Security Vulnerabilities - CVEs Published In September 2023
Transient DOS in WLAN Firmware while interpreting MBSSID IE of a received beacon frame.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-05
Transient DOS in WLAN firmware while parsing MLO (multi-link operation).
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-05
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-05
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-05
Memory corruption in Graphics while processing user packets for command submission.
CVSS Score
8.4
EPSS Score
0.0
Published
2023-09-05
Cerebrate before 1.15 lacks the Secure attribute for the session cookie.
CVSS Score
5.3
EPSS Score
0.001
Published
2023-09-05
An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-09-05
An issue was discovered in lldpd before 1.0.17. By crafting a CDP PDU packet with specific CDP_TLV_ADDRESSES TLVs, a malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in cdp_decode in daemon/protocols/cdp.c.
CVSS Score
9.8
EPSS Score
0.001
Published
2023-09-05
Transient DOS in Bluetooth HOST while passing descriptor to validate the blacklisted BT keyboard.
CVSS Score
6.5
EPSS Score
0.001
Published
2023-09-05
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.
CVSS Score
8.4
EPSS Score
0.0
Published
2023-09-05