CVE-2021-3923
- EPSS 0.2%
- Veröffentlicht 27.03.2023 21:15:09
- Zuletzt bearbeitet 24.02.2025 20:15:31
A flaw was found in the Linux kernel's implementation of RDMA over infiniband. An attacker with a privileged local account can leak kernel stack information when issuing commands to the /dev/infiniband/rdma_cm device node. While this access is unlike...
CVE-2023-28686
- EPSS 0.7%
- Veröffentlicht 24.03.2023 04:15:55
- Zuletzt bearbeitet 19.02.2025 22:15:16
Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force a victim to join a group chat; the victim may then...
CVE-2023-28333
- EPSS 1.17%
- Veröffentlicht 23.03.2023 21:15:20
- Zuletzt bearbeitet 21.11.2024 07:54:51
The Mustache pix helper contained a potential Mustache injection risk if combined with user input (note: This did not appear to be implemented/exploitable anywhere in the core Moodle LMS).
CVE-2023-28336
- EPSS 0.74%
- Veröffentlicht 23.03.2023 21:15:20
- Zuletzt bearbeitet 21.11.2024 07:54:52
Insufficient filtering of grade report history made it possible for teachers to access the names of users they could not otherwise access.
CVE-2023-0056
- EPSS 1.83%
- Veröffentlicht 23.03.2023 21:15:19
- Zuletzt bearbeitet 25.02.2025 20:15:31
An uncontrolled resource consumption vulnerability was discovered in HAProxy which could crash the service. This issue could allow an authenticated remote attacker to run a specially crafted malicious server in an OpenShift cluster. The biggest impac...
CVE-2023-1513
- EPSS 0.23%
- Veröffentlicht 23.03.2023 21:15:19
- Zuletzt bearbeitet 25.02.2025 20:15:32
A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, causing an information leak.
CVE-2023-1289
- EPSS 0.87%
- Veröffentlicht 23.03.2023 20:15:14
- Zuletzt bearbeitet 21.11.2024 07:38:50
A vulnerability was discovered in ImageMagick where a specially created SVG file loads itself and causes a segmentation fault. This flaw allows a remote attacker to pass a specially crafted SVG file that leads to a segmentation fault, generating many...
CVE-2023-1544
- EPSS 0.31%
- Veröffentlicht 23.03.2023 20:15:14
- Zuletzt bearbeitet 03.11.2025 20:15:59
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially ...
CVE-2023-28439
- EPSS 0.73%
- Veröffentlicht 22.03.2023 21:15:18
- Zuletzt bearbeitet 21.11.2024 07:55:04
CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. A cross-site scripting vulnerability has been discovered affecting Iframe Dialog and Media Embed packages. The vulnerability may trigger a JavaScript code after fulfilling special ...
CVE-2023-1528
- EPSS 0.77%
- Veröffentlicht 21.03.2023 21:15:12
- Zuletzt bearbeitet 21.11.2024 07:39:22
Use after free in Passwords in Google Chrome prior to 111.0.5563.110 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)