- EPSS 0.23%
- Veröffentlicht 03.11.2023 09:15:13
- Zuletzt bearbeitet 21.11.2024 07:39:16
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate the...
CVE-2023-46847
- EPSS 85.94%
- Veröffentlicht 03.11.2023 08:15:08
- Zuletzt bearbeitet 21.11.2024 08:29:25
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP Digest Authentication.
CVE-2023-46848
- EPSS 10.22%
- Veröffentlicht 03.11.2023 08:15:08
- Zuletzt bearbeitet 21.11.2024 08:29:25
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
CVE-2023-4091
- EPSS 1.17%
- Veröffentlicht 03.11.2023 08:15:08
- Zuletzt bearbeitet 21.11.2024 08:34:22
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignore system acls = yes". The SMB protocol allows openi...
CVE-2023-46846
- EPSS 5.26%
- Veröffentlicht 03.11.2023 08:15:07
- Zuletzt bearbeitet 18.12.2024 01:15:06
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
CVE-2023-3972
- EPSS 0.26%
- Veröffentlicht 01.11.2023 16:15:08
- Zuletzt bearbeitet 21.11.2024 08:18:25
A vulnerability was found in insights-client. This security issue occurs because of insecure file operations or unsafe handling of temporary files and directories that lead to local privilege escalation. Before the insights-client has been registered...
CVE-2023-5633
- EPSS 0.28%
- Veröffentlicht 23.10.2023 22:15:09
- Zuletzt bearbeitet 25.02.2026 19:29:20
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acce...
CVE-2023-4911
- EPSS 81.42%
- Veröffentlicht 03.10.2023 18:15:10
- Zuletzt bearbeitet 12.05.2026 16:24:45
A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launch...
CVE-2023-5157
- EPSS 2.02%
- Veröffentlicht 27.09.2023 15:19:41
- Zuletzt bearbeitet 01.10.2025 15:15:41
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.
CVE-2023-4527
- EPSS 1.51%
- Veröffentlicht 18.09.2023 17:15:55
- Zuletzt bearbeitet 12.05.2026 11:16:15
A flaw was found in glibc. When the getaddrinfo function is called with the AF_UNSPEC address family and the system is configured with no-aaaa mode via /etc/resolv.conf, a DNS response via TCP larger than 2048 bytes can potentially disclose stack con...