Security Vulnerabilities - CVEs Published In January 2023
In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-01-13
In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-01-13
In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVSS Score
7.8
EPSS Score
0.0
Published
2023-01-13
The APDFL.dll contains a stack-based buffer overflow vulnerability that
could be triggered while parsing specially crafted PDF files. This could
allow an attacker to execute code in the context of the current
process.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-01-13
The APDFL.dll contains an out-of-bounds write past the fixed-length
heap-based buffer while parsing specially crafted PDF files. This could
allow an attacker to execute code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-01-13
The APDFL.dll contains a memory corruption vulnerability while parsing
specially crafted PDF files. This could allow an attacker to execute
code in the context of the current process.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-01-13
NVIDIA BMC contains a vulnerability in IPMI handler, where an authorized attacker can cause a buffer overflow and cause a denial of service or gain code execution.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-01-13
NVIDIA BMC IPMI handler allows an unauthenticated host to write to a host SPI flash bypassing secureboot protections. This may lead to a loss of integrity and denial of service.
CVSS Score
7.7
EPSS Score
0.0
Published
2023-01-13
An Incomplete Cleanup vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker to cause a Denial of Service (DoS). An rpd crash can occur when an MPLS TE tunnel configuration change occurs on a directly connected router. This issue affects: Juniper Networks Junos OS All versions prior to 18.4R2-S7; 19.1 versions prior to 19.1R3-S2; 19.2 versions prior to 19.2R3; 19.3 versions prior to 19.3R3; 19.4 versions prior to 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2. Juniper Networks Junos OS Evolved All versions prior to 19.2R3-EVO; 19.3 versions prior to 19.3R3-EVO; 19.4 versions prior to 19.4R3-EVO; 20.1 versions prior to 20.1R3-EVO; 20.2 versions prior to 20.2R2-EVO.
CVSS Score
6.5
EPSS Score
0.003
Published
2023-01-13
An Improper Validation of Array Index vulnerability in the SIP ALG of Juniper Networks Junos OS on SRX 5000 Series allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). When an attacker sends an SIP packets with a malformed SDP field then the SIP ALG can not process it which will lead to an FPC crash and restart. Continued receipt of these specific packets will lead to a sustained Denial of Service. This issue can only occur when both below mentioned conditions are fulfilled: 1. Call distribution needs to be enabled: [security alg sip enable-call-distribution] 2. The SIP ALG needs to be enabled, either implicitly / by default or by way of configuration. To confirm whether SIP ALG is enabled on SRX, and MX with SPC3 use the following command: user@host> show security alg status | match sip SIP : Enabled This issue affects Juniper Networks Junos OS on SRX 5000 Series: 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S3; 21.3 versions prior to 21.3R3-S3; 21.4 versions prior to 21.4R3-S2; 22.1 versions prior to 22.1R2-S2, 22.1R3; 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R1-S1, 22.3R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1.
CVSS Score
7.5
EPSS Score
0.003
Published
2023-01-13