CVE-2023-4323
Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup
Source: CVE-2023-4323
[월:] 2023년 08월
CVE-2023-38402
CVE-2023-38402
A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITYSYSTEM. A successful exploit could allow these malicious users to create a Denial-of-Service (DoS) condition affecting the Microsoft Windows operating System boot process.
Source: CVE-2023-38402
CVE-2023-4324
CVE-2023-4324
Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers
Source: CVE-2023-4324
CVE-2023-38861
CVE-2023-38861
An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker to execute arbitrary code via username parameter of the set_sys_adm function in adm.cgi.
Source: CVE-2023-38861
CVE-2023-4325
CVE-2023-4325
Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities
Source: CVE-2023-4325
CVE-2023-38865
CVE-2023-38865
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at function sub_4143F0. Attackers can send POST request messages to /usr/bin/webmgnt and inject commands into parameter timestr.
Source: CVE-2023-38865
CVE-2023-4367
CVE-2023-4367
Insufficient policy enforcement in Extensions API in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to bypass an enterprise policy via a crafted HTML page. (Chromium security severity: Medium)
Source: CVE-2023-4367
CVE-2023-4366
CVE-2023-4366
Use after free in Extensions in Google Chrome prior to 116.0.5845.96 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
Source: CVE-2023-4366
CVE-2023-4364
CVE-2023-4364
Inappropriate implementation in Permission Prompts in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium)
Source: CVE-2023-4364
CVE-2023-4363
CVE-2023-4363
Inappropriate implementation in WebShare in Google Chrome on Android prior to 116.0.5845.96 allowed a remote attacker to spoof the contents of a dialog URL via a crafted HTML page. (Chromium security severity: Medium)
Source: CVE-2023-4363