CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-39685
https://notcve.org/view.php?id=CVE-2023-39685
An issue in hjson-java up to v3.0.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted JSON string. un problema en hjson-java hasta v3.0.0 permite a los atacantes causar Denegación de Servicio (DNS) mediante el suministro de una cadena JSON manipulada. • https://github.com/hjson/hjson-java/issues/27 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4491 – Easy Address Book Web Server Buffer overflow vulnerability
https://notcve.org/view.php?id=CVE-2023-4491
The exploitation of this vulnerability could allow an attacker to send a very long username string to /searchbook.ghp, asking for the name via a POST request, resulting in arbitrary code execution on the remote machine. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-4494 – Easy Chat Server Stack-based buffer overflow vulnerability
https://notcve.org/view.php?id=CVE-2023-4494
An attacker could send an excessively long username string to the register.ghp file asking for the name via a GET request resulting in arbitrary code execution on the remote machine. • https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-efs-software-products • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-39469 – PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-39469
PaperCut NG External User Lookup Code Injection Remote Code Execution Vulnerability. • https://www.papercut.com/kb/Main/SecurityBulletinJuly2023 https://www.zerodayinitiative.com/advisories/ZDI-23-1285 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-23774
https://notcve.org/view.php?id=CVE-2023-23774
This allows an attacker with physical access that is able to trigger such an exception to extract secret key material and/or gain arbitrary code execution on the device. • https://tetraburst.com • CWE-248: Uncaught Exception CWE-703: Improper Check or Handling of Exceptional Conditions CWE-755: Improper Handling of Exceptional Conditions •