-23589

https://notcve.org/view.php?id=CVE-2023-23589

The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. La opción SafeSocks en Tor anterior a 0.4.7.13 tiene un error lógico en el que se puede usar el protocolo SOCKS4 inseguro pero no el protocolo SOCKS4a seguro, también conocido como TROVE-2022-002. • https://gitlab.torproject.org/tpo/core/tor/-/commit/a282145b3634547ab84ccd959d0537c021ff7ffc https://gitlab.torproject.org/tpo/core/tor/-/issues/40730 https://gitlab.torproject.org/tpo/core/tor/-/raw/release-0.4.7/ReleaseNotes https://lists.debian.org/debian-lts-announce/2023/01/msg00026.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IYOLTP6HQO2HPXUYKOR7P5YYYN7CINQQ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message •

CVSS: 7.8EPSS: 0%CPEs: 12EXPL: 0

CVE-2023-23559

https://notcve.org/view.php?id=CVE-2023-23559

In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. En rndis_query_oid en drivers/net/wireless/rndis_wlan.c en el kernel de Linux hasta 6.1.5, hay un desbordamiento de enteros en una suma. • https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=b870e73a56c4cccbec33224233eaf295839f228c https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://patchwork.kernel.org/project/linux-wireless/patch/20230110173007.57110-1-szymon.heidrich%40gmail.com https://security.netapp.com/advisory/ntap-20230302-0003 • CWE-190: Integer Overflow or Wraparound •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-23455 – Kernel: denial of service in atm_tc_enqueue in net/sched/sch_atm.c due to type confusion

https://notcve.org/view.php?id=CVE-2023-23455

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). A denial of service flaw was found in atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a2965c7be0522eaa18808684b7b82b248515511b https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://www.debian.org/security/2023/dsa-5324 https://www.openwall.com/lists/oss-security/2023/01/10/1 https://www.openwall.com/lists/oss-security/2023/01/10/4 https://access.redhat.com/security/cve/CVE-2023-23455 https:/ • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-23454 – kernel: slab-out-of-bounds read vulnerabilities in cbq_classify

https://notcve.org/view.php?id=CVE-2023-23454

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification results). An out-of-bounds (OOB) read problem was found in cbq_classify in net/sched/sch_cbq.c in the Linux kernel. This issue may allow a local attacker to cause a denial of service due to type confusion. Non-negative numbers could indicate a TC_ACT_SHOT condition rather than valid classification results. • https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=caa4b35b4317d5147b3ab0fbdc9c075c7d2e9c12 https://lists.debian.org/debian-lts-announce/2023/03/msg00000.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://www.debian.org/security/2023/dsa-5324 https://www.openwall.com/lists/oss-security/2023/01/10/1 https://www.openwall.com/lists/oss-security/2023/01/10/4 https://access.redhat.com/security/cve/CVE-2023-23454 https:/ • CWE-125: Out-of-bounds Read CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •

CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0

CVE-2022-4338 – openvswitch: Integer Underflow in Organization Specific TLV

https://notcve.org/view.php?id=CVE-2022-4338

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Se encontró un desbordamiento de números enteros en el TLV específico de la organización en varias versiones de OpenvSwitch. A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow. • https://github.com/openvswitch/ovs/pull/405 https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html https://security.gentoo.org/glsa/202311-16 https://www.debian.org/security/2023/dsa-5319 https://www.openwall.com/lists/oss-security/2022/12/21/4 https://access.redhat.com/security/cve/CVE-2022-4338 https://bugzilla.redhat.com/show_bug.cgi?id=2155381 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •