CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2023-32550 – Landscape's Apache server-status is accessible by default
https://notcve.org/view.php?id=CVE-2023-32550
Landscape's server-status page exposed sensitive system information. This data leak included GET requests which contain information to attack and leak further information from the Landscape API. • https://bugs.launchpad.net/landscape/+bug/1929037 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2023-32549 – Landscape insecure token generation
https://notcve.org/view.php?id=CVE-2023-32549
Landscape cryptographic keys were insecurely generated with a weak pseudo-random generator. • https://bugs.launchpad.net/landscape/+bug/1929034 • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 1CVE-2023-1523
https://notcve.org/view.php?id=CVE-2023-1523
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console. Utilizando la petición IOCTL de TIOCLINUX, un snap malicoso podría inyectar contenido en la entrada del terminal de control, lo que podría permitir que se ejecutaran comandos arbitrarios fuera del sandbox del snap después de que éste saliera. Los emuladores gráficos de terminal como xterm, gnome-terminal y otros no se ven afectados. Esto sólo puede ser explotado cuando los snaps se ejecutan en una consola virtual. • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1523 https://github.com/snapcore/snapd/pull/12849 https://marc.info/?l=oss-security&m=167879021709955&w=2 https://ubuntu.com/security/notices/USN-6125-1 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 4.7EPSS: 0%CPEs: 3EXPL: 0CVE-2023-2612 – shiftfs lock unbalance in Ubuntu-specific kernels
https://notcve.org/view.php?id=CVE-2023-2612
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). • http://packetstormsecurity.com/files/173087/Kernel-Live-Patch-Security-Notice-LSN-0095-1.html https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/kinetic/commit/?id=02b47547824b1cd0d55c6744f91886f04de8947e https://ubuntu.com/security/CVE-2023-2612 https://ubuntu.com/security/notices/USN-6122-1 https://ubuntu.com/security/notices/USN-6123-1 https://ubuntu.com/security/notices/USN-6124-1 https://ubuntu.com/security/notices/USN-6127-1 • CWE-667: Improper Locking •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2023-1786 – sensitive data exposure in cloud-init logs
https://notcve.org/view.php?id=CVE-2023-1786
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege. A vulnerability was found in cloud-init. With this flaw, exposure of sensitive data is possible in world-readable cloud-init logs. This flaw allows an attacker to use this information to find hashed passwords and possibly escalate their privilege. • https://bugs.launchpad.net/cloud-init/+bug/2013967 https://github.com/canonical/cloud-init/commit/a378b7e4f47375458651c0972e7cd813f6fe0a6b https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ATBJSXPL2IOAD2LDQRKWPLIC7QXS44GZ https://ubuntu.com/security/notices/USN-6042-1 https://access.redhat.com/security/cve/CVE-2023-1786 https://bugzilla.redhat.com/show_bug.cgi?id=2190079 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-532: Insertion of Sensitive Information into Log File •