CVE-2023-42822
- EPSS 0.63%
- Veröffentlicht 27.09.2023 18:15:11
- Zuletzt bearbeitet 03.11.2025 20:16:02
xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The v...
CVE-2023-5169
- EPSS 1%
- Veröffentlicht 27.09.2023 15:19:42
- Zuletzt bearbeitet 21.11.2024 08:41:13
A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR < 115...
CVE-2023-5171
- EPSS 1.02%
- Veröffentlicht 27.09.2023 15:19:42
- Zuletzt bearbeitet 21.11.2024 08:41:13
During Ion compilation, a Garbage Collection could have resulted in a use-after-free condition, allowing an attacker to write two NUL bytes, and cause a potentially exploitable crash. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and...
CVE-2023-5157
- EPSS 2.02%
- Veröffentlicht 27.09.2023 15:19:41
- Zuletzt bearbeitet 01.10.2025 15:15:41
A vulnerability was found in MariaDB. An OpenVAS port scan on ports 3306 and 4567 allows a malicious remote client to cause a denial of service.
CVE-2023-42453
- EPSS 0.65%
- Veröffentlicht 27.09.2023 15:19:32
- Zuletzt bearbeitet 21.11.2024 08:22:33
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. Users were able to forge read receipts for any event (if they knew the room ID and event ID). Note that the users were not able to view the events, but s...
CVE-2023-41335
- EPSS 0.36%
- Veröffentlicht 27.09.2023 15:19:30
- Zuletzt bearbeitet 21.11.2024 08:21:06
Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. When users update their passwords, the new credentials may be briefly held in the server database. While this doesn't grant the server any added capabili...
CVE-2023-41074
- EPSS 3.61%
- Veröffentlicht 27.09.2023 15:19:26
- Zuletzt bearbeitet 21.11.2024 08:20:30
The issue was addressed with improved checks. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
CVE-2023-35074
- EPSS 1.46%
- Veröffentlicht 27.09.2023 15:18:52
- Zuletzt bearbeitet 05.05.2025 16:15:40
The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution.
CVE-2022-4318
- EPSS 0.27%
- Veröffentlicht 25.09.2023 20:15:10
- Zuletzt bearbeitet 21.11.2024 07:35:01
A vulnerability was found in cri-o. This issue allows the addition of arbitrary lines into /etc/passwd by use of a specially crafted environment variable.
CVE-2023-4156
- EPSS 0.43%
- Veröffentlicht 25.09.2023 18:15:11
- Zuletzt bearbeitet 21.11.2024 08:34:30
A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information.