Security Vulnerabilities - CVEs Published In August 2023
The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to an integer overflow vulnerability in the nginx range filter module, resulting in the leakage of potentially sensitive information triggered by specially crafted requests.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-08-22
Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file.
CVSS Score
5.5
EPSS Score
0.006
Published
2023-08-22
A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file.
CVSS Score
5.5
EPSS Score
0.003
Published
2023-08-22
An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users cannot send SIGHUP signals; they can only be sent by a PostgreSQL superuser, a user with pg_reload_conf access, or a user with sufficient privileges at the OS level (the postgres account or the root account).
CVSS Score
4.4
EPSS Score
0.0
Published
2023-08-22
An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-08-22
A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file.
CVSS Score
5.5
EPSS Score
0.004
Published
2023-08-22
An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date.
CVSS Score
6.7
EPSS Score
0.0
Published
2023-08-22
Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format.
CVSS Score
5.5
EPSS Score
0.001
Published
2023-08-22
Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-08-22
Buffer Overflow vulnerability in function LoadPixelDataRLE8 in PluginBMP.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file.
CVSS Score
7.8
EPSS Score
0.004
Published
2023-08-22