CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27788
https://notcve.org/view.php?id=CVE-2023-27788
An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. • https://github.com/appneta/tcpreplay/issues/786 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3ER3YTFR3XIDMYEB7LMFWFTPVQALBHC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3J4LKYFNKPKNSLDQK4JG36THQMQH3V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UK2BRH3W3ECF5FDXP6QM3ZEDTHIOE4M5 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27789
https://notcve.org/view.php?id=CVE-2023-27789
An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. • https://github.com/appneta/tcpreplay/issues/784 https://github.com/appneta/tcpreplay/pull/783 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R3ER3YTFR3XIDMYEB7LMFWFTPVQALBHC https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UE3J4LKYFNKPKNSLDQK4JG36THQMQH3V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UK2BRH3W3ECF5FDXP6QM3ZEDTHIOE4M5 • CWE-617: Reachable Assertion •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-23951
https://notcve.org/view.php?id=CVE-2023-23951
Ability to enumerate the Oracle LDAP attributes for the current user by modifying the query used by the application Capacidad de enumerar los atributos LDAP de Oracle para el usuario actual modificando la consulta utilizada por la aplicación. • https://support.broadcom.com/external/content/SecurityAdvisories/0/21174 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 5EXPL: 0CVE-2023-23949
https://notcve.org/view.php?id=CVE-2023-23949
An authenticated user can supply malicious HTML and JavaScript code that will be executed in the client browser. Un usuario autenticado puede proporcionar código HTML y JavaScript malicioso que se ejecutará en el navegador del cliente. • https://support.broadcom.com/external/content/SecurityAdvisories/0/21174 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2023-23950
https://notcve.org/view.php?id=CVE-2023-23950
User’s supplied input (usually a CRLF sequence) can be used to split a returning response into two responses. La entrada proporcionada por el usuario (normalmente una secuencia CRLF) se puede utilizar para dividir una respuesta devuelta en dos respuestas. • https://support.broadcom.com/external/content/SecurityAdvisories/0/21174 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •