Security Bulletin: Multiple Vulnerabilities in CloudPak for AIOps

Vulnerability Details

CVEID:   CVE-2022-28948
DESCRIPTION:   Go-Yaml is vulnerable to a denial of service, caused by a flaw in the Unmarshal function. By sending a specially-crafted input, a remote attacker could exploit this vulnerability to cause the program to crash.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:   CVE-2023-0800
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow when processing TIFF files in extractContigSamplesShifted16bits in tools/tiffcrop.c. By persuading a victim to open a specially-crafted TIFF file, a remote attacker could overflow a buffer and cause a denial of service.
CWE:   CWE-122: Heap-based Buffer Overflow
CVSS Source:   IBM X-Force
CVSS Base score:   6.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2023-0801
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow when processing TIFF files in _TIFFmemcpy in libtiff/tif_unix.c. By persuading a victim to open a specially-crafted TIFF file, a remote attacker could overflow a buffer and cause a denial of service.
CWE:   CWE-122: Heap-based Buffer Overflow
CVSS Source:   IBM X-Force
CVSS Base score:   6.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2023-0802
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow when processing TIFF files in extractContigSamplesShifted32bits in tools/tiffcrop.c. By persuading a victim to open a specially-crafted TIFF file, a remote attacker could overflow a buffer and cause a denial of service.
CWE:   CWE-122: Heap-based Buffer Overflow
CVSS Source:   IBM X-Force
CVSS Base score:   6.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2023-0803
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow when processing TIFF files in extractContigSamplesShifted16bits in tiffcrop.c. By persuading a victim to open a specially-crafted TIFF file, a remote attacker could overflow a buffer and cause a denial of service.
CWE:   CWE-122: Heap-based Buffer Overflow
CVSS Source:   IBM X-Force
CVSS Base score:   6.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2023-0804
DESCRIPTION:   LibTIFF is vulnerable to a denial of service, caused by a heap-based buffer overflow when processing TIFF files in extractContigSamplesShifted24bits in tools/tiffcrop.c. By persuading a victim to open a specially-crafted TIFF file, a remote attacker could overflow a buffer and cause a denial of service.
CWE:   CWE-122: Heap-based Buffer Overflow
CVSS Source:   IBM X-Force
CVSS Base score:   6.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2023-3341
DESCRIPTION:   ISC BIND is vulnerable to a denial of service, caused by a stack exhaustion flaw in control channel code. By sending a specially crafted message over the control channel, a remote attacker could exploit this vulnerability to cause named to terminate.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   7.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-39975
DESCRIPTION:   MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by a double free in KDC TGS processing. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a failure in authorization data handling, and results in a denial of service condition.
CWE:   CWE-415: Double Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2022-42895
DESCRIPTION:   Linux Kernel could allow a local attacker to obtain sensitive information, caused by an infoleak vulnerability in the net/bluetooth/l2cap_core.c's l2cap_parse_conf_req function. An attacker could exploit this vulnerability to obtain sensitive information.
CWE:   CWE-824: Access of Uninitialized Pointer
CVSS Source:   IBM X-Force
CVSS Base score:   5.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2022-45869
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a race condition in the x86 KVM subsystem when nested virtualisation and the TDP MMU are enabled. By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CWE:   CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2022-45887
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak in drivers/media/usb/ttusb-dec/ttusb_dec.c By sending a specially-crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS Source:   IBM X-Force
CVSS Base score:   4.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2022-4744
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a double-free flaw in the TUN/TAP device driver functionality. An attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-415: Double Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-0458
DESCRIPTION:   Linux Kernel could allow a remote authenticated attacker to obtain sensitive information, caused by a speculative pointer dereference in the do_prlimit() function. An attacker could exploit this vulnerability to leak the contents and obtain sensitive information.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2023-0590
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in qdisc_graft in net/sched/sch_api.c. An attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-0597
DESCRIPTION:   Linux Kernel could allow a local attacker to obtain sensitive information, caused by a memory leak in the cpu_entry_area mapping of X86 CPU data to memory. An attacker could exploit this vulnerability to gain access to some important data with expected location in memory.
CWE:   CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2023-1073
DESCRIPTION:   Linux Kernel could allow a physical authenticated attacker to gain elevated privileges on the system, caused by a memory corruption flaw in the human interface device (HID) subsystem. By using a specially crafted USB device , an attacker could exploit this vulnerability to gain elevated privileges or cause a denial of service condition.
CWE:   CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CVSS Source:   IBM X-Force
CVSS Base score:   6.3
CVSS Vector:   (CVSS:3.0/AV:P/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-1074
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a memory leak flaw in the Stream Control Transmission Protocol. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to starve resources, and results in a denial of service condition.
CWE:   CWE-401: Missing Release of Memory after Effective Lifetime
CVSS Source:   IBM X-Force
CVSS Base score:   4.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1079
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw flaw in the asus_kbd_backlight_set function. By using a specially-crafted USB device, a physical attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   4.6
CVSS Vector:   (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1118
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in drivers/media/rc/ene_ir.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause the kernel to crash.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1206
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a flaw in the IPv6 connection lookup table. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause the CPU usage to increase, and results in a denial of service condition.
CWE:   CWE-400: Uncontrolled Resource Consumption
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1252
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the Ext4 File System. An attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-1382
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-1989
DESCRIPTION:   Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a use-after-free flaw in btsdio_remove function in drivers\bluetooth\btsdio.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   8.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-43642
DESCRIPTION:   snappy-java is vulnerable to a denial of service, caused by missing upper bound check on chunk length. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-770: Allocation of Resources Without Limits or Throttling
CVSS Source:   IBM X-Force
CVSS Base score:   7.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-27538
DESCRIPTION:   cURL libcurl could allow a local attacker to bypass security restrictions, caused by a SSH connection too eager reuse still flaw. By sending a specially crafted request, an attacker could exploit this vulnerability to reuse a previously created connection even when an SSH related option had been changed.
CWE:   CWE-305: Authentication Bypass by Primary Weakness
CVSS Source:   IBM X-Force
CVSS Base score:   4
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID:   CVE-2023-1998
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the spectre_v2_user_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Spectre Mitigation component . By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE:   CWE-204: Observable Response Discrepancy
CVSS Source:   IBM X-Force
CVSS Base score:   5.6
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N)

