CVE-2023-3269
- EPSS 1.48%
- Veröffentlicht 11.07.2023 12:15:10
- Zuletzt bearbeitet 21.11.2024 08:16:52
A vulnerability exists in the memory management subsystem of the Linux kernel. The lock handling for accessing and updating virtual memory areas (VMAs) is incorrect, leading to use-after-free problems. This issue can be successfully exploited to exec...
CVE-2023-1672
- EPSS 0.57%
- Veröffentlicht 11.07.2023 12:15:09
- Zuletzt bearbeitet 21.11.2024 07:39:39
A race condition exists in the Tang server functionality for key generation and key rotation. This flaw results in a small time window where Tang private keys become readable by other processes on the same host.
CVE-2023-34432
- EPSS 0.39%
- Veröffentlicht 10.07.2023 21:15:10
- Zuletzt bearbeitet 21.11.2024 08:07:13
A heap buffer overflow vulnerability was found in sox, in the lsx_readbuf function at sox/src/formats_i.c:98:16. This flaw can lead to a denial of service, code execution, or information disclosure.
CVE-2023-26590
- EPSS 0.21%
- Veröffentlicht 10.07.2023 18:15:10
- Zuletzt bearbeitet 27.06.2025 18:51:27
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.
CVE-2023-32627
- EPSS 0.28%
- Veröffentlicht 10.07.2023 18:15:10
- Zuletzt bearbeitet 27.06.2025 18:51:27
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.
CVE-2023-34318
- EPSS 0.28%
- Veröffentlicht 10.07.2023 18:15:10
- Zuletzt bearbeitet 27.06.2025 18:51:27
A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.
CVE-2023-1183
- EPSS 64.64%
- Veröffentlicht 10.07.2023 16:15:48
- Zuletzt bearbeitet 21.11.2024 07:38:37
A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose location was determined by the attacker.
CVE-2023-35934
- EPSS 1.04%
- Veröffentlicht 06.07.2023 20:15:09
- Zuletzt bearbeitet 21.11.2024 08:09:00
yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragme...
CVE-2023-35001
- EPSS 1.51%
- Veröffentlicht 05.07.2023 19:15:10
- Zuletzt bearbeitet 21.11.2024 08:07:48
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
CVE-2023-31248
- EPSS 2.05%
- Veröffentlicht 05.07.2023 19:15:09
- Zuletzt bearbeitet 21.11.2024 08:01:42
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace