CVE-2023-3217
- EPSS 16.59%
- Published 13.06.2023 18:15:22
- Last modified 05.05.2025 16:15:44
Use after free in WebXR in Google Chrome prior to 114.0.5735.133 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-20867
- EPSS 0.98%
- Published 13.06.2023 17:15:14
- Last modified 10.03.2025 20:43:28
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
CVE-2023-3161
- EPSS 0.01%
- Published 12.06.2023 20:15:12
- Last modified 11.03.2025 15:15:39
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and...
CVE-2023-2454
- EPSS 0.24%
- Published 09.06.2023 19:15:09
- Last modified 06.01.2025 18:15:13
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
CVE-2023-2455
- EPSS 0.21%
- Published 09.06.2023 19:15:09
- Last modified 06.01.2025 18:15:13
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other ...
CVE-2023-32732
- EPSS 0.02%
- Published 09.06.2023 11:15:09
- Last modified 13.02.2025 17:16:32
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allo...
CVE-2023-29404
- EPSS 0.08%
- Published 08.06.2023 21:15:17
- Last modified 06.01.2025 20:15:26
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via...
CVE-2023-29405
- EPSS 0.33%
- Published 08.06.2023 21:15:17
- Last modified 06.01.2025 20:15:26
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via...
CVE-2023-29402
- EPSS 0.12%
- Published 08.06.2023 21:15:16
- Last modified 06.01.2025 22:15:08
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline charact...
CVE-2023-29403
- EPSS 0.01%
- Published 08.06.2023 21:15:16
- Last modified 06.01.2025 20:15:25
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a s...