CVSS: 7.8EPSS: 0%CPEs: 10EXPL: 0CVE-2023-34319 – Linux: buffer overrun in netback due to unusual packet
https://notcve.org/view.php?id=CVE-2023-34319
21 Aug 2023 — The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of the entire packet being split into as many pieces as permitted by the protocol, yet still being smaller than the area that's specially dealt with to keep all (possible) headers together. Such an unusual packet would therefore trigger a buffer overrun in the drive... • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 1CVE-2023-37369 – qtbase: buffer overflow in QXmlStreamReader
https://notcve.org/view.php?id=CVE-2023-37369
20 Aug 2023 — In Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2, there can be an application crash in QXmlStreamReader via a crafted XML string that triggers a situation in which a prefix is greater than a length. A flaw was found in the qtbase package. When given specifically crafted data, the QXmlStreamReader can end up causing a buffer overflow and, subsequently, a crash. A vulnerability has been discovered in Qt, where a buffer overflow can lead to denial of service. Versions greater than o... • https://bugreports.qt.io/browse/QTBUG-114829 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-40283 – kernel: use-after-free in l2cap_sock_release in net/bluetooth/l2cap_sock.c
https://notcve.org/view.php?id=CVE-2023-40283
14 Aug 2023 — An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. A flaw was found in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Bluetooth subsystem in the Linux Kernel. This issue may allow a user to cause a use-after-free problem due to sk's children being mishandled. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in so... • http://packetstormsecurity.com/files/175072/Kernel-Live-Patch-Security-Notice-LSN-0098-1.html • CWE-416: Use After Free •
CVSS: 9.0EPSS: 0%CPEs: 11EXPL: 0CVE-2023-39417 – Postgresql: extension script @substitutions@ within quoting allow sql injection
https://notcve.org/view.php?id=CVE-2023-39417
11 Aug 2023 — IN THE EXTENSION SCRIPT, a SQL Injection vulnerability was found in PostgreSQL if it uses @extowner@, @extschema@, or @extschema:...@ inside a quoting construct (dollar quoting, '', or ""). If an administrator has installed files of a vulnerable, trusted, non-bundled extension, an attacker with database-level CREATE privilege can execute arbitrary code as the bootstrap superuser. EN EL SCRIPT DE EXTENSIÓN, se encontró una vulnerabilidad de inyección SQL en PostgreSQL si usa @extowner@, @extschema@ o @extsch... • https://access.redhat.com/errata/RHSA-2023:7545 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 10.0EPSS: 17%CPEs: 5EXPL: 7CVE-2023-3824 – Buffer overflow and overread in phar_dir_read()
https://notcve.org/view.php?id=CVE-2023-3824
11 Aug 2023 — In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer overflow, leading potentially to memory corruption or RCE. En PHP versión 8.0.* antes de 8.0.30, 8.1.* antes de 8.1.22, y 8.2.* antes de 8.2.8, al cargar el archivo phar, mientras se leen las entradas del directorio PHAR, una comprobación de longitud insuficiente puede conducir a un desbordamiento del búfer de p... • https://github.com/jhonnybonny/CVE-2023-3824 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.6EPSS: 0%CPEs: 5EXPL: 1CVE-2023-3823 – Security issue with external entity loading in XML without enabling it
https://notcve.org/view.php?id=CVE-2023-3823
11 Aug 2023 — In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configuration variables, like whether external entities are loaded. This state is assumed to be unchanged unless the user explicitly changes it by calling appropriate function. However, since the state is process-global, other modules - such as ImageMagick - may also use this library within the same process, and change that global state for their internal purposes, and ... • https://github.com/php/php-src/security/advisories/GHSA-3qrf-m4j2-pcrr • CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2022-38076 – hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi
https://notcve.org/view.php?id=CVE-2022-38076
11 Aug 2023 — Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access. Una validación de entrada incorrecta en algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario autenticado habilite potencialmente una escalada de privilegios mediante acceso local. An improper input validation flaw was found in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiF... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 17EXPL: 0CVE-2022-36351 – hw: intel: Improper input validation in some Intel(R) PROSet/Wireless WiFi
https://notcve.org/view.php?id=CVE-2022-36351
11 Aug 2023 — Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access. La validación de entrada incorrecta en algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario no autenticado habilite potencialmente la denegación de servicio a través del acceso adyacente. An improper input validation flaw was found in some Intel(R) PROSet/Wireless WiFi and Killer(... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html • CWE-20: Improper Input Validation •
CVSS: 7.9EPSS: 0%CPEs: 19EXPL: 0CVE-2022-40964 – hw: intel: Improper access control for some Intel(R) PROSet/Wireless WiFi
https://notcve.org/view.php?id=CVE-2022-40964
11 Aug 2023 — Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Un control de acceso inadecuado para algunos programas Intel(R) PROSet/Wireless WiFi y Killer(TM) WiFi puede permitir que un usuario con privilegios habilite potencialmente una escalada de privilegios mediante acceso local. An improper access control flaw was found in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi soft... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html • CWE-284: Improper Access Control •
CVSS: 8.2EPSS: 0%CPEs: 8EXPL: 0CVE-2022-46329 – hw: intel: Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi
https://notcve.org/view.php?id=CVE-2022-46329
11 Aug 2023 — Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. Un fallo en el mecanismo de protección de algunos software de Intel(R) PROSet/Wireless WiFi puede permitir que un usuario con privilegios habilite potencialmente una escalada de privilegios mediante acceso local. Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi software may allow a privileged user to enable escalation of p... • http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html • CWE-693: Protection Mechanism Failure •