|
201
|
6.5
-
|
MEDIUM
Network
|
During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerabil…
|
CWE-416
Use After Free
|
CVE-2023-5171
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:41
2023-09-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202
|
9.8
-
|
CRITICAL
Network
|
Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-5176
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:41
2023-09-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
203
|
6.5
-
|
MEDIUM
Network
|
A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vul…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-5169
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:41
2023-09-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
204
|
8.8
-
|
HIGH
Network
|
The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
|
NVD-CWE-noinfo
|
CVE-2023-41074
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:20
2023-09-28
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
205
|
7.8
-
|
HIGH
Local
|
An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the pr…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-42753
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:23
2023-09-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
206
|
7.3
-
|
HIGH
Network
|
Mediawiki v1.40.0 does not validate namespaces used in XML files.
Therefore, if the instance administrator allows XML file uploads,
a remote attacker with a low-privileged user account can use this…
|
-
|
CVE-2023-3550
|
cpe:2.3:o:debian:debian_linux:11.0:* cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:17
2023-09-26
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
207
|
7.8
-
|
HIGH
Local
|
The fix for XSA-423 added logic to Linux'es netback driver to deal with
a frontend splitting a packet in a way such that not all of the headers
would come in one piece. Unfortunately the logic intro…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-34319
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:07
2023-09-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208
|
6.1
-
|
MEDIUM
Network
|
Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of program/lib/Roundcube/rcube_string_replacer.php behavior.
|
CWE-79
Cross-site Scripting
|
CVE-2023-43770
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:24
2023-09-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209
|
7.0
-
|
HIGH
Local
|
Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issu…
|
CWE-787
Out-of-bounds Write
|
CVE-2023-4504
|
cpe:2.3:o:debian:debian_linux:10.0:*
|
|
|
|
|
2024-11-21 17:35
2023-09-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210
|
8.8
-
|
HIGH
Network
|
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have …
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2023-41993
|
cpe:2.3:o:debian:debian_linux:12.0:* cpe:2.3:o:debian:debian_linux:11.0:*
|
|
|
|
|
2024-11-21 17:22
2023-09-22
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|