CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2023-5367 – Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty
https://notcve.org/view.php?id=CVE-2023-5367
25 Oct 2023 — A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. Se encontró una falla de escritura fuera de los límites en el servidor xorg-x11. Este problema ocurre debido a un cálculo incorrecto de un desplazamiento de... • https://access.redhat.com/errata/RHSA-2023:6802 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 3%CPEs: 11EXPL: 0CVE-2023-41983 – webkitgtk: Processing web content may lead to a denial of service
https://notcve.org/view.php?id=CVE-2023-41983
25 Oct 2023 — The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead to a denial-of-service. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 y iPadOS 16.7.2, iOS 17.1 y iPadOS 17.1. • http://seclists.org/fulldisclosure/2023/Oct/19 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2023-5472 – Debian Security Advisory 5536-1
https://notcve.org/view.php?id=CVE-2023-5472
25 Oct 2023 — Use after free in Profiles in Google Chrome prior to 118.0.5993.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) Use after free en perfiles de Google Chrome anteriores a 118.0.5993.117 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: Alta) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the wors... • https://chromereleases.googleblog.com/2023/10/stable-channel-update-for-desktop_24.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-31122 – Apache HTTP Server: mod_macro buffer over-read
https://notcve.org/view.php?id=CVE-2023-31122
23 Oct 2023 — Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. Vulnerabilidad de lectura fuera de límites en mod_macro del servidor Apache HTTP. Este problema afecta al servidor Apache HTTP: hasta 2.4.57. A flaw was found in the mod_macro module of httpd. When processing a very long macro, the null byte terminator will not be added, leading to an out-of-bounds read, resulting in a crash. • https://httpd.apache.org/security/vulnerabilities_24.html • CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 2%CPEs: 2EXPL: 0CVE-2023-45802 – Apache HTTP Server: HTTP/2 stream memory not reclaimed right away on RST
https://notcve.org/view.php?id=CVE-2023-45802
23 Oct 2023 — When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTT... • https://httpd.apache.org/security/vulnerabilities_24.html • CWE-400: Uncontrolled Resource Consumption CWE-404: Improper Resource Shutdown or Release •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-5686 – Heap-based Buffer Overflow in radareorg/radare2
https://notcve.org/view.php?id=CVE-2023-5686
20 Oct 2023 — Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. Desbordamiento de búfer basado en montón en el repositorio de GitHub radareorg/radare2 antes de 5.9.0. • https://github.com/radareorg/radare2/commit/1bdda93e348c160c84e30da3637acef26d0348de • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 3.6EPSS: 0%CPEs: 8EXPL: 0CVE-2023-45145 – Redis Unix-domain socket may have be exposed with the wrong permissions for a short time window.
https://notcve.org/view.php?id=CVE-2023-45145
18 Oct 2023 — Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. This problem has existed since Redis 2.6.0-RC1. This issue has been addressed in Redis versions 7.2.2, 7.0.14 and 6.2.14. • https://github.com/redis/redis/commit/03345ddc7faf7af079485f2cbe5d17a1611cbce1 • CWE-269: Improper Privilege Management CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-38552 – nodejs: integrity checks according to policies can be circumvented
https://notcve.org/view.php?id=CVE-2023-38552
18 Oct 2023 — When the Node.js policy feature checks the integrity of a resource against a trusted manifest, the application can intercept the operation and return a forged checksum to the node's policy implementation, thus effectively disabling the integrity check. Impacts: This vulnerability affects all users using the experimental policy mechanism in all active release lines: 18.x and, 20.x. Please note that at the time this CVE was issued, the policy mechanism is an experimental feature of Node.js. Cuando la función ... • https://hackerone.com/reports/2094235 • CWE-345: Insufficient Verification of Data Authenticity CWE-354: Improper Validation of Integrity Check Value •
CVSS: 6.1EPSS: 1%CPEs: 7EXPL: 0CVE-2023-22084 – mysql: InnoDB unspecified vulnerability (CPU Oct 2023)
https://notcve.org/view.php?id=CVE-2023-22084
17 Oct 2023 — Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://lists.debian.org/debian-lts-announce/2024/01/msg00017.html •
CVSS: 4.2EPSS: 0%CPEs: 3EXPL: 0CVE-2023-45803 – Request body not stripped after redirect in urllib3
https://notcve.org/view.php?id=CVE-2023-45803
17 Oct 2023 — urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response using status 301, 302, or 303 after the request had its method changed from one that could accept a request body (like `POST`) to `GET` as is required by HTTP RFCs. Although this behavior is not specified in the section for redirects, it can be inferred by piecing together information from different sections and we have observed the behavior in other major HTTP c... • https://github.com/urllib3/urllib3/commit/4e98d57809dacab1cbe625fddeec1a290c478ea9 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •