CVSS: 10.0EPSS: 85%CPEs: 3EXPL: 2CVE-2024-21650 – XWiki Remote Code Execution vulnerability via user registration
https://notcve.org/view.php?id=CVE-2024-21650
08 Jan 2024 — XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to a remote code execution (RCE) attack through its user registration feature. This issue allows an attacker to execute arbitrary code by crafting malicious payloads in the "first name" or "last name" fields during user registration. This impacts all installations that have user registration enabled for guests. This vulnerability has been patched in XWiki 14.10.17, 15.5.3 and 15.8 RC1... • https://github.com/codeb0ss/CVE-2024-21650-PoC • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35704 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35704
08 Jan 2024 — A specially crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35703 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35703
08 Jan 2024 — A specially crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35702 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35702
08 Jan 2024 — A specially crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35958 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35958
08 Jan 2024 — A specially-crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35957 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35957
08 Jan 2024 — A specially-crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35956 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35956
08 Jan 2024 — A specially-crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35955 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35955
08 Jan 2024 — A specially-crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35970 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35970
08 Jan 2024 — A specially crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-35969 – Debian Security Advisory 5653-1
https://notcve.org/view.php?id=CVE-2023-35969
08 Jan 2024 — A specially crafted .fst file can lead to arbitrary code execution. • https://lists.debian.org/debian-lts-announce/2024/04/msg00007.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •