Description
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
Base Score: 9.8 CRITICAL
https://www.openwall.com/lists/oss-security/2022/12/21/4
______________________________
Description
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
Base Score: 9.8 CRITICAL
https://www.openwall.com/lists/oss-security/2022/12/21/4
_______________________________
Description
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
Base Score: 7.8 HIGH
https://bugzilla.redhat.com/show_bug.cgi?id=2126720
CVE-2022-4328 Description The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server Base Score: 9.8 CRITICAL https://wpscan.com/vulnerability/4dc72cd2-81d7-4a66-86bd-c9cfaf690eed
CVE-2023-23397 Description:Microsoft Outlook Elevation of Privilege Vulnerability CNA: Microsoft CorporationBase Score: 9.8 CRITICAL Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397
CVE-2019-17621 Description The UPnP endpoint URL /gena.cgi in the D-Link DIR-859 Wi-Fi router 1.05 and 1.06B01 Beta01 allows an Unauthenticated remote attacker to execute system commands as root, by sending a specially crafted HTTP SUBSCRIBE request to the UPnP service when connecting to the local network. Base Score: 9.8 CRITICAL https://www.dlink.com/en/security-bulletin
Leave a Reply