CVSS: 7.8EPSS: 1%CPEs: 59EXPL: 0CVE-2023-5455 – Ipa: invalid csrf protection
https://notcve.org/view.php?id=CVE-2023-5455
10 Jan 2024 — A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of confidentiality and system integrity. During community penetration testing it was found that for certain HTTP end-points FreeIPA does not ensure CSRF protection. Due to implementation details one cannot use this flaw for reflection of a cookie representing alrea... • https://access.redhat.com/errata/RHSA-2024:0137 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0225 – Gentoo Linux Security Advisory 202402-14
https://notcve.org/view.php?id=CVE-2024-0225
04 Jan 2024 — Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en WebGPU en Google Chrome anterior a 120.0.6099.199 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst o... • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0224 – Gentoo Linux Security Advisory 202402-14
https://notcve.org/view.php?id=CVE-2024-0224
04 Jan 2024 — Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en WebAudio en Google Chrome anterior a 120.0.6099.199 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in Chromium and its derivatives, the wor... • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0223 – Gentoo Linux Security Advisory 202402-14
https://notcve.org/view.php?id=CVE-2024-0223
04 Jan 2024 — Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El desbordamiento de búfer de almacenamiento dinámico en ANGLE en Google Chrome anterior a 120.0.6099.199 permitía a un atacante remoto explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Multiple vulnerabilities have been discovered in C... • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2024-0222 – Gentoo Linux Security Advisory 202402-14
https://notcve.org/view.php?id=CVE-2024-0222
04 Jan 2024 — Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) El use after free en ANGLE en Google Chrome anterior a 120.0.6099.199 permitió a un atacante remoto que había comprometido el proceso de renderizado explotar potencialmente la corrupción del montón a través de una página HTML manipulada. (Severidad de seguridad de Chrome: alta) Mu... • https://chromereleases.googleblog.com/2024/01/stable-channel-update-for-desktop.html • CWE-416: Use After Free •
CVSS: 4.8EPSS: 0%CPEs: 5EXPL: 0CVE-2023-6004 – Libssh: proxycommand/proxyjump features allow injection of malicious code through hostname
https://notcve.org/view.php?id=CVE-2023-6004
28 Dec 2023 — A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter. Se encontró una falla en libssh. Al utilizar la función ProxyCommand o ProxyJump, los usuarios pueden explotar la sintaxis del hostname no verificada en el cliente. • https://access.redhat.com/errata/RHSA-2024:2504 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-6879 – heap buffer overflow in libaom
https://notcve.org/view.php?id=CVE-2023-6879
27 Dec 2023 — Increasing the resolution of video frames, while performing a multi-threaded encode, can result in a heap overflow in av1_loop_restoration_dealloc(). Aumentar la resolución de los fotogramas de vídeo, mientras se realiza una codificación multiproceso, puede provocar un desbordamiento del montón en av1_loop_restoration_dealloc(). • https://aomedia.googlesource.com/aom/+/refs/tags/v3.7.1 • CWE-20: Improper Input Validation CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 3EXPL: 1CVE-2023-7104 – SQLite SQLite3 make alltest sqlite3session.c sessionReadRecord heap-based overflow
https://notcve.org/view.php?id=CVE-2023-7104
25 Dec 2023 — A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999. • https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYONA2XSNFMXLAW4IHLFI5UVV3QRNG5K • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-122: Heap-based Buffer Overflow •
CVSS: 7.8EPSS: 69%CPEs: 4EXPL: 0CVE-2023-7101 – Spreadsheet::ParseExcel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2023-7101
24 Dec 2023 — Spreadsheet::ParseExcel version 0.65 is a Perl module used for parsing Excel files. Spreadsheet::ParseExcel is vulnerable to an arbitrary code execution (ACE) vulnerability due to passing unvalidated input from a file into a string-type “eval”. Specifically, the issue stems from the evaluation of Number format strings (not to be confused with printf-style format strings) within the Excel parsing logic. Spreadsheet::ParseExcel version 0.65 es un módulo Perl utilizado para analizar archivos Excel. Spreadsheet... • http://www.openwall.com/lists/oss-security/2023/12/29/4 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 5.3EPSS: 21%CPEs: 8EXPL: 6CVE-2023-51764 – postfix: SMTP smuggling vulnerability
https://notcve.org/view.php?id=CVE-2023-51764
24 Dec 2023 — Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in recent versions). Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Postfix supports