CVSS: 7.8EPSS: 1%CPEs: 9EXPL: 0CVE-2023-2295 – libreswan: Regression of CVE-2023-30570 fixes in the Red Hat Enterprise Linux
https://notcve.org/view.php?id=CVE-2023-2295
16 May 2023 — A vulnerability was found in the libreswan library. This security issue occurs when an IKEv1 Aggressive Mode packet is received with only unacceptable crypto algorithms, and the response packet is not sent with a zero responder SPI. When a subsequent packet is received where the sender reuses the libreswan responder SPI as its own initiator SPI, the pluto daemon state machine crashes. No remote code execution is possible. This CVE exists because of a CVE-2023-30570 security regression for libreswan package ... • https://access.redhat.com/errata/RHSA-2023:3107 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 1CVE-2023-1729 – LibRaw: a heap-buffer-overflow in raw2image_ex()
https://notcve.org/view.php?id=CVE-2023-1729
15 May 2023 — A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. Zinuo Han and Ao Wang discovered that the Android DNG SDK, vendored in digiKam, did not correctly parse certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. • https://bugzilla.redhat.com/show_bug.cgi?id=2188240 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 6.3EPSS: 0%CPEs: 4EXPL: 0CVE-2023-2700 – libvirt: Memory leak in virPCIVirtualFunctionList cleanup
https://notcve.org/view.php?id=CVE-2023-2700
15 May 2023 — A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. A vulnerability was found in libvirt. This security flaw occurs due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr ... • https://access.redhat.com/security/cve/CVE-2023-2700 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 8.3EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2454 – postgresql: schema_element defeats protective search_path changes
https://notcve.org/view.php?id=CVE-2023-2454
12 May 2023 — schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code. A flaw was found in PostgreSQL. Certain database calls could permit an attacker with elevated database-level privileges to execute arbitrary code. Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute ar... • https://access.redhat.com/security/cve/CVE-2023-2454 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2455 – postgresql: row security policies disregard user ID changes after inlining.
https://notcve.org/view.php?id=CVE-2023-2455
12 May 2023 — Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other roles. This scenario can happen under security definer functions or when a common user and query is planned initially and then re-used across multiple SET ROLEs. Applying an incorrect policy may permit a user to complete otherwise-forbidden reads and modificatio... • https://access.redhat.com/security/cve/CVE-2023-2455 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-32573 – qt: Uninitialized variable usage in m_unitsPerEm
https://notcve.org/view.php?id=CVE-2023-32573
10 May 2023 — In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont m_unitsPerEm initialization is mishandled. A vulnerability was found in qt. The security flaw occurs due to uninitialized variable usage in m_unitsPerEm. This update for libqt5-qtsvg fixes the following issues. Fixed an out-of-bounds write that may have lead to a denial-of-service. • https://codereview.qt-project.org/c/qt/qtsvg/+/474093 • CWE-369: Divide By Zero •
CVSS: 9.0EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2203 – webkitgtk: Regression of CVE-2023-28205 fixes in the Red Hat Enterprise Linux
https://notcve.org/view.php?id=CVE-2023-2203
10 May 2023 — A flaw was found in the WebKitGTK package. An improper input validation issue may lead to a use-after-free vulnerability. This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. This CVE exists because of a CVE-2023-28205 security regression for the WebKitGTK package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. WebKitGTK is the port of the portable web rendering engine WebKit to the GTK platform... • https://access.redhat.com/errata/RHSA-2023:2653 • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2023-2319 – pcs: webpack: Regression of CVE-2023-28154 fixes in the Red Hat Enterprise Linux
https://notcve.org/view.php?id=CVE-2023-2319
09 May 2023 — It was discovered that an update for PCS package in RHBA-2023:2151 erratum released as part of Red Hat Enterprise Linux 9.2 failed to include the fix for the Webpack issue CVE-2023-28154 (for PCS package), which was previously addressed in Red Hat Enterprise Linux 9.1 via erratum RHSA-2023:1591. The CVE-2023-2319 was assigned to that Red Hat specific security regression in Red Hat Enterprise Linux 9.2. The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. Iss... • https://access.redhat.com/errata/RHSA-2023:2652 •
CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2491 – emacs: Regression of CVE-2023-28617 fixes in the Red Hat Enterprise Linux
https://notcve.org/view.php?id=CVE-2023-2491
09 May 2023 — A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2. Multicluster Engine for Kubernetes 2.2.4 images Multicluster engine for Kubernetes provides the foundational components that are necessary for the centralized management ... • https://access.redhat.com/errata/RHSA-2023:2626 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 6.7EPSS: 0%CPEs: 5EXPL: 0CVE-2023-2513 – kernel: ext4: use-after-free in ext4_xattr_set_entry()
https://notcve.org/view.php?id=CVE-2023-2513
08 May 2023 — A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors. A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw allows a privileged local user to cause a system crash or other undefined behaviors. Jordy Zomer and Alexand... • https://bugzilla.redhat.com/show_bug.cgi?id=2193097 • CWE-416: Use After Free •