Page 7 of 2304 results (0.006 seconds)

CVSS: 8.8EPSS: 0%CPEs: 446EXPL: 1

CVE-2023-23583

https://notcve.org/view.php?id=CVE-2023-23583

Sequence of processor instructions leads to unexpected behavior for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege and/or information disclosure and/or denial of service via local access. La secuencia de instrucciones del procesador genera un comportamiento inesperado en Intel(R) Processors que pueden permitir que un usuario autenticado potencialmente habilite la escalada de privilegios y/o la divulgación de información y/o la denegación de servicio a través del acceso local. • https://github.com/Mav3r1ck0x1/CVE-2023-23583-Reptar- http://www.openwall.com/lists/oss-security/2023/11/14/4 http://www.openwall.com/lists/oss-security/2023/11/14/5 http://www.openwall.com/lists/oss-security/2023/11/14/6 http://www.openwall.com/lists/oss-security/2023/11/14/7 http://www.openwall.com/lists/oss-security/2023/11/14/8 http://www.openwall.com/lists/oss-security/2023/11/14/9 https://lists.debian.org/debian-lts-announce/2023/12/ • CWE-1281: Sequence of Processor Instructions Leads to Unexpected Behavior •

CVSS: 9.8EPSS: 2%CPEs: 12EXPL: 1

CVE-2023-5178 – Kernel: use after free in nvmet_tcp_free_crypto in nvme

https://notcve.org/view.php?id=CVE-2023-5178

A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation. Se encontró una vulnerabilidad de use-after-free en drivers/nvme/target/tcp.c` en `nvmet_tcp_free_crypto` debido a un error lógico en el subsistema NVMe-oF/TCP en el kernel de Linux. Este problema puede permitir que un usuario malintencionado cause un problema de use-after-free y double-free, lo que puede permitir la ejecución remota de código o provocar una escalada de privilegios locales en caso de que el atacante ya tenga privilegios locales. • https://github.com/rockrid3r/CVE-2023-5178 https://access.redhat.com/errata/RHSA-2023:7370 https://access.redhat.com/errata/RHSA-2023:7379 https://access.redhat.com/errata/RHSA-2023:7418 https://access.redhat.com/errata/RHSA-2023:7548 https://access.redhat.com/errata/RHSA-2023:7549 https://access.redhat.com/errata/RHSA-2023:7551 https://access.redhat.com/errata/RHSA-2023:7554 https://access.redhat.com/errata/RHSA-2023:7557 https://access.redhat.com/errata/RHSA-2023 • CWE-416: Use After Free •

CVSS: 10.0EPSS: 96%CPEs: 12EXPL: 16

CVE-2023-46604 – Apache ActiveMQ Deserialization of Untrusted Data Vulnerability

https://notcve.org/view.php?id=CVE-2023-46604

The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. This vulnerability may allow a remote attacker with network access to either a Java-based OpenWire broker or client to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause either the client or the broker (respectively) to instantiate any class on the classpath. Users are recommended to upgrade both brokers and clients to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3 which fixes this issue. Apache ActiveMQ es vulnerable a la ejecución remota de código. La vulnerabilidad puede permitir que un atacante remoto con acceso a la red de un corredor ejecute comandos de shell arbitrarios manipulando tipos de clases serializadas en el protocolo OpenWire para hacer que el corredor cree una instancia de cualquier clase en el classpath. Se recomienda a los usuarios actualizar a la versión 5.15.16, 5.16.7, 5.17.6 o 5.18.3, que soluciona este problema. • https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ https://github.com/sule01u/CVE-2023-46604 https://github.com/mrpentst/CVE-2023-46604 https://github.com/ST3G4N05/ExploitScript-CVE-2023-46604 https://github.com/evkl1d/CVE-2023-46604 https://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell https://github.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp https://github.com/h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up https://github.com • CWE-502: Deserialization of Untrusted Data •

CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 0

CVE-2023-5363 – Incorrect cipher key & IV length processing

https://notcve.org/view.php?id=CVE-2023-5363

Issue summary: A bug has been identified in the processing of key and initialisation vector (IV) lengths. This can lead to potential truncation or overruns during the initialisation of some symmetric ciphers. Impact summary: A truncation in the IV can result in non-uniqueness, which could result in loss of confidentiality for some cipher modes. When calling EVP_EncryptInit_ex2(), EVP_DecryptInit_ex2() or EVP_CipherInit_ex2() the provided OSSL_PARAM array is processed after the key and IV have been established. Any alterations to the key length, via the "keylen" parameter or the IV length, via the "ivlen" parameter, within the OSSL_PARAM array will not take effect as intended, potentially causing truncation or overreading of these values. The following ciphers and cipher modes are impacted: RC2, RC4, RC5, CCM, GCM and OCB. For the CCM, GCM and OCB cipher modes, truncation of the IV can result in loss of confidentiality. For example, when following NIST's SP 800-38D section 8.2.1 guidance for constructing a deterministic IV for AES in GCM mode, truncation of the counter portion could lead to IV reuse. Both truncations and overruns of the key and overruns of the IV will produce incorrect results and could, in some cases, trigger a memory exception. • http://www.openwall.com/lists/oss-security/2023/10/24/1 https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0df40630850fb2740e6be6890bb905d3fc623b2d https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=5f69f5c65e483928c4b28ed16af6e5742929f1ee https://security.netapp.com/advisory/ntap-20231027-0010 https://security.netapp.com/advisory/ntap-20240201-0003 https://security.netapp.com/advisory/ntap-20240201-0004 https://www.debian.org/security/2023/dsa-5532 https://www.openssl.org/news/ • CWE-325: Missing Cryptographic Step •

CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2023-22115 – mysql: Server: DML unspecified vulnerability (CPU Oct 2023)

https://notcve.org/view.php?id=CVE-2023-22115

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). • https://security.netapp.com/advisory/ntap-20231027-0009 https://www.oracle.com/security-alerts/cpuoct2023.html https://access.redhat.com/security/cve/CVE-2023-22115 https://bugzilla.redhat.com/show_bug.cgi?id=2245034 •