CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2023-6377 – Xorg-x11-server: out-of-bounds memory reads/writes in xkb button actions
https://notcve.org/view.php?id=CVE-2023-6377
13 Dec 2023 — A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cases where X11 forwarding is involved. Se encontró una falla en xorg-server. Consultar o cambiar las acciones de los botones XKB, como pasar de un panel táctil a un mouse, puede provocar lecturas y escrituras de memoria fuera de los límites. • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 2%CPEs: 17EXPL: 0CVE-2023-6478 – Xorg-x11-server: out-of-bounds memory read in rrchangeoutputproperty and rrchangeproviderproperty
https://notcve.org/view.php?id=CVE-2023-6478
13 Dec 2023 — A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information. Se encontró una falla en xorg-server. Una solicitud especialmente manipulada a RRChangeProviderProperty o RRChangeOutputProperty puede desencadenar un desbordamiento de enteros que puede provocar la divulgación de información confidencial. This vulnerability allows local attackers to disclose sensitive info... • http://www.openwall.com/lists/oss-security/2023/12/13/1 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.3EPSS: 3%CPEs: 42EXPL: 0CVE-2023-5868 – Postgresql: memory disclosure in aggregate function calls
https://notcve.org/view.php?id=CVE-2023-5868
14 Nov 2023 — A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals without type designation can disclose bytes, potentially revealing notable and confidential information. This issue exists due to excessive data output in aggregate function calls, enabling remote users to read some portion of system memory. Se encontró una vulnerabi... • https://access.redhat.com/errata/RHSA-2023:7545 • CWE-686: Function Call With Incorrect Argument Type •
CVSS: 9.0EPSS: 6%CPEs: 49EXPL: 0CVE-2023-5869 – Postgresql: buffer overrun from integer overflow in array modification
https://notcve.org/view.php?id=CVE-2023-5869
14 Nov 2023 — A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remote user can trigger the overflow by providing specially crafted data. This enables the execution of arbitrary code on the target system, allowing users to write arbitrary bytes to memory and extensively read the server's memory. Se encontró una falla en PostgreS... • https://access.redhat.com/errata/RHSA-2023:7545 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.6EPSS: 6%CPEs: 42EXPL: 0CVE-2023-5870 – Postgresql: role pg_signal_backend can signal certain superuser processes.
https://notcve.org/view.php?id=CVE-2023-5870
14 Nov 2023 — A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension with a less-resilient background worker and would affect that specific background worker only. This issue may allow a remote high privileged user to launch a denial of service (DoS) attack. Se encontró una falla en PostgreSQL que involucra la función pg_cancel_bac... • https://access.redhat.com/errata/RHSA-2023:7545 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.6EPSS: 85%CPEs: 21EXPL: 0CVE-2023-46847 – Squid: denial of service in http digest authentication
https://notcve.org/view.php?id=CVE-2023-46847
03 Nov 2023 — Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication. Squid es vulnerable a una Denegación de Servicio, donde un atacante remoto puede realizar un ataque de desbordamiento de búfer escribiendo hasta 2 MB de datos arbitrarios en la memoria acumulada cuando Squid está configurado para aceptar la autenticación implícita HTTP. Joshua Rogers discov... • https://access.redhat.com/errata/RHSA-2023:6266 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 8.6EPSS: 37%CPEs: 5EXPL: 0CVE-2023-46848 – Squid: denial of service in ftp
https://notcve.org/view.php?id=CVE-2023-46848
03 Nov 2023 — Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input. Squid es vulnerable a la Denegación de Servicio, donde un atacante remoto puede realizar DoS enviando URL ftp:// en mensajes de solicitud HTTP o construyendo URL ftp:// a partir de una entrada nativa FTP. Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly ... • https://access.redhat.com/errata/RHSA-2023:6266 • CWE-681: Incorrect Conversion between Numeric Types •
CVSS: 9.3EPSS: 27%CPEs: 19EXPL: 0CVE-2023-46846 – Squid: request/response smuggling in http/1.1 and icap
https://notcve.org/view.php?id=CVE-2023-46846
03 Nov 2023 — SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems. SQUID es vulnerable al contrabando de solicitudes HTTP, causado por la indulgencia de los decodificadores fragmentados, lo que permite a un atacante remoto realizar el contrabando de solicitudes/respuestas a través del firewall y los sistemas de seguridad frontales. Joshua Rogers discovered that Squid incorrectly handle... • https://access.redhat.com/errata/RHSA-2023:6266 • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 51EXPL: 0CVE-2023-3972 – Insights-client: unsafe handling of temporary files and directories
https://notcve.org/view.php?id=CVE-2023-3972
01 Nov 2023 — A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered on the system by root, an unprivileged local user or attacker could create the /var/tmp/insights-client directory (owning the directory with read, write, and execute permissions) on the system. After the insights-client is registered by root, an attacker could ... • https://access.redhat.com/errata/RHSA-2023:6264 • CWE-379: Creation of Temporary File in Directory with Insecure Permissions CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.4EPSS: 0%CPEs: 10EXPL: 0CVE-2023-5380 – Xorg-x11-server: use-after-free bug in destroywindow
https://notcve.org/view.php?id=CVE-2023-5380
25 Oct 2023 — A use-after-free flaw was found in the xorg-x11-server. An X server crash may occur in a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Zaphod mode) if the pointer is warped from within a window on one screen to the root window of the other screen and if the original window is destroyed followed by another window being destroyed. Se encontró una falla de use-after-free en el servidor xorg-x11. Puede ocurrir una falla del servidor X en una configura... • https://access.redhat.com/errata/RHSA-2023:7428 • CWE-416: Use After Free •