CVEID:   CVE-2023-23455
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a type confusion flaw in the atm_tc_enqueue function in net/sched/sch_atm.c. By sending a specially-crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-2513
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the ext4 filesystem when handling extra inode size for extended attributes. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   4.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-26545
DESCRIPTION:   A double free in net/mpls/af_mpls.c upon an allocation failure during the renaming of a device in Linux Kernel could allow a remote authenticated attacker from within the local network to cause an unknown impact.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:   CVE-2023-28328
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the az6027 driver in drivers/media/usb/dev-usb/az6027.c. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-28772
DESCRIPTION:   Linux Kernel is vulnerable to a buffer overflow, caused by improper bounds checking by the seq_buf_putmem_hex function in lib/seq_buf.c. By sending a specially crafted request, a local attacker could overflow a buffer and execute arbitrary code or cause a denial of service on the system.
CWE:   CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVSS Source:   IBM X-Force
CVSS Base score:   8.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-30456
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by the lack of consistency checks for CR0 and CR4 in arch/x86/kvm/vmx/nested.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-264: Permissions, Privileges, and Access Controls
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-31084
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interruptible is called in drivers/media/dvb-core/dvb_frontend.c. By sending a specially crafted request, a local attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-3161
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a shift-out-of-bounds flaw in the fbcon_set_font() function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-1335: Incorrect Bitwise Shift of Integer
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-3268
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by an out-of-bounds memory access flaw in the relay_file_read_start_pos function in kernel/relay.c in the relayfs. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the system to crash or obtain sensitive information.
CWE:   CWE-125: Out-of-bounds Read
CVSS Source:   IBM X-Force
CVSS Base score:   7.1
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H)

CVEID:   CVE-2023-33203
DESCRIPTION:   Linux Kernel could allow a physical attacker to execute arbitrary code on the system, caused by a race condition in drivers/net/ethernet/qualcomm/emac/emac.c. By unplugging an EMAC-based device, an attacker could exploit this vulnerability to trigger a use-after-free and execute arbitrary code on the system.
CWE:   CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVSS Source:   IBM X-Force
CVSS Base score:   6.8
CVSS Vector:   (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-33951
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by a race condition in the handling of GEM objects. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to obtain sensitive information in the context of the kernel, or cause a denial of service condition.
CWE:   CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source:   IBM X-Force
CVSS Base score:   6.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:L)

