Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In August 2023
UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-08-07
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS08017756.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-08-07
In keyinstall, there is a possible memory corruption due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08017756; Issue ID: ALPS07905323.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-08-07
In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550103.
CVSS Score
4.4
EPSS Score
0.0
Published
2023-08-07
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826905; Issue ID: ALPS07826905.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-07
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07826989; Issue ID: ALPS07826989.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-07
In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628524; Issue ID: ALPS07628524.
CVSS Score
6.4
EPSS Score
0.0
Published
2023-08-07
In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767811; Issue ID: ALPS07767811.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-07
In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVSS Score
4.4
EPSS Score
0.0
Published
2023-08-07
In Contacts Service, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-07


Contact Us

Shodan ® - All rights reserved