Security Vulnerabilities - CVEs Published In November 2023
Remote code execution
CVSS Score
9.8
EPSS Score
0.024
Published
2023-11-29
Remote code execution
CVSS Score
9.8
EPSS Score
0.024
Published
2023-11-29
Elevation of privilege
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-29
Information disclosure
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-29
Elevation of privilege
CVSS Score
9.8
EPSS Score
0.001
Published
2023-11-29
Remote code execution
CVSS Score
9.8
EPSS Score
0.026
Published
2023-11-29
An issue in the box_col_len function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-29
An issue in the box_equal function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-29
An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-11-29
aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Improper validation makes it possible for an attacker to modify the HTTP request (e.g. insert a new header) or even create a new HTTP request if the attacker controls the HTTP method. The vulnerability occurs only if the attacker can control the HTTP method (GET, POST etc.) of the request. If the attacker can control the HTTP version of the request it will be able to modify the request (request smuggling). This issue has been patched in version 3.9.0.
CVSS Score
5.3
EPSS Score
0.002
Published
2023-11-29