Security Warnings · Weekly: 2023-W02

Search Period Severity Vendor Source

Latest warnings

CVE-2023-21538	.NET Denial of Service Vulnerability 2023‑01‑10 · CVE-2023-21538	MSRC	2023‑01‑10	High
CVE-2023-21781	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21781	MSRC	2023‑01‑10	High
CVE-2023-21782	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21782	MSRC	2023‑01‑10	High
CVE-2023-21784	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21784	MSRC	2023‑01‑10	High
CVE-2023-21786	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21786	MSRC	2023‑01‑10	High
CVE-2023-21791	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21791	MSRC	2023‑01‑10	High
CVE-2023-21793	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21793	MSRC	2023‑01‑10	High
CVE-2023-21783	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21783	MSRC	2023‑01‑10	High
CVE-2023-21785	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21785	MSRC	2023‑01‑10	High
CVE-2023-21787	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21787	MSRC	2023‑01‑10	High
CVE-2023-21788	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21788	MSRC	2023‑01‑10	High
CVE-2023-21789	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21789	MSRC	2023‑01‑10	High
CVE-2023-21790	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21790	MSRC	2023‑01‑10	High
CVE-2023-21792	3D Builder Remote Code Execution Vulnerability 2023‑01‑10 · CVE-2023-21792	MSRC	2023‑01‑10	High
CVE-2022-4543	A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation… 2023‑01‑10 · CVE-2022-4543	MSRC	2023‑01‑10	Medium
CVE-2022-41861	A flaw was found in… 2023‑01‑10 · CVE-2022-41861	MSRC	2023‑01‑10	Medium
CVE-2022-3715	A flaw was found in the bash package, where a heap-buffer overflow can occur in valid… 2023‑01‑10 · CVE-2022-3715	MSRC	2023‑01‑10	High
CVE-2022-41858	A flaw was found in the Linux… 2023‑01‑10 · CVE-2022-41858	MSRC	2023‑01‑10	High
CVE-2022-3437	A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of… 2023‑01‑10 · CVE-2022-3437	MSRC	2023‑01‑10	Medium
CVE-2023-0394	A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux… 2023‑01‑10 · CVE-2023-0394	MSRC	2023‑01‑10	Medium
CVE-2022-47021	A null pointer dereference issue was discovered in functions op_get_data and op_open1 in opusfile.c in xiph opusfile 0.9 thru 0.12 allows… 2023‑01‑10 · CVE-2022-47021	MSRC	2023‑01‑10	High
CVE-2022-3650	A privilege escalation flaw was found in… 2023‑01‑10 · CVE-2022-3650	MSRC	2023‑01‑10	High
CVE-2022-4378	A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and… 2023‑01‑10 · CVE-2022-4378	MSRC	2023‑01‑10	High
CVE-2023-0469	A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in the io_uring subcomponent in the Linux Kernel during… 2023‑01‑10 · CVE-2023-0469	MSRC	2023‑01‑10	Medium
CVE-2023-0468	A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in the io_uring subcomponent in the Linux Kernel due to a race… 2023‑01‑10 · CVE-2023-0468	MSRC	2023‑01‑10	Medium
CVE-2022-4379	A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux… 2023‑01‑10 · CVE-2022-4379	MSRC	2023‑01‑10	High
CVE-2022-4415	A vulnerability was found in… 2023‑01‑10 · CVE-2022-4415	MSRC	2023‑01‑10	Medium
CVE-2022-3515	A vulnerability was found in the Libksba library due to an integer overflow within the CRL… 2023‑01‑10 · CVE-2022-3515	MSRC	2023‑01‑10	Critical
CVE-2022-4285	An illegal memory access flaw was found in the binutils… 2023‑01‑10 · CVE-2022-4285	MSRC	2023‑01‑10	Medium
CVE-2022-4139	An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or… 2023‑01‑10 · CVE-2022-4139	MSRC	2023‑01‑10	High
CVE-2018-14628	An information leak vulnerability was discovered in Samba's LDAP… 2023‑01‑10 · CVE-2018-14628	MSRC	2023‑01‑10	Medium
CVE-2022-38725	An integer overflow in the RFC3164 parser in One Identity syslog-ng 3.0 through 3.37 allows remote attackers to cause a Denial of Service… 2023‑01‑10 · CVE-2022-38725	MSRC	2023‑01‑10	High
CVE-2022-4338	An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. 2023‑01‑10 · CVE-2022-4338	MSRC	2023‑01‑10	Critical
CVE-2022-4337	An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. 2023‑01‑10 · CVE-2022-4337	MSRC	2023‑01‑10	Critical
CVE-2022-3094	An UPDATE message flood may cause named to exhaust all available memory 2023‑01‑10 · CVE-2022-3094	MSRC	2023‑01‑10	High
CVE-2022-37436	Apache HTTP Server: mod_proxy prior to 2.4.55 allows a backend to trigger HTTP response splitting 2023‑01‑10 · CVE-2022-37436	MSRC	2023‑01‑10	Medium
CVE-2022-36760	Apache HTTP Server: mod_proxy_ajp Possible request smuggling 2023‑01‑10 · CVE-2022-36760	MSRC	2023‑01‑10	Critical
CVE-2022-24963	Apache Portable Runtime (APR): out-of-bound writes in the apr_encode family of functions 2023‑01‑10 · CVE-2022-24963	MSRC	2023‑01‑10	Critical
CVE-2022-25147	Apache Portable Runtime Utility (APR-util): out-of-bounds writes in the apr_base64 family of functions 2023‑01‑10 · CVE-2022-25147	MSRC	2023‑01‑10	Medium
CVE-2023-23455	atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type… 2023‑01‑10 · CVE-2023-23455	MSRC	2023‑01‑10	Medium
CVE-2023-21531	Azure Service Fabric Container Elevation of Privilege Vulnerability 2023‑01‑10 · CVE-2023-21531	MSRC	2023‑01‑10	High
CVE-2023-21563	BitLocker Security Feature Bypass Vulnerability 2023‑01‑10 · CVE-2023-21563	MSRC	2023‑01‑10	Medium
CVE-2023-22745	Buffer Overlow in TSS2_RC_Decode in tpm2-tss 2023‑01‑10 · CVE-2023-22745	MSRC	2023‑01‑10	Medium
CVE-2022-46176	Cargo did not verify SSH host keys 2023‑01‑10 · CVE-2022-46176	MSRC	2023‑01‑10	Medium
CVE-2023-23454	cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds… 2023‑01‑10 · CVE-2023-23454	MSRC	2023‑01‑10	Medium
CVE-2023-0512	Divide By Zero in vim/vim 2023‑01‑10 · CVE-2023-0512	MSRC	2023‑01‑10	High
CVE-2023-21753	Event Tracing for Windows Information Disclosure Vulnerability 2023‑01‑10 · CVE-2023-21753	MSRC	2023‑01‑10	Medium
CVE-2023-21536	Event Tracing for Windows Information Disclosure Vulnerability 2023‑01‑10 · CVE-2023-21536	MSRC	2023‑01‑10	Medium
CVE-2022-41953	Git clone remote code execution vulnerability in git-for-windows 2023‑01‑10 · CVE-2022-41953	MSRC	2023‑01‑10	High
CVE-2022-48303	GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump 2023‑01‑10 · CVE-2022-48303	MSRC	2023‑01‑10	Medium

Note