CVE-2023-3733

Vulnerability Summary for the Week of November 27, 2023 - PrimaryVendor - Product apple - multiple products Description A memory corruption vulnerability was addressed with improved locking. Published 2023-12-01 CVSS Score not yet calculated Source & Patch Info CVE-2023-48842 PrimaryVendor - Product dell - ...
7 months ago Cisa.gov

CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
3 weeks ago Tenable.com

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server - Sig 11,887 p4api vs2017 static openssl3 p4api-2023.1.2468153-vs2017 static. Sig 11,847 p4api vs2017 static p4api-2023.1.2468153-vs2017 static. Sig 10,187 p4api vs2017 static vsdebug openssl3 p4api-2023.1.2468153-vs2017 static vsdebug. Sig 10,147 ...
6 months ago Microsoft.com

CVE-2023-3733 - Inappropriate implementation in WebApp Installs in Google Chrome prior to 115.0.5790.98 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium) ...
10 months ago

Threat landscape for industrial automation systems. H2 2023 - In the second half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased by 2.1 pp to 31.9%. Percentage of ICS computers on which malicious objects were blocked, by half year. In H2 2023, building automation once ...
3 months ago Securelist.com

CVE-2005-3733 - The Internet Key Exchange version 1 (IKEv1) implementation in Juniper JUNOS and JUNOSe software for M, T, and J-series routers before release 6.4, and E-series routers before 7-1-0, allows remote attackers to cause a denial of service and possibly ...
13 years ago

CVE-2007-1157 - Cross-site request forgery (CSRF) vulnerability in jmx-console/HtmlAdaptor in JBoss allows remote attackers to perform privileged actions as administrators via certain MBean operations, a different vulnerability than CVE-2006-3733. Affected product ...
5 years ago

CVE-2019-3733 - RSA BSAFE Crypto-C Micro Edition, all versions prior to 4.1.4, is vulnerable to three (3) different Improper Clearing of Heap Memory Before Release vulnerability, also known as 'Heap Inspection vulnerability'. A malicious remote user could ...
2 years ago

CVE-2011-3733 - Elgg 1.7.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by vendors/simpletest/test/visual_test.php and certain other files. ...
12 years ago

CVE-2012-3733 - Messages in Apple iOS before 6, when multiple iMessage e-mail addresses are configured, does not ensure that a reply's sender address matches the recipient address of the original message, which allows remote attackers to obtain potentially ...
6 years ago

CVE-2010-3733 - The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for the sqllib/cfg/db2sprf file, which might allow local users to gain privileges by modifying this file. ...
6 years ago

CVE-2008-3733 - Stack-based buffer overflow in EO Video (eo-video) 1.36 allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a .eop (aka playlist) file with a ProjectElement element that contains a long Name element. ...
6 years ago

CVE-2009-3733 - Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors. ...
5 years ago

CVE-2006-3733 - jmx-console/HtmlAdaptor in the jmx-console in the JBoss web application server, as shipped with Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allows remote attackers to gain privileges as the CS-MARS administrator ...
5 years ago

CVE-2015-3733 - WebKit, as used in Apple iOS before 8.4.1 and Safari before 6.2.8, 7.x before 7.1.8, and 8.x before 8.0.8, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web ...
5 years ago

CVE-2017-3733 - During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers ...
5 years ago

CVE-2020-3733 - Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. ...
4 years ago

CVE-2016-3733 - The "restore teacher" feature in Moodle 3.0 through 3.0.3, 2.9 through 2.9.5, 2.8 through 2.8.11, 2.7 through 2.7.13, and earlier allows remote authenticated users to overwrite the course idnumber. ...
3 years ago

CVE-2022-3733 - A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. This affects an unknown part of the file Admin/edit-admin.php. The manipulation of the argument id leads to sql injection. It is ...
1 year ago

CVE-2018-3733 - crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known path. ...
1 year ago

CVE-2021-3733 - There's a flaw in urllib's AbstractBasicAuthHandler class. An attacker who controls a malicious HTTP server that an HTTP client (such as web browser) connects to, could trigger a Regular Expression Denial of Service (ReDOS) during an ...
1 year ago

CVE-2007-3733 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none ...
54 years ago Tenable.com

CVE-2024-3733 - The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.9.15 via the ajax_load_more() , ...
2 months ago

CVE-2024-35886 - In the Linux kernel, the following vulnerability has been resolved: ...
1 month ago

Multiple Flaws in Dell PowerProtect Products Execute Commands - Multiple vulnerabilities have been discovered in Dell's PowerProtect, which were associated with SQL injection, cross-site scripting, privilege escalation, command injection, and path tracing. The severity for these vulnerabilities ranges between 4.3 ...
6 months ago Cybersecuritynews.com