CVE-2023-3161
- EPSS 0.21%
- Veröffentlicht 12.06.2023 20:15:12
- Zuletzt bearbeitet 11.03.2025 15:15:39
A flaw was found in the Framebuffer Console (fbcon) in the Linux Kernel. When providing font->width and font->height greater than 32 to fbcon_set_font, since there are no checks in place, a shift-out-of-bounds occurs leading to undefined behavior and...
CVE-2023-2454
- EPSS 1.19%
- Veröffentlicht 09.06.2023 19:15:09
- Zuletzt bearbeitet 06.01.2025 18:15:13
schema_element defeats protective search_path changes; It was found that certain database calls in PostgreSQL could permit an authed attacker with elevated database-level privileges to execute arbitrary code.
CVE-2023-2455
- EPSS 0.69%
- Veröffentlicht 09.06.2023 19:15:09
- Zuletzt bearbeitet 06.01.2025 18:15:13
Row security policies disregard user ID changes after inlining; PostgreSQL could permit incorrect policies to be applied in certain cases where role-specific policies are used and a given query is planned under one role and then executed under other ...
CVE-2023-32732
- EPSS 0.53%
- Veröffentlicht 09.06.2023 11:15:09
- Zuletzt bearbeitet 13.02.2025 17:16:32
gRPC contains a vulnerability whereby a client can cause a termination of connection between a HTTP2 proxy and a gRPC server: a base64 encoding error for `-bin` suffixed headers will result in a disconnection by the gRPC server, but is typically allo...
CVE-2023-29404
- EPSS 1.84%
- Veröffentlicht 08.06.2023 21:15:17
- Zuletzt bearbeitet 06.01.2025 20:15:26
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via...
CVE-2023-29405
- EPSS 1.73%
- Veröffentlicht 08.06.2023 21:15:17
- Zuletzt bearbeitet 06.01.2025 20:15:26
The go command may execute arbitrary code at build time when using cgo. This may occur when running "go get" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via...
CVE-2023-29402
- EPSS 1.71%
- Veröffentlicht 08.06.2023 21:15:16
- Zuletzt bearbeitet 06.01.2025 22:15:08
The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cgo. This may occur when running an untrusted module which contains directories with newline charact...
CVE-2023-29403
- EPSS 0.43%
- Veröffentlicht 08.06.2023 21:15:16
- Zuletzt bearbeitet 06.01.2025 20:15:25
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a s...
CVE-2023-34969
- EPSS 1.42%
- Veröffentlicht 08.06.2023 03:15:08
- Zuletzt bearbeitet 09.06.2025 15:15:29
D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with...
CVE-2023-2603
- EPSS 0.57%
- Veröffentlicht 06.06.2023 20:15:13
- Zuletzt bearbeitet 02.12.2025 21:15:51
A vulnerability was found in libcap. This issue occurs in the _libcap_strdup() function and can lead to an integer overflow if the input string is close to 4GiB.