CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32201
https://notcve.org/view.php?id=CVE-2023-32201
19 Jun 2023 — Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32270
https://notcve.org/view.php?id=CVE-2023-32270
19 Jun 2023 — Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32288
https://notcve.org/view.php?id=CVE-2023-32288
19 Jun 2023 — Opening a specially crafted SIM file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32542
https://notcve.org/view.php?id=CVE-2023-32542
19 Jun 2023 — Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32273
https://notcve.org/view.php?id=CVE-2023-32273
19 Jun 2023 — Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32276
https://notcve.org/view.php?id=CVE-2023-32276
19 Jun 2023 — Opening a specially crafted V8 file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-32538
https://notcve.org/view.php?id=CVE-2023-32538
19 Jun 2023 — Opening a specially crafted SIM2 file may lead to information disclosure and/or arbitrary code execution. • https://jvn.jp/en/vu/JVNVU98818508 • CWE-787: Out-of-bounds Write •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 1CVE-2023-1208 – HTTP Headers < 1.18.11 - Admin+ Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-1208
19 Jun 2023 — This HTTP Headers WordPress plugin before 1.18.11 allows arbitrary data to be written to arbitrary files, leading to a Remote Code Execution vulnerability. The HTTP Headers plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 1.18.10 via the 'http_headers_pre_update_option' function. This allows authenticated attackers with administrator-level permissions to write files and execute code on the server. The issue was partially fixed in 1.18.10 but not fully fixed until... • https://wpscan.com/vulnerability/e0cc6740-866a-4a81-a93d-ff486b79b7f7 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2023-35853
https://notcve.org/view.php?id=CVE-2023-35853
19 Jun 2023 — In Suricata before 6.0.13, an adversary who controls an external source of Lua rules may be able to execute Lua code. This is addressed in 6.0.13 by disabling Lua unless allow-rules is true in the security lua configuration section. En Suricata antes de la versión 6.0.13, un adversario que controle una fuente externa de reglas Lua puede ser capaz de ejecutar código Lua. Esto se soluciona en la versión 6.0.13 deshabilitando Lua a menos que "allow-rules" sea verdadero en la sección de configuración de segurid... • https://github.com/OISF/suricata/commit/b95bbcc66db526ffcc880eb439dbe8abc87a81da • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 91%CPEs: 4EXPL: 3CVE-2023-35813 – Sitecore 8.2 Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-35813
17 Jun 2023 — Multiple Sitecore products allow remote code execution. This affects Experience Manager, Experience Platform, and Experience Commerce through 10.3. Sitecore version 8.2 suffers from a remote code execution vulnerability. • https://packetstorm.news/files/id/177524 • CWE-94: Improper Control of Generation of Code ('Code Injection') •