CVSS: 4.3EPSS: 0%CPEs: 7EXPL: 0CVE-2023-4900
https://notcve.org/view.php?id=CVE-2023-4900
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium) La implementación inapropiada en Custom Tabs en Google Chrome en Android anterior a 117.0.5938.62 permitió a un atacante remoto ofuscar una solicitud de permiso a través de una página HTML manipulada. (Severidad de seguridad de Chromium: media) • https://chromereleases.googleblog.com/2023/09/stable-channel-update-for-desktop_12.html https://crbug.com/1430867 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WTRUIS3564P7ZLM2S2IH4Y4KZ327LI4I https://security.gentoo.org/glsa/202401-34 https://www& •
CVSS: 9.6EPSS: 49%CPEs: 16EXPL: 12CVE-2023-4863 – Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2023-4863
Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) El desbordamiento del búfer de memoria en libwebp en Google Chrome anterior a 116.0.5845.187 y libwebp 1.3.2 permitía a un atacante remoto realizar una escritura en memoria fuera de los límites a través de una página HTML manipulada. (Severidad de seguridad de Chromium: crítica) A heap-based buffer flaw was found in the way libwebp, a library used to process "WebP" image format data, processes certain specially formatted WebP images. An attacker could use this flaw to crash or execute remotely arbitrary code in an application such as a web browser compiled with this library. Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. • https://github.com/alsaeroth/CVE-2023-4863-POC https://github.com/mistymntncop/CVE-2023-4863 https://github.com/LiveOverflow/webp-CVE-2023-4863 https://github.com/bbaranoff/CVE-2023-4863 https://github.com/talbeerysec/BAD-WEBP-CVE-2023-4863 https://github.com/huiwen-yayaya/CVE-2023-4863 https://github.com/CrackerCat/CVE-2023-4863- https://github.com/sarsaeroth/CVE-2023-4863-POC http://www.openwall.com/lists/oss-security/2023/09/21/4 http://www.openwall.com/list • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2023-41915 – pmix: race condition allows attackers to obtain ownership of arbitrary files
https://notcve.org/view.php?id=CVE-2023-41915
OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0. OpenPMIx PMIx antes de las versiones 4.2.6 y 5.0.x antes de 5.0.1, permite a los atacantes obtener la propiedad de archivos arbitrarios a través de una condición de ejecución durante la ejecución de código de librería con UID 0. OpenPMIx PMIx is vulnerable to a race condition during execution of library code with UID 0, which allows attackers to obtain ownership of arbitrary files. • http://www.openwall.com/lists/oss-security/2024/07/10/3 http://www.openwall.com/lists/oss-security/2024/07/10/4 http://www.openwall.com/lists/oss-security/2024/07/10/6 http://www.openwall.com/lists/oss-security/2024/07/11/3 https://docs.openpmix.org/en/latest/security.html https://github.com/openpmix/openpmix/releases/tag/v4.2.6 https://github.com/openpmix/openpmix/releases/tag/v5.0.1 https://lists.debian.org/debian-lts-announce/2023/10/msg00048.h • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 1CVE-2023-39511 – Stored Cross-Site-Scripting on reports_admin.php device name in Cacti
https://notcve.org/view.php?id=CVE-2023-39511
Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting (XSS) Vulnerability which allows an authenticated user to poison data stored in the _cacti_'s database. These data will be viewed by administrative _cacti_ accounts and execute JavaScript code in the victim's browser at view-time. The script under `reports_admin.php` displays reporting information about graphs, devices, data sources etc. _CENSUS_ found that an adversary that is able to configure a malicious device name, related to a graph attached to a report, can deploy a stored XSS attack against any super user who has privileges of viewing the `reports_admin.php` page, such as administrative accounts. • https://github.com/Cacti/cacti/security/advisories/GHSA-5hpr-4hhc-8q42 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CFH3J2WVBKY4ZJNMARVOWJQK6PSLPHFH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WOQFYGLZBAWT4AWNMO7DU73QXWPXTCKH https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WZGB2UXJEUYWWA6IWVFQ3ZTP22FIHMGN • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.6EPSS: 0%CPEs: 5EXPL: 0CVE-2023-4155 – Sev-es / sev-snp vmgexit double fetch vulnerability
https://notcve.org/view.php?id=CVE-2023-4155
A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`). Se encontró una falla en KVM AMD Secure Encrypted Virtualization (SEV) en el kernel de Linux. Un invitado KVM que utilice SEV-ES o SEV-SNP con múltiples vCPU puede desencadenar una vulnerabilidad de condición de ejecución de recuperación doble e invocar el controlador "VMGEXIT" de forma recursiva. • https://access.redhat.com/security/cve/CVE-2023-4155 https://bugzilla.redhat.com/show_bug.cgi?id=2213802 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •