CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2023-5169 – Mozilla: Out-of-bounds write in PathOps
https://notcve.org/view.php?id=CVE-2023-5169
A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. Un proceso de contenido comprometido podría haber proporcionado datos maliciosos en un `PathRecording`, lo que habría resultado en una escritura fuera de los límites, lo que habría provocado una falla potencialmente explotable en un proceso privilegiado. Esta vulnerabilidad afecta a Firefox < 118, Firefox ESR < 115.3 y Thunderbird < 115.3. A flaw was found in Mozilla. • https://bugzilla.mozilla.org/show_bug.cgi?id=1846685 https://lists.debian.org/debian-lts-announce/2023/09/msg00034.html https://lists.debian.org/debian-lts-announce/2023/10/msg00015.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AY642Z6JZODQJE7Z62CFREVUHEGCXGPD https://www.debian.org/security/2023/dsa-5506 https://www.debian.org/security/2023/dsa-5513 https://www.mozilla.org/security/advisories/mfsa2023-41 https://www.mozilla.org/security/advisor • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-41074 – webkitgtk: processing web content may lead to arbitrary code execution
https://notcve.org/view.php?id=CVE-2023-41074
The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. El problema se solucionó con controles mejorados. Este problema se solucionó en tvOS 17, Safari 17, watchOS 10, iOS 17 y iPadOS 17, macOS Sonoma 14. • http://seclists.org/fulldisclosure/2023/Oct/10 http://seclists.org/fulldisclosure/2023/Oct/2 http://seclists.org/fulldisclosure/2023/Oct/3 http://seclists.org/fulldisclosure/2023/Oct/8 http://seclists.org/fulldisclosure/2023/Oct/9 http://www.openwall.com/lists/oss-security/2023/09/28/3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4EEMDC5TQAANFH5D77QM34ZTUKXPFGVL https://security.gentoo.org/glsa/202401-33 https://support.apple.com/en-us&#x •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 2CVE-2023-42753 – Kernel: netfilter: potential slab-out-of-bound access due to integer underflow
https://notcve.org/view.php?id=CVE-2023-42753
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. Se encontró una vulnerabilidad de indexación de matrices en el subsistema netfilter del kernel de Linux. Una macro faltante podría provocar un error de cálculo del desplazamiento de la matriz `h->nets`, proporcionando a los atacantes la primitiva de incrementar/disminuir arbitrariamente un búfer de memoria fuera de límites. • http://packetstormsecurity.com/files/175963/Kernel-Live-Patch-Security-Notice-LSN-0099-1.html https://access.redhat.com/errata/RHSA-2023:7370 https://access.redhat.com/errata/RHSA-2023:7379 https://access.redhat.com/errata/RHSA-2023:7382 https://access.redhat.com/errata/RHSA-2023:7389 https://access.redhat.com/errata/RHSA-2023:7411 https://access.redhat.com/errata/RHSA-2023:7418 https://access.redhat.com/errata/RHSA-2023:7539 https://access.redhat.com/errata/RHSA-2023:7558 h • CWE-787: Out-of-bounds Write •
CVSS: 9.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-3550 – Stored XSS leads to privilege escalation in MediaWiki v1.40.0
https://notcve.org/view.php?id=CVE-2023-3550
Mediawiki v1.40.0 does not validate namespaces used in XML files. Therefore, if the instance administrator allows XML file uploads, a remote attacker with a low-privileged user account can use this exploit to become an administrator by sending a malicious link to the instance administrator. Mediawiki v1.40.0 no valida los espacios de nombres utilizados en archivos XML. Por lo tanto, si el administrador de la instancia permite la carga de archivos XML, un atacante remoto con una cuenta de usuario con pocos privilegios puede utilizar este exploit para convertirse en administrador enviando un enlace malicioso al administrador de la instancia. • https://fluidattacks.com/advisories/blondie https://lists.debian.org/debian-lts-announce/2023/11/msg00027.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FU2FGUXXK6TMV6R52VRECLC6XCSQQISY https://www.debian.org/security/2023/dsa-5520 https://www.mediawiki.org/wiki/MediaWiki • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 23%CPEs: 4EXPL: 2CVE-2023-43770 – Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2023-43770
Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior. Roundcube anterior a 1.4.14, 1.5.x anterior a 1.5.4 y 1.6.x anterior a 1.6.3 permiten XSS a través de mensajes de texto/correo electrónico plano con enlaces manipuados debido al comportamiento de program/lib/Roundcube/rcube_string_replacer.php. Roundcube Webmail contains a persistent cross-site scripting (XSS) vulnerability that can lead to information disclosure via malicious link references in plain/text messages. • https://github.com/s3cb0y/CVE-2023-43770-POC https://github.com/knight0x07/CVE-2023-43770-PoC https://github.com/roundcube/roundcubemail/commit/e92ec206a886461245e1672d8530cc93c618a49b https://lists.debian.org/debian-lts-announce/2023/09/msg00024.html https://roundcube.net/news/2023/09/15/security-update-1.6.3-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •