CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43270
https://notcve.org/view.php?id=CVE-2023-43270
dst-admin v1.5.0 was discovered to contain a remote command execution (RCE) vulnerability via the userId parameter at /home/playerOperate. Se descubrió que dst-admin v1.5.0 contiene una vulnerabilidad de ejecución remota de comandos (RCE) a través del parámetro userId en /home/playerOperate. • https://github.com/Libestor/someCVE/tree/main/dst-admin-RCE • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-43783
https://notcve.org/view.php?id=CVE-2023-43783
In some kernel configurations, code injection into the Wine registry is possible. • http://www.openwall.com/lists/oss-security/2023/10/05/4 https://bugzilla.suse.com/show_bug.cgi?id=1213985 https://github.com/falkTX/Cadence • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.8EPSS: 0%CPEs: 16EXPL: 3CVE-2023-41993 – Apple Multiple Products WebKit Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-41993
Processing web content may lead to arbitrary code execution. ... This issue occurs when processing web content, which may lead to arbitrary code execution. • https://github.com/po6ix/POC-for-CVE-2023-41993 https://github.com/J3Ss0u/CVE-2023-41993 https://github.com/0x06060606/CVE-2023-41993 https://security.gentoo.org/glsa/202401-33 https://security.netapp.com/advisory/ntap-20240426-0004 https://support.apple.com/en-us/HT213940 https://access.redhat.com/security/cve/CVE-2023-41993 https://bugzilla.redhat.com/show_bug.cgi?id=2240522 • CWE-754: Improper Check for Unusual or Exceptional Conditions •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 0CVE-2023-4291 – Frauscher FDS101 for FAdC/FAdCi remote code execution vulnerability
https://notcve.org/view.php?id=CVE-2023-4291
Frauscher Sensortechnik GmbH FDS101 for FAdC/FAdCi v1.4.24 and all previous versions are vulnerable to a remote code execution (RCE) vulnerability via manipulated parameters of the web interface without authentication. This could lead to a full compromise of the FDS101 device. Frauscher Sensortechnik GmbH FDS101 para FAdC/FAdCi v1.4.24 y todas las versiones anteriores son vulnerables a una vulnerabilidad de ejecución remota de código (RCE) a través de parámetros manipulados de la interfaz web sin autenticación. Esto podría provocar un compromiso total del dispositivo FDS101. • https://cert.vde.com/en/advisories/VDE-2023-038 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-43496
https://notcve.org/view.php?id=CVE-2023-43496
Jenkins 2.423 and earlier, LTS 2.414.1 and earlier creates a temporary file in the system temporary directory with the default permissions for newly created files when installing a plugin from a URL, potentially allowing attackers with access to the system temporary directory to replace the file before it is installed in Jenkins, potentially resulting in arbitrary code execution. • http://www.openwall.com/lists/oss-security/2023/09/20/5 https://www.jenkins.io/security/advisory/2023-09-20/#SECURITY-3072 • CWE-276: Incorrect Default Permissions •