PT-2023-15638 · Unknown · Telephony Service

Name of the Vulnerable Software and Affected Versions: Telephony service affected versions not specified Description: The issue is related to a possible missing permission check in the telephony service. This could lead to local information disclosure with no additional execution privileges...

PT-2023-15631 · Unknown · Mp3 Encoder

Name of the Vulnerable Software and Affected Versions: MP3 encoder affected versions not specified Description: The issue is related to a missing bounds check in the MP3 encoder, which could lead to an out of bounds read. This might result in a local denial of service and requires System executio...

PT-2023-19659 · Arista · Arista Eos

Name of the Vulnerable Software and Affected Versions: Arista EOS affected versions not specified Description: An authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the...

PT-2023-19517 · Unknown · Simon Tatham'S Portable Puzzle Collection

Name of the Vulnerable Software and Affected Versions: Simon Tatham's Portable Puzzle Collection affected versions not specified Description: A crafted save file can cause a buffer overrun in the software. This issue can potentially be exploited, but no specific details about the estimated number...

PT-2023-22761 · Jenkins · Jenkins Turboscript Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins TurboScript Plugin versions 1.3 and earlier Description: A missing permission check in the plugin allows attackers with Item/Read permission to trigger builds of jobs corresponding to the attacker-specified repository. Recommendations...

PT-2023-15256 · Unisoc (Shanghai) Technologies Co. +1 · Sc9863A/Sc9832E/Sc7731E/T610/T310/T606/T760/T610/T618/T606/T612/T616/T760/T770/T820/S8000 +1

Name of the Vulnerable Software and Affected Versions: Telecom service affected versions not specified Description: The issue is related to a missing permission check in the telecom service, which could lead to a local denial of service. Recommendations: At the moment, there is no information abo...

PT-2023-2390 · Microsoft · Postscript/Pcl6 Class Printer Driver +1

Name of the Vulnerable Software and Affected Versions: Microsoft PostScript and PCL6 Class Printer Driver affected versions not specified Description: The issue is related to insufficient input validation in the PostScript Printer Driver Pscript and PCL6 Class Printer drivers for Windows operatin...

PT-2023-2462 · Microsoft · Windows Error Reporting Service +1

Name of the Vulnerable Software and Affected Versions: Windows Error Reporting Service affected versions not specified Description: The issue is related to insufficient access restrictions in the Windows Error Reporting Service, which can be exploited to elevate privileges. This allows an attacke...

PT-2023-2927 · Microsoft +4 · .Net Framework +4

Name of the Vulnerable Software and Affected Versions: Microsoft .NET affected versions not specified Description: The issue is related to incorrect handling of the path search for DLL libraries in the Microsoft .NET platform. This can allow an attacker to execute arbitrary code. Recommendations:...

PT-2023-13301 · Linux · Linux

Name of the Vulnerable Software and Affected Versions: Linux affected versions not specified Description: The issue is related to information disclosure due to a buffer overread in Linux sensors. Recommendations: At the moment, there is no information about a newer version that contains a fix for...

PT-2023-13299 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to information disclosure due to a buffer over-read while parsing the wms message. This occurs when the buffer and its length are provided, leading to potential data...

PT-2023-13244 · Modem · Modem

Name of the Vulnerable Software and Affected Versions: Modem affected versions not specified Description: The issue is related to information disclosure due to a buffer over-read that occurs while parsing DNS response packets. Recommendations: At the moment, there is no information about a newer...

CVE-2023-28674

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

CVE-2023-28675

A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

PT-2023-13879 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No vulnerable software or affected versions specified. Description: The provided information does not contain details about a specific vulnerability. It appears to be a rejection notice for a candidate number from the National Vulnerability...

PT-2023-15724 · Unknown · Mediaprovider

Name of the Vulnerable Software and Affected Versions: MediaProvider affected versions not specified Description: The issue affects the confidentiality and integrity of data due to a vulnerability in the MediaProvider module that allows unauthorized data read. Recommendations: At the moment, ther...

CVE-2023-28675

A missing permission check in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

CVE-2023-28674

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

CVE-2023-28674

A cross-site request forgery CSRF vulnerability in Jenkins OctoPerf Load Testing Plugin Plugin 4.5.2 and earlier allows attackers to connect to a previously configured Octoperf server using attacker-specified credentials...

PT-2023-36114 · Dpdk · Dpdk

Name of the Vulnerable Software and Affected Versions: dpdk affected versions not specified Description: The issue concerns a rebuild of the package with a new secure boot key. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability...