Description
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
Base Score: 9.8 CRITICAL
https://www.openwall.com/lists/oss-security/2022/12/21/4
______________________________
Description
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
Base Score: 9.8 CRITICAL
https://www.openwall.com/lists/oss-security/2022/12/21/4
_______________________________
Description
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
Base Score: 7.8 HIGH
https://bugzilla.redhat.com/show_bug.cgi?id=2126720
CVE-2023-23381 Description Visual Studio Remote Code Execution Vulnerability Base Score: 8.4 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23381 CVE-2023-21823 Description Windows Graphics Component Remote Code Execution Vulnerability Base Score: 7.8 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21823 CVE-2023-21815 Description Visual Studio Remote Code Execution Vulnerability Base Score: 8.4 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21815 CVE-2023-21808 Description .NET and Visual Studio Remote Code Execution Vulnerability Base Score: 7.8 HIGH https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21808 ______________________________________________________ […]
CVE-2023-21597 Description Adobe InCopy versions 18.0 (and earlier), 17.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Base Score: 7.8 HIGH https://helpx.adobe.com/security/products/incopy/apsb23-08.html ____________________________________ CVE-2023-21596 Description […]
CVE-2022-47986 Description IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary code on the system. The obsolete API call was […]
Leave a Reply