CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2023-24752
https://notcve.org/view.php?id=CVE-2023-24752
libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. • https://github.com/strukturag/libde265/issues/378 https://lists.debian.org/debian-lts-announce/2023/03/msg00004.html • CWE-476: NULL Pointer Dereference •
CVSS: 9.8EPSS: 97%CPEs: 7EXPL: 9CVE-2023-27372 – SPIP v4.2.0 - Remote Code Execution (Unauthenticated)
https://notcve.org/view.php?id=CVE-2023-27372
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. SPIP versions 4.2.1 and below suffer from an unauthenticated remote code execution vulnerability. • https://www.exploit-db.com/exploits/51536 https://github.com/nuts7/CVE-2023-27372 https://github.com/ThatNotEasy/CVE-2023-27372 https://github.com/0SPwn/CVE-2023-27372-PoC https://github.com/izzz0/CVE-2023-27372-POC https://github.com/Chocapikk/CVE-2023-27372 https://github.com/1amthebest1/CVE-2023-27372 https://github.com/Jhonsonwannaa/CVE-2023-27372 https://github.com/redboltsec/CVE-2023-27372-PoC http://packetstormsecurity.com/files/171921/SPIP-Remote-Command-Execution.ht •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 3CVE-2023-0045 – Incorrect indirect branch prediction barrier in the Linux Kernel
https://notcve.org/view.php?id=CVE-2023-0045
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall. The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96 • https://github.com/ASkyeye/CVE-2023-0045 https://github.com/es0j/CVE-2023-0045 https://git.kernel.org/tip/a664ec9158eeddd75121d39c9a0758016097fa96 https://github.com/google/security-research/security/advisories/GHSA-9x5g-vmxf-4qj8 https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html https://lists.debian.org/debian-lts-announce/2023/05/msg00006.html https://security.netapp.com/advisory/ntap-20230714-0001 • CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 6.5EPSS: 0%CPEs: 16EXPL: 1CVE-2023-23916 – curl: HTTP multi-header compression denial of service
https://notcve.org/view.php?id=CVE-2023-23916
An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors. A flaw was found in the Curl package. A malicious server can insert an unlimited number of compression steps. • https://hackerone.com/reports/1826048 https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO https://security.gentoo.org/glsa/202310-12 https://security.netapp.com/advisory/ntap-20230309-0006 https://www.debian.org/security/2023/dsa-5365 https://access.redhat.com/security/cve/CVE-2023-23916 https://bugzilla.redhat.com/show_bug.cgi?id=2167815 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.2EPSS: 0%CPEs: 8EXPL: 0CVE-2023-23920 – Node.js: insecure loading of ICU data through ICU_DATA environment variable
https://notcve.org/view.php?id=CVE-2023-23920
An untrusted search path vulnerability exists in Node.js. <19.6.1, <18.14.1, <16.19.1, and <14.21.3 that could allow an attacker to search and potentially load ICU data when running with elevated privileges. • https://lists.debian.org/debian-lts-announce/2023/02/msg00038.html https://nodejs.org/en/blog/vulnerability/february-2023-security-releases https://security.netapp.com/advisory/ntap-20230316-0008 https://www.debian.org/security/2023/dsa-5395 https://access.redhat.com/security/cve/CVE-2023-23920 https://bugzilla.redhat.com/show_bug.cgi?id=2172217 • CWE-426: Untrusted Search Path •