CVE-2023-39372

StarTrinity Softswitch version 2023-02-16 - Multiple CSRF CWE-352...

BELL-CVE-2018-12543 CVE-2018-12543 does not affect BellSoft software

Bulletin has no description...

UBUNTU-CVE-2023-35394

Azure HDInsight Jupyter Notebook Spoofing Vulnerability...

PT-2025-27626

Name of the Vulnerable Software and Affected Versions Hikvision Integrated Security Management Platform affected versions not specified Description An unauthenticated remote command execution issue exists in the applyCT component of the Hikvision Integrated Security Management Platform. This is d...

CVE-2023-38187

Microsoft Edge Chromium-based Elevation of Privilege Vulnerability...

CVE-2022-29144

Microsoft Edge Chromium-based Elevation of Privilege Vulnerability...

USN-6121-1 nanopb vulnerabilities

It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this cause a denial of service or expose sensitive information. CVE-2020-26243 It was discovered that Nanopb incorrectly handled certain decode messages. An attacker could possibly use this...

AZL-26917 CVE-2023-31130 affecting package fluent-bit for versions less than 2.1.10-1

c-ares is an asynchronous resolver library. aresinetnetpton is vulnerable to a buffer underflow for certain ipv6 addresses, in particular "0::00:00:00/2" was found to cause an issue. C-ares only uses this function internally for configuration purposes which would require an administrator to...

PT-2023-35839 · Libredwg · Libredwg

Name of the Vulnerable Software and Affected Versions: LibreDWG affected versions not specified Description: The issue is related to a crash caused by an unknown read. Technical details about the crash include the function names dxf fixup string, dwg dxf DIMENSION ALIGNED private, and dwg dxf...

An issue was discovered in hyper v0.13.7. h2-0.2.4 Stream stacking occurs when the H2 component processes HTTP2 RST_STREAM frames. As a result the memory and CPU usage are high which can lead to a Denial of Service (DoS).

...

AZL-26670 CVE-2023-32573 affecting package qt5-qtsvg for versions less than 5.15.9-1

In Qt before 5.15.14, 6.0.x through 6.2.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1, QtSvg QSvgFont munitsPerEm initialization is mishandled...

CVE-2023-28306

Windows DNS Server Remote Code Execution Vulnerability...

CVE-2023-28293

Windows Kernel Elevation of Privilege Vulnerability...

CVE-2023-26065

Certain Lexmark devices through 2023-02-19 have an Integer Overflow...

CVE-2020-23259

An issue found in Jsish v.3.0.11 and before allows an attacker to cause a denial of service via the JsiStrlen function in the src/jsiChar.c file...

CLSA-2023-1678136537 httpd: Fix of CVE-2006-20001

CVE-2006-20001: moddav: out-of-bounds read/write...

CVE-2023-23461

Libpeconv – access violation, before commit b076013 30/11/2022...

SUSE CVE-2008-0073

Array index error in the sdpplinparse function in input/libreal/sdpplin.c in xine-lib 1.1.10.1 allows remote RTSP servers to execute arbitrary code via a large streamid SDP parameter...

SUSE CVE-2021-36690

A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges e.g., is intentionally allowe...

USN-5870-1 APR-util vulnerability

Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...