Page 12 of 1963 results (0.015 seconds)

CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-32627 – Floating point exception in src/voc.c

https://notcve.org/view.php?id=CVE-2023-32627

A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service. • https://access.redhat.com/security/cve/CVE-2023-32627 https://bugzilla.redhat.com/show_bug.cgi?id=2212282 https://lists.debian.org/debian-lts-announce/2023/08/msg00015.html • CWE-697: Incorrect Comparison CWE-1077: Floating Point Comparison with Incorrect Operator •

CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0

CVE-2023-26590 – Floating point exception in src/aiff.c

https://notcve.org/view.php?id=CVE-2023-26590

A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service. • https://access.redhat.com/security/cve/CVE-2023-26590 https://bugzilla.redhat.com/show_bug.cgi?id=2212279 • CWE-697: Incorrect Comparison CWE-1077: Floating Point Comparison with Incorrect Operator •

CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0

CVE-2023-3269 – Distros-[dirtyvma] privilege escalation via non-rcu-protected vma traversal

https://notcve.org/view.php?id=CVE-2023-3269

A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to execute arbitrary kernel code, escalate containers, and gain root privileges. • http://seclists.org/fulldisclosure/2023/Jul/43 http://www.openwall.com/lists/oss-security/2023/07/28/1 http://www.openwall.com/lists/oss-security/2023/08/25/1 http://www.openwall.com/lists/oss-security/2023/08/25/4 https://access.redhat.com/security/cve/CVE-2023-3269 https://bugzilla.redhat.com/show_bug.cgi?id=2215268 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U6AAA64CUPSMBW6XDTXPQJ3KQWYQ4K7L https://security.netapp.com/advisory • CWE-416: Use After Free •

CVSS: 7.5EPSS: 0%CPEs: 21EXPL: 0

CVE-2023-3089 – Ocp & fips mode

https://notcve.org/view.php?id=CVE-2023-3089

A compliance problem was found in the Red Hat OpenShift Container Platform. Red Hat discovered that, when FIPS mode was enabled, not all of the cryptographic modules in use were FIPS-validated. • https://access.redhat.com/security/cve/CVE-2023-3089 https://bugzilla.redhat.com/show_bug.cgi?id=2212085 https://access.redhat.com/security/vulnerabilities/RHSB-2023-001 • CWE-521: Weak Password Requirements CWE-693: Protection Mechanism Failure •

CVSS: 7.1EPSS: 0%CPEs: 9EXPL: 0

CVE-2023-2422 – Keycloak: oauth client impersonation

https://notcve.org/view.php?id=CVE-2023-2422

A flaw was found in Keycloak. A Keycloak server configured to support mTLS authentication for OAuth/OpenID clients does not properly verify the client certificate chain. A client that possesses a proper certificate can authorize itself as any other client, therefore, access data that belongs to other clients. Se encontró una falla en Keycloak. Un servidor Keycloak configurado para admitir la autenticación mTLS para clientes OAuth/OpenID no verifica correctamente la cadena de certificados del cliente. • https://access.redhat.com/errata/RHSA-2023:3883 https://access.redhat.com/errata/RHSA-2023:3884 https://access.redhat.com/errata/RHSA-2023:3885 https://access.redhat.com/errata/RHSA-2023:3888 https://access.redhat.com/errata/RHSA-2023:3892 https://access.redhat.com/security/cve/CVE-2023-2422 https://bugzilla.redhat.com/show_bug.cgi?id=2191668 • CWE-295: Improper Certificate Validation •