CVSS: 5.4EPSS: 0%CPEs: 20EXPL: 0CVE-2023-31153 – Improper Neutralization of Input During Web Page Generation
https://notcve.org/view.php?id=CVE-2023-31153
An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to inject and execute arbitrary script code.See SEL Service Bulletin dated 2022-11-15 for more details. • https://selinc.com/support/security-notifications/external-reports https://www.nozominetworks.com/blog • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0CVE-2023-31149 – Improper Input Validation in Web Interface
https://notcve.org/view.php?id=CVE-2023-31149
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. • https://selinc.com/support/security-notifications/external-reports https://www.nozominetworks.com/blog • CWE-20: Improper Input Validation •
CVSS: 9.1EPSS: 0%CPEs: 20EXPL: 0CVE-2023-31148 – Improper Input Validation in Web Interface
https://notcve.org/view.php?id=CVE-2023-31148
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. • https://selinc.com/support/security-notifications/external-reports https://www.nozominetworks.com/blog • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2023-2203 – webkitgtk: Regression of CVE-2023-28205 fixes in the Red Hat Enterprise Linux
https://notcve.org/view.php?id=CVE-2023-2203
This flaw allows attackers with network access to pass specially crafted web content files, causing a denial of service or arbitrary code execution. • https://access.redhat.com/errata/RHSA-2023:2653 https://access.redhat.com/errata/RHSA-2023:3108 https://access.redhat.com/security/cve/CVE-2023-2203 https://bugzilla.redhat.com/show_bug.cgi?id=2188543 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 4%CPEs: 1EXPL: 0CVE-2023-29284 – ZDI-CAN-20365: Adobe Substance 3D Painter USDA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-29284
Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. • https://helpx.adobe.com/security/products/substance3d_painter/apsb23-29.html • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •