|
161
|
9.8
-
|
CRITICAL
Network
|
A path traversal vulnerability was identified in Samba when processing client pipe names connecting to Unix domain sockets within a private directory. Samba typically uses this mechanism to connect S…
|
CWE-22
Path Traversal
|
CVE-2023-3961
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:18
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
162
|
7.0
-
|
HIGH
Local
|
A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local u…
|
CWE-416
Use After Free
|
CVE-2023-1476
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 16:39
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
163
|
7.5
-
|
HIGH
Network
|
A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum s…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2023-5824
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 17:42
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
164
|
6.5
-
|
MEDIUM
Network
|
A vulnerability was discovered in Samba, where the flaw allows SMB clients to truncate files, even with read-only permissions when the Samba VFS module "acl_xattr" is configured with "acl_xattr:ignor…
|
CWE-276
Incorrect Default Permissions
|
CVE-2023-4091
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:34
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
165
|
7.5
-
|
HIGH
Network
|
Squid is vulnerable to Denial of Service, where a remote attacker can perform DoS by sending ftp:// URLs in HTTP Request messages or constructing ftp:// URLs from FTP Native input.
|
CWE-681
Incorrect Conversion between Numeric Types
|
CVE-2023-46848
|
cpe:2.3:o:redhat:enterprise_linux:9.0:*
|
|
|
|
|
2024-11-21 17:29
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
166
|
7.5
-
|
HIGH
Network
|
Squid is vulnerable to a Denial of Service, where a remote attacker can perform buffer overflow attack by writing up to 2 MB of arbitrary data to heap memory when Squid is configured to accept HTTP …
|
CWE-120
Classic Buffer Overflow
|
CVE-2023-46847
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:29
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
167
|
5.3
-
|
MEDIUM
Network
|
SQUID is vulnerable to HTTP request smuggling, caused by chunked decoder lenience, allows a remote attacker to perform Request/Response smuggling past firewall and frontend security systems.
|
CWE-444
HTTP Request Smuggling
|
CVE-2023-46846
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:29
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
168
|
5.5
-
|
MEDIUM
Local
|
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_alternative_host_name() function.
|
CWE-617
Reachable Assertion
|
CVE-2023-38473
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:13
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
169
|
5.5
-
|
MEDIUM
Local
|
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
|
CWE-787
Out-of-bounds Write
|
CVE-2022-4900
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 16:36
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
170
|
5.5
-
|
MEDIUM
Local
|
A vulnerability was found in Avahi. A reachable assertion exists in the avahi_escape_label() function.
|
CWE-617
Reachable Assertion
|
CVE-2023-38470
|
cpe:2.3:o:redhat:enterprise_linux:9.0:* cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 17:13
2023-11-3
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|