CVE-2023-36034
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Source: CVE-2023-36034
CVE-2023-36034
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Source: CVE-2023-36034
CVE-2023-46176
IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535.
Source: CVE-2023-46176
CVE-2023-36022
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Source: CVE-2023-36022
CVE-2017-7252
bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password.
Source: CVE-2017-7252
CVE-2023-42027
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 266057.
Source: CVE-2023-42027
CVE-2023-42029
IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266059.
Source: CVE-2023-42029
CVE-2023-43018
IBM CICS TX Standard 11.1 and Advanced 10.1, 11.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 266163.
Source: CVE-2023-43018
CVE-2023-39283
An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation.
Source: CVE-2023-39283
CVE-2023-42299
Buffer Overflow vulnerability in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause a denial of service via the read_subimage_data function.
Source: CVE-2023-42299