CVE-2024-23310
https://notcve.org/view.php?id=CVE-2024-23310
A specially crafted .famos file can lead to arbitrary code execution. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRLGNQM33KAWVWP5RPMAPHWNP3IY5YW https://talosintelligence.com/vulnerability_reports/TALOS-2024-1923 • CWE-825: Expired Pointer Dereference •
CVE-2024-23606
https://notcve.org/view.php?id=CVE-2024-23606
A specially crafted .famos file can lead to arbitrary code execution. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OIRLGNQM33KAWVWP5RPMAPHWNP3IY5YW https://talosintelligence.com/vulnerability_reports/TALOS-2024-1925 • CWE-131: Incorrect Calculation of Buffer Size •
CVE-2023-45318
https://notcve.org/view.php?id=CVE-2023-45318
A specially crafted network packet can lead to arbitrary code execution. • https://talosintelligence.com/vulnerability_reports/TALOS-2023-1843 • CWE-122: Heap-based Buffer Overflow •
CVE-2023-51770 – Apache DolphinScheduler: Arbitrary File Read Vulnerability
https://notcve.org/view.php?id=CVE-2023-51770
Arbitrary File Read Vulnerability in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue. Vulnerabilidad de lectura de archivos arbitrarios en Apache Dolphinscheduler. Este problema afecta a Apache DolphinScheduler: versiones anteriores a 3.2.1. Recomendamos a los usuarios que actualicen Apache DolphinScheduler a la versión 3.2.1, que soluciona el problema. • http://www.openwall.com/lists/oss-security/2024/02/20/2 https://github.com/apache/dolphinscheduler/pull/15433 https://lists.apache.org/thread/4t8bdjqnfhldh73gy9p0whlgvnnbtn7g https://lists.apache.org/thread/gpks573kn00ofxn7n9gkg6o47d03p5rw • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-49109 – Remote Code Execution in Apache Dolphinscheduler
https://notcve.org/view.php?id=CVE-2023-49109
Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue. Exposición de la ejecución remota de código en Apache Dolphinscheduler. Este problema afecta a Apache DolphinScheduler: versiones anteriores a 3.2.1. Recomendamos a los usuarios que actualicen Apache DolphinScheduler a la versión 3.2.1, que soluciona el problema. • http://www.openwall.com/lists/oss-security/2024/02/20/4 https://github.com/apache/dolphinscheduler/pull/14991 https://lists.apache.org/thread/5b6yq2gov0fsy9x5dkvo8ws4rr45vkn8 https://lists.apache.org/thread/6kgsl93vtqlbdk6otttl0d8wmlspk0m5 • CWE-94: Improper Control of Generation of Code ('Code Injection') •