Skip to main content
CVE-2023-4016 LOW Monitor

Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability to write almost unlimited amounts of unfiltered data into the process heap. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Procps Fedora
NVD
CVSS 3.1
3.3
EPSS
0.2%
CVE-2023-26442 LOW Monitor

In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP redirects issued by that backend. Rated low severity (CVSS 3.2), this vulnerability is no authentication required. No vendor patch available.

SSRF Open Xchange Appsuite Office
NVD
CVSS 3.1
3.2
EPSS
0.3%
CVE-2023-26438 LOW Monitor

External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cache. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. No vendor patch available.

SSRF Open Xchange Appsuite Backend
NVD
CVSS 3.1
3.1
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy