CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 1CVE-2023-5221 – ForU CMS index.php code injection
https://notcve.org/view.php?id=CVE-2023-5221
The manipulation of the argument db_name leads to code injection. ... Mit der Manipulation des Arguments db_name mit unbekannten Daten kann eine code injection-Schwachstelle ausgenutzt werden. • https://github.com/Fovker8/cve/blob/main/rce.md https://vuldb.com/?ctiid.240363 https://vuldb.com/?id.240363 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2023-41984
https://notcve.org/view.php?id=CVE-2023-41984
The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. El problema se solucionó mejorando el manejo de la memoria. Este problema se solucionó en macOS Ventura 13.6, tvOS 17, iOS 16.7 y iPadOS 16.7, macOS Monterey 12.7, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/4 http://seclists.org/fulldisclosure/2023/Oct/5 http://seclists.org/fulldisclosure/2023/Oct/6 http://seclists.org/fulldisclosure/2023/Oct/8 https://support.apple.com/en-us/HT213927 https://support.apple.com/en-us/HT213931 https://support.apple.com/en-us/HT213932 https://support.apple.com/en-us/HT213936 https://support.apple.com • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-39434 – webkitgtk: processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-39434
Processing web content may lead to arbitrary code execution. • http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 http://www.openwall.com/lists/oss-security/2023/09/28/3 https://security.gentoo.org/glsa/202401-33 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 https://access.redhat.com/security/cve/CVE-2023-39434 https://bugzilla.redhat.com/show_bug.cgi?id=2241 • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-41074 – webkitgtk: processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-41074
Processing web content may lead to arbitrary code execution. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/2 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 http://www.openwall.com/lists/oss-security/2023/09/28/3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL https://security.gentoo.org/glsa/202401-33 https://support.apple.com/en-us&#x •
CVSS: 9.8EPSS: 1%CPEs: 5EXPL: 0CVE-2023-40400
https://notcve.org/view.php?id=CVE-2023-40400
A remote user may cause an unexpected app termination or arbitrary code execution. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 https://support.apple.com/en-us/HT213936 https://support.apple.com/en-us/HT213937 https://support.apple.com/en-us/HT213938 https://support.apple.com/en-us/HT213940 https://support.apple.com/kb/HT213841 •