The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2023-39615 | Xmlsoft Libxml2 v2.11.0 was discovered to contain an out-of-bounds read via the xmlSAX2StartElement() function at /libxml2/SAX2.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted XML file. NOTE: the vendor\'s position is that the product does not support the legacy SAX1 interface with custom callbacks; there is a crash even without crafted input. | -- | Aug 29, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-39804 | In GNU tar before 1.35, mishandled extension attributes in a PAX archive can lead to an application crash in xheader.c. | -- | Dec 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-39976 | log_blackbox.c in libqb before 2.0.8 allows a buffer overflow via long log messages because the header size is not considered. | -- | Aug 8, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-40283 | An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. | -- | Aug 14, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-40303 | GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if the setuid system call fails when a process is trying to drop privileges before letting an ordinary user control the activities of the process. | -- | Aug 14, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-40359 | xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters (i.e., neither alphanumeric nor underscore), aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certain experimental feature. | -- | Aug 14, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-40547 | A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-controlled values when parsing an HTTP response. This flaw allows an attacker to craft a specific malicious HTTP request, leading to a completely controlled out-of-bounds write primitive and complete system compromise. This flaw is only exploitable during the early boot phase, an attacker needs to perform a Man-in-the-Middle or compromise the boot server to be able to exploit this vulnerability successfully. | -- | Jan 25, 2024 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-40745 | LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. | -- | Aug 29, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-41040 | GitPython is a python library used to interact with Git repositories. In order to resolve some git references, GitPython reads files from the `.git` directory, in some places the name of the file being read is provided by the user, GitPython doesn\'t check if this file is located outside the `.git` directory. This allows an attacker to make GitPython read any file from the system. This vulnerability is present in https://github.com/gitpython-developers/GitPython/blob/1c8310d7cae144f74a671cbe17e51f63a830adbf/git/refs/symbolic.py#L174-L175. That code joins the base directory with a user given string without checking if the final path is located outside the base directory. This vulnerability cannot be used to read the contents of files but could in theory be used to trigger a denial of service for the program. This issue has not yet been addressed. | LOW | Aug 31, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-41175 | A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. | -- | Aug 29, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-41913 | strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm\'s DH proxy. The earliest affected version is 5.3.0. An attack can occur via a crafted IKE_SA_INIT message. | -- | Nov 22, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-42669 | A vulnerability was found in Samba\'s rpcecho development server, a non-Windows RPC server used to test Samba\'s DCE/RPC stack elements. This vulnerability stems from an RPC function that can be blocked indefinitely. The issue arises because the rpcecho service operates with only one worker in the main RPC task, allowing calls to the rpcecho server to be blocked for a specified time, causing service disruptions. This disruption is triggered by a sleep() call in the dcesrv_echo_TestSleep() function under specific conditions. Authenticated users or attackers can exploit this vulnerability to make calls to the rpcecho server, requesting it to block for a specified duration, effectively disrupting most services and leading to a complete denial of service on the AD DC. The DoS affects all other services as rpcecho runs in the main RPC task. | -- | Oct 11, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-42753 | An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory buffer out-of-bound. This issue may allow a local user to crash the system or potentially escalate their privileges on the system. | -- | Sep 26, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-42754 | A NULL pointer dereference flaw was found in the Linux kernel ipv4 stack. The socket buffer (skb) was assumed to be associated with a device before calling __ip_options_compile, which is not always the case if the skb is re-routed by ipvs. This issue may allow a local user with CAP_NET_ADMIN privileges to crash the system. | -- | Oct 5, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-42755 | A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `rsvp_classify` function. This issue may allow a local user to crash the system and cause a denial of service. | -- | Sep 27, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-43804 | urllib3 is a user-friendly HTTP client library for Python. urllib3 doesn\'t treat the `Cookie` HTTP header special or provide any helpers for managing cookies over HTTP, that is the responsibility of the user. However, it is possible for a user to specify a `Cookie` header and unknowingly leak information via HTTP redirects to a different origin if that user doesn\'t disable redirects explicitly. This issue has been patched in urllib3 version 1.26.17 or 2.0.5. | LOW | Oct 4, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-44446 | GStreamer MXF File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the parsing of MXF video files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22299. | -- | Nov 15, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-45145 | Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusting its permissions to the user-provided configuration. If a permissive umask(2) is used, this creates a race condition that enables, during a short period of time, another process to establish an otherwise unauthorized connection. This problem has existed since Redis 2.6.0-RC1. This issue has been addressed in Redis versions 7.2.2, 7.0.14 and 6.2.14. Users are advised to upgrade. For users unable to upgrade, it is possible to work around the problem by disabling Unix sockets, starting Redis with a restrictive umask, or storing the Unix socket file in a protected directory. | -- | Oct 18, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-45322 | libxml2 through 2.11.5 has a use-after-free that can only occur after a certain memory allocation fails. This occurs in xmlUnlinkNode in tree.c. NOTE: the vendor\'s position is I don\'t think these issues are critical enough to warrant a CVE ID ... because an attacker typically can\'t control when memory allocations fail. | -- | Oct 7, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-45853 | MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product. NOTE: pyminizip through 0.2.6 is also vulnerable because it bundles an affected zlib version, and exposes the applicable MiniZip code through its compress API. | LOW | Oct 14, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-45862 | An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation. | -- | Oct 16, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-45866 | Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue. | -- | Dec 8, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-45871 | An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. | -- | Oct 16, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-46218 | This flaw allows a malicious HTTP server to set super cookies in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains. It could do this by exploiting a mixed case flaw in curl\'s function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with `domain=co.UK` when the URL used a lower case hostname `curl.co.uk`, even though `co.uk` is listed as a PSL domain. | LOW | Dec 7, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-46246 | Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file `src/ex_docmd.c` in the function `do_cmdline` at line 1010 and then used again in `src/cmdhist.c` at line 759. When using the `:history` command, it\'s possible that the provided argument overflows the accepted value. Causing an Integer Overflow and potentially later an use-after-free. This vulnerability has been patched in version 9.0.2068. | -- | Oct 29, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-46316 | In buc Traceroute 2.0.12 through 2.1.2 before 2.1.3, the wrapper scripts do not properly parse command lines. | -- | Oct 25, 2023 | 10.19.45.30 (Wind River Linux LTS 19) |
| CVE-2023-46343 | In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c. | -- | Jan 23, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-46751 | An issue was discovered in the function gdev_prn_open_printer_seekable() in Artifex Ghostscript through 10.02.0 allows remote attackers to crash the application via a dangling pointer. | -- | Dec 7, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-46838 | Transmit requests in Xen\'s virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be transferred data, these parts are directly translated into what Linux calls SKB fragments. Such converted request parts can, when for a particular SKB they are all of length zero, lead to a de-reference of NULL in core networking code. | -- | Jan 24, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-47038 | A vulnerability was found in perl. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. | -- | Nov 27, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-47100 | In Perl before 5.38.2, S_parse_uniprop_string in regcomp.c can write to unallocated space because a property name associated with a \\p{...} regular expression construct is mishandled. The earliest affected version is 5.30.0. | -- | Dec 3, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-47342 | avformat/rtsp: Use rtsp_st->stream_index | -- | Nov 13, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48231 | Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25aabc2b` which has been included in release version 9.0.2106. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48232 | Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include the \'n\' flag. This may happen when a window border is present and when the wrapped line continues on the next physical line directly in the window border because the \'cpo\' setting includes the \'n\' flag. Only users with non-default settings are affected and the exception should only result in a crash. This issue has been addressed in commit `cb0b99f0` which has been included in release version 9.0.2107. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48233 | Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with e_value_too_large. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `ac6378773` which has been included in release version 9.0.2108. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48234 | Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `58f9befca1` which has been included in release version 9.0.2109. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48235 | Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will cause the overflow. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `060623e` which has been included in release version 9.0.2110. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48236 | Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAX_INT. Impact is low, user interaction is required and a crash may not even happen in all situations. This vulnerability has been addressed in commit `73b2d379` which has been included in release version 9.0.2111. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48237 | Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a crash may not even happen in all situations. This issue has been addressed in commit `6bf131888` which has been included in version 9.0.2112. Users are advised to upgrade. There are no known workarounds for this vulnerability. | -- | Nov 17, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-48706 | Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time and using a sub-replace-special atom inside the substitution part, it is possible that the recursive `:s` call causes free-ing of memory which may later then be accessed by the initial `:s` command. The user must intentionally execute the payload and the whole process is a bit tricky to do since it seems to work only reliably for the very first :s command. It may also cause a crash of Vim. Version 9.0.2121 contains a fix for this issue. | -- | Nov 24, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-50471 | cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_InsertItemInArray at cJSON.c. | LOW | Dec 14, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-50472 | cJSON v1.7.16 was discovered to contain a segmentation violation via the function cJSON_SetValuestring at cJSON.c. | LOW | Dec 14, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-50495 | NCurse v6.4-20230418 was discovered to contain a segmentation fault via the component _nc_wrap_entry(). | -- | Dec 12, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-51042 | In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free. | -- | Jan 23, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51043 | In the Linux kernel before 6.4.5, drivers/gpu/drm/drm_atomic.c has a use-after-free during a race condition between a nonblocking atomic commit and a driver unload. | -- | Jan 23, 2024 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51385 | In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or host name. | -- | Dec 19, 2023 | 10.19.45.31 (Wind River Linux LTS 19) |
| CVE-2023-51779 | bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51780 | An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51781 | An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
| CVE-2023-51782 | An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition. | -- | Dec 27, 2023 | 10.19.45.29 (Wind River Linux LTS 19) |
