CVE-2023-39928
- EPSS 1.41%
- Veröffentlicht 06.10.2023 16:15:13
- Zuletzt bearbeitet 04.11.2025 20:16:36
A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitrary code execution. A user would need to to visit a ...
CVE-2023-39323
- EPSS 1.76%
- Veröffentlicht 05.10.2023 21:15:11
- Zuletzt bearbeitet 12.06.2025 16:15:20
Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build"...
CVE-2023-5441
- EPSS 0.43%
- Veröffentlicht 05.10.2023 21:15:11
- Zuletzt bearbeitet 21.11.2024 08:41:46
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960.
CVE-2023-40745
- EPSS 1.13%
- Veröffentlicht 05.10.2023 19:15:11
- Zuletzt bearbeitet 21.11.2024 08:20:03
LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow.
CVE-2023-41175
- EPSS 1.04%
- Veröffentlicht 05.10.2023 19:15:11
- Zuletzt bearbeitet 04.12.2024 08:15:05
A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based...
CVE-2023-42754
- EPSS 0.41%
- Veröffentlicht 05.10.2023 19:15:11
- Zuletzt bearbeitet 21.11.2024 08:23:06
A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue...
CVE-2023-5346
- EPSS 1.74%
- Veröffentlicht 05.10.2023 18:15:13
- Zuletzt bearbeitet 01.05.2025 20:15:35
Type confusion in V8 in Google Chrome prior to 117.0.5938.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-39191
- EPSS 0.52%
- Veröffentlicht 04.10.2023 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:14:52
An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with...
CVE-2023-3428
- EPSS 0.31%
- Veröffentlicht 04.10.2023 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:17:14
A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an application crash and denial of service.
CVE-2023-3576
- EPSS 0.35%
- Veröffentlicht 04.10.2023 19:15:10
- Zuletzt bearbeitet 23.06.2026 18:17:32
A memory leak flaw was found in Libtiff's tiffcrop utility. This issue occurs when tiffcrop operates on a TIFF image file, allowing an attacker to pass a crafted TIFF image file to tiffcrop utility, which causes this memory leak issue, resulting an a...