CVE-2023-6753 – Path Traversal in mlflow/mlflow
https://notcve.org/view.php?id=CVE-2023-6753
Path Traversal in GitHub repository mlflow/mlflow prior to 2.9.2. Path traversal en el repositorio de GitHub mlflow/mlflow anterior a 2.9.2. • https://github.com/mlflow/mlflow/commit/1c6309f884798fbf56017a3cc808016869ee8de4 https://huntr.com/bounties/b397b83a-527a-47e7-b912-a12a17a6cfb4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-50443
https://notcve.org/view.php?id=CVE-2023-50443
Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 (ANSSI qualification submission) or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are opened. Un atacante no autenticado puede modificar los discos cifrados creados por PRIMX CRYHOD para Windows antes de Q.2020.4 (envío de calificación ANSSI) o CRYHOD para Windows antes de 2023.5 para incluir una referencia UNC que pueda activar el tráfico de red saliente desde las maquinas en las que se abren los discos. • https://www.primx.eu/en/bulletins/security-bulletin-23B3093B https://www.primx.eu/fr/blog •
CVE-2023-35622 – Windows DNS Spoofing Vulnerability
https://notcve.org/view.php?id=CVE-2023-35622
Windows DNS Spoofing Vulnerability Vulnerabilidad de suplantación de DNS de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35622 •
CVE-2023-35635 – Windows Kernel Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2023-35635
Windows Kernel Denial of Service Vulnerability Vulnerabilidad de denegación de servicio del kernel de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35635 • CWE-125: Out-of-bounds Read •
CVE-2023-35634 – Windows Bluetooth Driver Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-35634
Windows Bluetooth Driver Remote Code Execution Vulnerability Vulnerabilidad de ejecución remota de código del controlador Bluetooth de Windows • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-35634 • CWE-121: Stack-based Buffer Overflow •