» 2023 » 5월

CVE-2023-28753

Posted on 2023년 5월 19일2023년 5월 19일 by admin

CVE-2023-28753

netconsd prior to v0.2 was vulnerable to an integer overflow in its parse_packet function. A malicious individual could leverage this overflow to create heap memory corruption with attacker controlled data.

Source: CVE-2023-28753

CVE-2023-30470

Posted on 2023년 5월 19일2023년 5월 19일 by admin

CVE-2023-30470

A use-after-free related to unsound inference in the bytecode generation when optimizations are enabled for Hermes prior to commit da8990f737ebb9d9810633502f65ed462b819c09 could have been used by an attacker to achieve remote code execution. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.

Source: CVE-2023-30470

CVE-2023-2025

Posted on 2023년 5월 19일2023년 5월 19일 by admin

CVE-2023-2025

OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 may expose sensitive information to an unauthorized user under certain circumstances.

Source: CVE-2023-2025

CVE-2023-2024

Posted on 2023년 5월 19일2023년 5월 19일 by admin

CVE-2023-2024

Improper authentication in OpenBlue Enterprise Manager Data Collector versions prior to 3.2.5.75 allow access to an unauthorized user under certain circumstances.

Source: CVE-2023-2024

CVE-2023-31655

Posted on 2023년 5월 19일2023년 5월 19일 by admin

CVE-2023-31655

redis-7.0.10 was discovered to contain a segmentation violation.

Source: CVE-2023-31655

CVE-2023-29720

Posted on 2023년 5월 19일2023년 5월 19일 by admin

CVE-2023-29720

SofaWiki <=3.8.9 is vulnerable to Cross Site Scripting (XSS) via index.php.

Source: CVE-2023-29720

CVE-2023-0965

Posted on 2023년 5월 19일2023년 5월 19일 by admin

CVE-2023-0965

Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM.

Source: CVE-2023-0965