CVE-2023-5593

The out-of-bounds write vulnerability in the Windows-based SecuExtender SSL VPN Client software version 4.0.4.0 could allow an authenticated local user to gain a privilege escalation by sending a crafted CREATE message...

Zyxel SecuExtender SSL VPN Client Security Vulnerability

Zyxel SecuExtender SSL VPN Client is a product for secure access to remote local area networks from China-based Zyxel. A security vulnerability exists in Zyxel SecuExtender SSL VPN Client version 4.0.4.0, which originates from allowing authenticated local users to gain privilege escalation by...

Kernel: qxl: race condition leading to use-after-free in qxl_mode_dumb_create()

...

CVE-2023-6014 MLflow Authentication Bypass

An attacker is able to arbitrarily create an account in MLflow bypassing any authentication requirment...

USN-6480-1 dotnet6, dotnet7, dotnet8 vulnerabilities

Barry Dorrans discovered that .NET did not properly implement certain security features for Blazor server forms. An attacker could possibly use this issue to bypass validation, which could trigger unintended actions. CVE-2023-36558 Piotr Bazydlo discovered that .NET did not properly handle...

PT-2023-35586 · Git +1 · Opensc

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type identified as Invalid-free. The crash state involves several function calls, including sc file clear acl entries, sc...

kernel: drm/vkms: Fix memory leak in vkms_init()

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix memory leak in vkmsinit A memory leak was reported after the vkms module install failed. unreferenced object 0xffff88810bc28520 size 16: comm "modprobe", pid 9662, jiffies 4298009455 age 42.590s hex dump first 16...

mariadb: server crash in create_tmp_table::finalize

A flaw was found in MariaDB. The component, Createtmptable::finalize, allows attackers to cause a denial of service DoS via specially crafted SQL statements, affecting availability...

Debian dla-3649 : python-urllib3 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3649 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3649-1 [email protected] https://www.debian.org/lts/security/...

CVE-2023-23796

Improper Neutralization of Formula Elements in a CSV File vulnerability in Muneeb Form Builder | Create Responsive Contact Forms.This issue affects Form Builder | Create Responsive Contact Forms: from n/a through 1.9.9.0...

kernel: drbd: use after free in drbd_create_device()

In the Linux kernel, the following vulnerability has been resolved: drbd: use after free in drbdcreatedevice The drbddestroyconnection frees the "connection" so use the safe iterator to prevent a use after free...

kernel: usb: idmouse: fix an uninit-value in idmouse_open

A use of uninitialized memory was found in the Linux kernel's idmouse USB fingerprint reader driver. In idmousecreateimage, when any ftipcommand fails, control jumps to the reset label but leaves bulkinbuffer data uninitialized. The subsequent check for a valid image then dereferences this...

kernel: Kernel: Denial of Service in CIFS due to xid leak

A flaw was found in the Linux kernel's Common Internet File System CIFS implementation. This vulnerability occurs in the cifscreate function where an xid transaction ID is not properly freed if the CIFS connection shuts down. A local attacker could exploit this flaw to cause a resource leak,...

grafana: email addresses and usernames cannot be trusted

An authentication bypass flaw was discovered in Grafana. This issue could allow a remote unauthenticated attacker to create an account and provide access to a certain organization, which can be exploited by gaining access to the signup link. The highest impacts to the system are confidentiality a...

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...

CVE-2023-1194

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

DEBIAN-CVE-2023-1194

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

Design/Logic Flaw

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

UBUNTU-CVE-2023-1194

An out-of-bounds OOB memory read flaw was found in parseleasestate in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of NameOffset in the parseleasestate...

CVE-2023-4091

A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "aclxattr" is configured with "aclxattr:ignore system acls = yes". The SMB protocol allows opening files when the client requests read-only acces...