CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2023-23773
https://notcve.org/view.php?id=CVE-2023-23773
The Motorola MBTS Base Radio lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device. • https://tetraburst.com • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-23772
https://notcve.org/view.php?id=CVE-2023-23772
The Motorola MBTS Site Controller lacks cryptographic signature validation for firmware update packages, allowing an authenticated attacker to gain arbitrary code execution, extract secret key material, and/or leave a persistent implant on the device. • https://tetraburst.com • CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40889
https://notcve.org/view.php?id=CVE-2023-40889
Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. • https://hackmd.io/%40cspl/B1ZkFZv23 https://lists.debian.org/debian-lts-announce/2023/12/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25LZZQJGGZRPLKTRNRNOTAFQJIPS7WRP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DC7V5YCLCPB36J2KY6WLZCABFLBRB665 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-40890
https://notcve.org/view.php?id=CVE-2023-40890
Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. • https://hackmd.io/%40cspl/H1PxPAUnn https://lists.debian.org/debian-lts-announce/2023/12/msg00001.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/25LZZQJGGZRPLKTRNRNOTAFQJIPS7WRP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DC7V5YCLCPB36J2KY6WLZCABFLBRB665 • CWE-787: Out-of-bounds Write •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2023-41362
https://notcve.org/view.php?id=CVE-2023-41362
MyBB before 1.8.36 allows Code Injection by users with certain high privileges. • https://blog.sorcery.ie/posts/mybb_acp_rce https://github.com/mybb/mybb/commit/a43a6f22944e769a6eabc58c39e7bc18c1cab4ca.patch https://github.com/mybb/mybb/security/advisories/GHSA-pr74-wvp3-q6f5 https://mybb.com/versions/1.8.36 • CWE-94: Improper Control of Generation of Code ('Code Injection') •