CVE-2023-2602
- EPSS 0.35%
- Veröffentlicht 06.06.2023 20:15:12
- Zuletzt bearbeitet 21.11.2024 07:58:54
A vulnerability was found in the pthread_create() function in libcap. This issue may allow a malicious actor to use cause __real_pthread_create() to return an error, which can exhaust the process memory.
CVE-2023-33460
- EPSS 1.13%
- Veröffentlicht 06.06.2023 12:15:09
- Zuletzt bearbeitet 08.01.2025 17:15:12
There's a memory leak in yajl 2.1.0 with use of yajl_tree_parse function. which will cause out-of-memory in server and cause crash.
CVE-2023-3079
- EPSS 32.72%
- Veröffentlicht 05.06.2023 22:15:12
- Zuletzt bearbeitet 24.10.2025 14:07:38
Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-34410
- EPSS 0.73%
- Veröffentlicht 05.06.2023 03:15:09
- Zuletzt bearbeitet 20.03.2025 21:30:54
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configured CA certificate.
CVE-2023-34151
- EPSS 1.02%
- Veröffentlicht 30.05.2023 22:15:11
- Zuletzt bearbeitet 02.12.2024 14:34:36
A vulnerability was found in ImageMagick. This security flaw ouccers as an undefined behaviors of casting double to size_t in svg, mvg and other coders (recurring bugs of CVE-2022-32546).
CVE-2023-34152
- EPSS 8.01%
- Veröffentlicht 30.05.2023 22:15:11
- Zuletzt bearbeitet 13.01.2025 19:15:10
A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured.
CVE-2023-34153
- EPSS 3.16%
- Veröffentlicht 30.05.2023 22:15:11
- Zuletzt bearbeitet 27.02.2026 21:17:21
A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding.
CVE-2023-28321
- EPSS 1.81%
- Veröffentlicht 26.05.2023 21:15:16
- Zuletzt bearbeitet 15.01.2025 16:15:26
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function...
CVE-2023-28322
- EPSS 2.21%
- Veröffentlicht 26.05.2023 21:15:16
- Zuletzt bearbeitet 13.02.2026 20:16:15
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if ...
CVE-2023-32681
- EPSS 2.97%
- Veröffentlicht 26.05.2023 18:15:14
- Zuletzt bearbeitet 13.02.2025 17:16:32
Requests is a HTTP library. Since Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to destination servers when redirected to an HTTPS endpoint. This is a product of how we use `rebuild_proxies` to reattach the `Proxy-Authorizatio...