CVE-2023-21166
https://notcve.org/view.php?id=CVE-2023-21166
In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. • https://source.android.com/security/bulletin/2023-12-01 •
CVE-2023-21164
https://notcve.org/view.php?id=CVE-2023-21164
In DevmemIntMapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. • https://source.android.com/security/bulletin/2023-12-01 •
CVE-2023-21163
https://notcve.org/view.php?id=CVE-2023-21163
In PMR_ReadBytes of pmr.c, there is a possible arbitrary code execution due to a use after free. • https://source.android.com/security/bulletin/2023-12-01 •
CVE-2023-21162
https://notcve.org/view.php?id=CVE-2023-21162
In RGXUnbackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. • https://source.android.com/security/bulletin/2023-12-01 •
CVE-2023-49093 – HtmlUnit vulnerable to Remote Code Execution (RCE) via XSTL
https://notcve.org/view.php?id=CVE-2023-49093
HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. This vulnerability has been patched in version 3.9.0 HtmlUnit es un navegador sin GUI para programas Java. HtmlUnit es vulnerable a la ejecución remota de código (RCE) a través de XSTL, al navegar por la página web del atacante. Esta vulnerabilidad ha sido parcheada en la versión 3.9.0. • https://github.com/HtmlUnit/htmlunit/security/advisories/GHSA-37vq-hr2f-g7h7 https://www.htmlunit.org/changes-report.html#a3.9.0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •