CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 1CVE-2023-3772 – Kernel: xfrm: null pointer dereference in xfrm_update_ae_params()
https://notcve.org/view.php?id=CVE-2023-3772
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service. • http://www.openwall.com/lists/oss-security/2023/08/10/1 http://www.openwall.com/lists/oss-security/2023/08/10/3 https://access.redhat.com/errata/RHSA-2023:6583 https://access.redhat.com/errata/RHSA-2023:6901 https://access.redhat.com/errata/RHSA-2023:7077 https://access.redhat.com/errata/RHSA-2024:0412 https://access.redhat.com/errata/RHSA-2024:0575 https://access.redhat.com/security/cve/CVE-2023-3772 https://bugzilla.redhat.com/show_bug.cgi?id=2218943 https&# • CWE-476: NULL Pointer Dereference •
CVSS: 6.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-38745
https://notcve.org/view.php?id=CVE-2023-38745
Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on the privileges of the process running Pandoc. It only affects systems that pass untrusted user input to Pandoc and allow Pandoc to be used to produce a PDF or with the --extract-media option. NOTE: this issue exists because of an incomplete fix for CVE-2023-35936 (failure to properly account for double encoded path names). • https://github.com/jgm/pandoc/commit/eddedbfc14916aa06fc01ff04b38aeb30ae2e625 https://github.com/jgm/pandoc/compare/3.1.5...3.1.6 https://lists.debian.org/debian-lts-announce/2023/07/msg00029.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JGRJHU2FTSGTHHRTNDF7STEKLKKA25JN https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LYP3FKDS3KAYMQUZVVL73IUI4CWSKLKP https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.o •
CVSS: 6.5EPSS: 0%CPEs: 145EXPL: 1CVE-2023-20593 – hw: amd: Cross-Process Information Leak
https://notcve.org/view.php?id=CVE-2023-20593
An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive information. A flaw was found in hw, in “Zen 2” CPUs. This issue may allow an attacker to access sensitive information under specific microarchitectural circumstances. • http://seclists.org/fulldisclosure/2023/Jul/43 http://www.openwall.com/lists/oss-security/2023/07/24/3 http://www.openwall.com/lists/oss-security/2023/07/25/1 http://www.openwall.com/lists/oss-security/2023/07/25/12 http://www.openwall.com/lists/oss-security/2023/07/25/13 http://www.openwall.com/lists/oss-security/2023/07/25/14 http://www.openwall.com/lists/oss-security/2023/07/25/15 http://www.openwall.com/lists/oss-security/2023/07/25/1 • CWE-1239: Improper Zeroization of Hardware Register •
CVSS: 6.4EPSS: 0%CPEs: 4EXPL: 0CVE-2023-3863 – Use-after-free in nfc_llcp_find_loca in net/nfc/llcp_core.c
https://notcve.org/view.php?id=CVE-2023-3863
A use-after-free flaw was found in nfc_llcp_find_local in net/nfc/llcp_core.c in NFC in the Linux kernel. This flaw allows a local user with special privileges to impact a kernel information leak issue. • https://access.redhat.com/security/cve/CVE-2023-3863 https://bugzilla.redhat.com/show_bug.cgi?id=2225126 https://github.com/torvalds/linux/commit/6709d4b7bc2e079241fdef15d1160581c5261c10 https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html https://security.netapp.com/advisory/ntap-20240202-0002 https://www.debian.org/security/2023/dsa-5480 https://www.debian.org/security/2023/dsa-5492 • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2023-3417 – thunderbird: File Extension Spoofing using the Text Direction Override Character
https://notcve.org/view.php?id=CVE-2023-3417
Thunderbird allowed the Text Direction Override Unicode Character in filenames. An email attachment could be incorrectly shown as being a document file, while in fact it was an executable file. Newer versions of Thunderbird will strip the character and show the correct file extension. This vulnerability affects Thunderbird < 115.0.1 and Thunderbird < 102.13.1. • https://bugzilla.mozilla.org/show_bug.cgi?id=1835582 https://lists.debian.org/debian-lts-announce/2023/07/msg00032.html https://www.debian.org/security/2023/dsa-5463 https://www.mozilla.org/security/advisories/mfsa2023-27 https://www.mozilla.org/security/advisories/mfsa2023-28 https://access.redhat.com/security/cve/CVE-2023-3417 https://bugzilla.redhat.com/show_bug.cgi?id=2225325 • CWE-434: Unrestricted Upload of File with Dangerous Type •