CVSS: 10.0EPSS: 1%CPEs: 6EXPL: 1CVE-2023-6395 – Mock: privilege escalation for users that can access mock configuration
https://notcve.org/view.php?id=CVE-2023-6395
16 Jan 2024 — The Mock software contains a vulnerability wherein an attacker could potentially exploit privilege escalation, enabling the execution of arbitrary code with root user privileges. This weakness stems from the absence of proper sandboxing during the expansion and execution of Jinja2 templates, which may be included in certain configuration parameters. While the Mock documentation advises treating users added to the mock group as privileged, certain build systems invoking mock on behalf of users might inadvert... • http://www.openwall.com/lists/oss-security/2024/01/16/1 • CWE-20: Improper Input Validation CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2024-0232 – Sqlite: use-after-free bug in jsonparseaddnodearray
https://notcve.org/view.php?id=CVE-2024-0232
16 Jan 2024 — A heap use-after-free issue has been identified in SQLite in the jsonParseAddNodeArray() function in sqlite3.c. This flaw allows a local attacker to leverage a victim to pass specially crafted malicious input to the application, potentially causing a crash and leading to a denial of service. Se identificó un problema de uso después de la liberación del montón en SQLite en la función jsonParseAddNodeArray() en sqlite3.c. Este fallo permite que un atacante local aproveche a una víctima para que pase entradas ... • https://access.redhat.com/security/cve/CVE-2024-0232 • CWE-416: Use After Free •
CVSS: 5.3EPSS: 8%CPEs: 7EXPL: 1CVE-2023-51766 – Debian Security Advisory 5597-1
https://notcve.org/view.php?id=CVE-2023-51766
24 Dec 2023 — Exim before 4.97.1 allows SMTP smuggling in certain PIPELINING/CHUNKING configurations. Remote attackers can use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism. This occurs because Exim supports <LF>.<CR><LF> but some other popular e-mail servers do not. Exim hasta 4.97 permite el contrabando SMTP en ciertas configuraciones. • http://www.openwall.com/lists/oss-security/2023/12/24/1 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 1CVE-2023-4255 – W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223)
https://notcve.org/view.php?id=CVE-2023-4255
21 Dec 2023 — An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition. Se descubrió un problema de escritura fuera de los límites en el manejo de retroceso de la función checkType() en etc.c dentro de la aplicación W3M. Esta vulnerabilidad se a... • https://bugzilla.redhat.com/show_bug.cgi?id=2255207 • CWE-787: Out-of-bounds Write •
CVSS: 5.5EPSS: 0%CPEs: 4EXPL: 2CVE-2023-4256 – Tcpreplay: tcprewrite: double free in tcpedit_dlt_cleanup() in plugins/dlt_plugins.c
https://notcve.org/view.php?id=CVE-2023-4256
21 Dec 2023 — Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the tcpedit_dlt_cleanup() function within plugins/dlt_plugins.c. This vulnerability can be exploited by supplying a specifically crafted file to the tcprewrite binary. This flaw enables a local attacker to initiate a Denial of Service (DoS) attack. Dentro de tcprewrite de tcpreplay, se ha identificado una vulnerabilidad de doble liberación en la función tcpedit_dlt_cleanup() dentro de plugins/dlt_plugins.c. Esta vulnerabilidad... • https://bugzilla.redhat.com/show_bug.cgi?id=2255212 • CWE-415: Double Free •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2023-5764 – Ansible: template injection
https://notcve.org/view.php?id=CVE-2023-5764
12 Dec 2023 — A template injection flaw was found in Ansible where a user's controller internal templating operations may remove the unsafe designation from template data. This issue could allow an attacker to use a specially crafted file to introduce templating injection when supplying templating data. Se encontró una falla de inyección de plantilla en Ansible donde las operaciones de creación de plantillas internas del controlador de un usuario pueden eliminar la designación insegura de los datos de la plantilla. Este ... • https://access.redhat.com/errata/RHSA-2023:7773 • CWE-1336: Improper Neutralization of Special Elements Used in a Template Engine •
CVSS: 6.2EPSS: 0%CPEs: 5EXPL: 0CVE-2023-5341 – Imagemagick: heap use-after-free in coders/bmp.c
https://notcve.org/view.php?id=CVE-2023-5341
19 Nov 2023 — A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. Se encontró una falla de heap-use-after-free en coders/bmp.c en ImageMagick. handling problems and cases of missing or incomplete input sanitising may result in denial of service, memory disclosure or potentially the execution of arbitrary code if malformed image files are processed. • https://access.redhat.com/security/cve/CVE-2023-5341 • CWE-416: Use After Free •
CVSS: 3.3EPSS: 0%CPEs: 5EXPL: 0CVE-2023-5543 – Moodle: duplicating a bigbluebutton activity assigns the same meeting id
https://notcve.org/view.php?id=CVE-2023-5543
09 Nov 2023 — When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the new activity. This could provide unintended access to the original meeting. Al duplicar una actividad de BigBlueButton, el ID de la reunión original también se duplicó en lugar de utilizar un nuevo ID para la nueva actividad. Esto podría proporcionar un acceso no deseado a la reunión original. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-77795 • CWE-284: Improper Access Control •
CVSS: 3.3EPSS: 0%CPEs: 7EXPL: 0CVE-2023-5551 – Moodle: forum summary report shows students from other groups when in separate groups mode
https://notcve.org/view.php?id=CVE-2023-5551
09 Nov 2023 — Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other groups. Las restricciones del modo de grupos separados no se respetaron en el informe de resumen del foro, que mostraría usuarios de otros grupos. • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-79310 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2023-5550 – Moodle: rce due to lfi risk in some misconfigured shared hosting environments
https://notcve.org/view.php?id=CVE-2023-5550
09 Nov 2023 — In a shared hosting environment that has been misconfigured to allow access to other users' content, a Moodle user who also has direct access to the web server outside of the Moodle webroot could utilise a local file include to achieve remote code execution. En un entorno de alojamiento compartido que ha sido mal configurado para permitir el acceso al contenido de otros usuarios, un usuario de Moodle que también tiene acceso directo al servidor web fuera del root web de Moodle podría utilizar un archivo loc... • http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-72249 • CWE-94: Improper Control of Generation of Code ('Code Injection') •