CVE-2023-21933

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DDL. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...

CVE-2023-21931

CVE-2023-21931 is a pre-auth, unauthenticated remote code execution/vulnerability in Oracle WebLogic Server (Fusion Middleware) affecting Core, with affected versions 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0. The public sources describe network access via T3 (and IIOP in related discussions) enabli...

CVE-2023-21920

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21920

Summary: CVE-2023-21920 affects Oracle MySQL Server (Server: Optimizer). Affected: MySQL 8.0.32 and earlier. Exploitable with network access via multiple protocols by a highly privileged attacker, leading to a hang or frequent crashes (DoS) of MySQL Server. CVSS v3.1 base score 4.9 (Impact: Avail...

CVE-2023-21919

CVE-2023-21919 affects Oracle MySQL Server (component: Server: DDL), with vulnerable versions 8.0.32 and earlier. The issue allows a high-privilege attacker who can reach the server over multiple protocols to cause a hang or crash (DoS), as reflected by the CVSS availability impact. Connected adv...

CVE-2023-21915

CVE-2023-21915 affects Oracle Banking Payments (Oracle Financial Services Applications), specifically the Book/Internal Transfer component, with affected versions 14.5–14.7. The vulnerability is described as insufficient input validation allowing a low-privilege, network-accessible attacker (via ...

CVE-2023-21913

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2023-21913

CVE-2023-21913 affects Oracle MySQL Server (Server: Optimizer) with vulnerable versions up to 8.0.31. An attacker with network access and high privileges can cause a hang or complete DoS via multiple protocols. Public advisories indicate fixes in later MySQL 8.0.x releases (e.g., RHSA-2023:3087 n...

FANUC ROBOGUIDE-HandlingPRO

1. EXECUTIVE SUMMARY CVSS v3 6.8 ATTENTION: Exploitable remotely Vendor: FANUC Equipment: ROBOGUIDE-HandlingPRO Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to read and/or overwrite files on the system running the affected...

CVE-2023-2130

A vulnerability classified as critical has been found in SourceCodester Purchase Order Management System 1.0. Affected is an unknown function of the file /admin/suppliers/viewdetails.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. It is...

Mozilla: libwebp: Double-free in libwebp

The Mozilla Foundation Security Advisory describes this flaw as: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash...

Mozilla: Potential Memory Corruption following Garbage Collector compaction

The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...

Mozilla: libwebp: Double-free in libwebp

The Mozilla Foundation Security Advisory describes this flaw as: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash...

Mozilla: Invalid free from JavaScript code

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...

Mozilla: Potential Memory Corruption following Garbage Collector compaction

The Mozilla Foundation Security Advisory describes this flaw as: Following a Garbage Collector compaction, weak maps may have been accessed before they were correctly traced. This resulted in memory corruption and a potentially exploitable crash...

Mozilla: Memory Corruption in Safe Browsing Code

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash...

Mozilla: Memory Corruption in Safe Browsing Code

The Mozilla Foundation Security Advisory describes this flaw as: Unexpected data returned from the Safe Browsing API could have led to memory corruption and a potentially exploitable crash...

Mozilla: libwebp: Double-free in libwebp

The Mozilla Foundation Security Advisory describes this flaw as: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash...

Mozilla: libwebp: Double-free in libwebp

The Mozilla Foundation Security Advisory describes this flaw as: A double-free in libwebp could have led to memory corruption and a potentially exploitable crash...

Mozilla: Invalid free from JavaScript code

The Mozilla Foundation Security Advisory describes this flaw as: An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash...