CVSS: 4.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-28336 – Moodle: teacher can access names of users they do not have permission to access
https://notcve.org/view.php?id=CVE-2023-28336
Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access. • https://bugzilla.redhat.com/show_bug.cgi?id=2179426 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF https://moodle.org/mod/forum/discuss.php?d=445068 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 1CVE-2023-1289
https://notcve.org/view.php?id=CVE-2023-1289
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many trash files in "/tmp," resulting in a denial of service. When ImageMagick crashes, it generates a lot of trash files. These trash files can be large if the SVG file contains many render actions. In a denial of service attack, if a remote attacker uploads an SVG file of size t, ImageMagick generates files of size 103*t. • https://bugzilla.redhat.com/show_bug.cgi?id=2176858 https://github.com/ImageMagick/ImageMagick/commit/c5b23cbf2119540725e6dc81f4deb25798ead6a4 https://github.com/ImageMagick/ImageMagick/security/advisories/GHSA-j96m-mjp6-99xr https://lists.debian.org/debian-lts-announce/2024/02/msg00007.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-28333 – Moodle: pix helper potential mustache code injection risk
https://notcve.org/view.php?id=CVE-2023-28333
The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS). • https://bugzilla.redhat.com/show_bug.cgi?id=2179422 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/3QZN34VSF4HTCW3C3ZP2OZYSLYUKADPF https://moodle.org/mod/forum/discuss.php?d=445065 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2023-28439 – ckeditor4 plugins vulnerable to cross-site scripting caused by the editor instance destroying process
https://notcve.org/view.php?id=CVE-2023-28439
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special conditions: using one of the affected packages on a web page with missing proper Content Security Policy configuration; initializing the editor on an element and using an element other than `<textarea>` as a base; and destroying the editor instance. This vulnerability might affect a small percentage of integrators that depend on dynamic editor initialization/destroy mechanism. A fix is available in CKEditor4 version 4.21.0. In some rare cases, a security fix may be considered a breaking change. • https://ckeditor.com/cke4/addon/embed https://ckeditor.com/cke4/addon/iframe https://github.com/ckeditor/ckeditor4/security/advisories/GHSA-vh5c-xwqv-cv9g https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GWKG2VCPJNETVCDTXU4X6FQ2PO6XCNGN https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L4ODGOW6PYVOXHQSMWJBOCE6DXWAI33W https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCYKD3JZWWA3ESOZG4PHJJEXT4EYIUIQ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 1%CPEs: 4EXPL: 0CVE-2023-1534 – Chrome SpvGetMappedSamplerName Out-Of-Bounds String Copy
https://notcve.org/view.php?id=CVE-2023-1534
Out of bounds read in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Chrome has an issue where there is an out-of-bounds string copy that can occur when parsing a uniform sampler name in SpvGetMappedSamplerName. • http://packetstormsecurity.com/files/171961/Chrome-GL_ShaderBinary-Untrusted-Process-Exposure.html http://packetstormsecurity.com/files/171965/Chrome-SpvGetMappedSamplerName-Out-Of-Bounds-String-Copy.html https://chromereleases.googleblog.com/2023/03/stable-channel-update-for-desktop_21.html https://crbug.com/1422594 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FG3CRADL7IL5IHK4NCHG4LAYLKHFXETX https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO3QZY4UQF • CWE-125: Out-of-bounds Read •