CVE-2023-5455
- EPSS 0.57%
- Veröffentlicht 10.01.2024 13:15:48
- Zuletzt bearbeitet 18.03.2026 04:16:51
A Cross-site request forgery vulnerability exists in ipa/session/login_password in all supported versions of IPA. This flaw allows an attacker to trick the user into submitting a request that could perform actions as the user, resulting in a loss of ...
CVE-2023-47038
- EPSS 0.83%
- Veröffentlicht 18.12.2023 14:15:08
- Zuletzt bearbeitet 04.11.2025 19:16:05
A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer.
CVE-2023-6478
- EPSS 1.63%
- Veröffentlicht 13.12.2023 07:15:31
- Zuletzt bearbeitet 23.06.2026 18:17:38
A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive information.
CVE-2023-6377
- EPSS 1.59%
- Veröffentlicht 13.12.2023 07:15:30
- Zuletzt bearbeitet 23.06.2026 18:17:37
A flaw was found in xorg-server. Querying or changing XKB button actions such as moving from a touchpad to a mouse can result in out-of-bounds memory reads and writes. This may allow local privilege escalation or possible remote code execution in cas...
CVE-2023-5868
- EPSS 2.78%
- Veröffentlicht 10.12.2023 18:15:07
- Zuletzt bearbeitet 23.06.2026 18:17:37
A memory disclosure vulnerability was found in PostgreSQL that allows remote users to access sensitive information by exploiting certain aggregate function calls with 'unknown'-type arguments. Handling 'unknown'-type values from string literals witho...
CVE-2023-5869
- EPSS 4.32%
- Veröffentlicht 10.12.2023 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:17:13
A flaw was found in PostgreSQL that allows authenticated database users to execute arbitrary code through missing overflow checks during SQL array value modification. This issue exists due to an integer overflow during array modification where a remo...
CVE-2023-5870
- EPSS 2.56%
- Veröffentlicht 10.12.2023 18:15:07
- Zuletzt bearbeitet 04.11.2025 20:17:14
A flaw was found in PostgreSQL involving the pg_cancel_backend role that signals background workers, including the logical replication launcher, autovacuum workers, and the autovacuum launcher. Successful exploitation requires a non-core extension wi...
CVE-2023-6606
- EPSS 0.53%
- Veröffentlicht 08.12.2023 17:15:07
- Zuletzt bearbeitet 21.11.2024 08:44:11
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
CVE-2023-42669
- EPSS 1.72%
- Veröffentlicht 06.11.2023 07:15:09
- Zuletzt bearbeitet 21.11.2024 08:22:55
A vulnerability was found in Samba's "rpcecho" development server, a non-Windows RPC server used to test Samba's DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the "rpc...
CVE-2023-3961
- EPSS 2.41%
- Veröffentlicht 03.11.2023 13:15:08
- Zuletzt bearbeitet 21.11.2024 08:18:24
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect SMB clients to remote procedure call (RPC) services ...