CVEID:   CVE-2023-33952
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a double free in the handling of vmw_buffer_object objects. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges and execute code in the context of the kernel.
CWE:   CWE-415: Double Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-35823
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the saa7134_finidev function in drivers/media/pci/saa7134/saa7134-core.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-35824
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by a use-after-free flaw in the dm1105_remove function in drivers/media/pci/dm1105/dm1105.c. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code or cause a denial of service condition on the system.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-3772
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a NULL pointer dereference flaw in the xfrm_update_ae_params() function in the IP framework for transforming packets (XFRM subsystem). By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause the kernel to crash.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-4132
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free flaw in the siano smsusb module. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-4155
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a race condition in KVM AMD Secure Encrypted Virtualization (SEV). By sending a specially crafted request using the VMGEXIT handler recursively, a local authenticated attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:N/A:H)

CVEID:   CVE-2023-4732
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a race condition between task migrating pages and another task calling exit_mmap to release those same pages getting invalid opcode BUG in include/linux/swapops.h in the memory management subsytem. A local authenticated attacker could exploit this vulnerability to cause a denial of service.
CWE:   CWE-366: Race Condition within a Thread
CVSS Source:   IBM X-Force
CVSS Base score:   4.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-42503
DESCRIPTION:   Apache Commons Compress is vulnerable to a denial of service, caused by improper input validation. By persuading a victim to open a specially crafted TAR file, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-36054
DESCRIPTION:   MIT Kerberos 5 (aka krb5) is vulnerable to a denial of service, caused by not validating the relationship between n_key_data and the key_data array count by the _xdr_kadm5_principal_ent_rec function. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause a kadmind crash.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   8.8
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-31436
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds write in qfq_change_class in net/sched/sch_qfq.c. An attacker could exploit this vulnerability to gain elevated privileges on the system.
CWE:   CWE-787: Out-of-bounds Write
CVSS Source:   IBM X-Force
CVSS Base score:   8.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)

CVEID:   CVE-2023-3609
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_u32 component. By sending a specially crafted request using the reference counter, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-3611
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an out-of-bounds write flaw in the net/sched: sch_qfq component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-787: Out-of-bounds Write
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-4206
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_route component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-4207
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_fw component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-4208
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the net/sched: cls_u32 component. By sending a specially crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2022-31160
DESCRIPTION:   jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the check-box-radio widget. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE:   CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source:   IBM X-Force
CVSS Base score:   5.4
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N)

CVEID:   CVE-2023-3899
DESCRIPTION:   Red Hat Enterprise Linux could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper authorization by the subscription-manager. By sending a specially crafted request through D-Bus interface com.redhat.RHSM1, an authenticated attacker could exploit this vulnerability to gain elevated privileges to an unconfined root.
CWE:   CWE-285: Improper Authorization
CVSS Source:   IBM X-Force
CVSS Base score:   7.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-46129
DESCRIPTION:   NATS NKEYS could allow a remote attacker to obtain sensitive information, caused by a flaw in the nkeys library's "xkeys" encryption handling logic. By utilize cryptographic attack techniques, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE:   CWE-321: Use of Hard-coded Cryptographic Key
CVSS Source:   IBM X-Force
CVSS Base score:   7.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2023-1075
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to obtain sensitive information, caused by improper checking for list emptiness by the tls_is_tx_ready() function. By sending a specially crafted request to access a type confused entry to the list_head, an attacker could exploit this vulnerability to obtain the last byte of the confused field that overlaps with rec->tx_ready, and use this information to launch further attacks against the affected system.
CWE:   CWE-843: Access of Resource Using Incompatible Type ('Type Confusion')
CVSS Source:   IBM X-Force
CVSS Base score:   2.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N)

CVEID:   CVE-2023-1855
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in xgene_hwmon_remove in drivers/hwmon/xgene-hwmon.c in the xgene-hwmon driver. A local attacker could exploit this vulnerability to cause the system to crash or obtain kernel memory.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   5.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:H)

CVEID:   CVE-2023-3141
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by a use-after-free in r592_remove in drivers/memstick/host/r592.c in media access. An attacker could exploit this vulnerability to crash the system at device disconnect and possibly leak kernel information.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.8
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)

CVEID:   CVE-2023-3212
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by NULL pointer dereference issue in the gfs2 file system. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause a kernel panic.
CWE:   CWE-476: NULL Pointer Dereference
CVSS Source:   IBM X-Force
CVSS Base score:   3.3
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)

CVEID:   CVE-2023-26136
DESCRIPTION:   Salesforce tough-cookie could allow a remote attacker to execute arbitrary code on the system, caused by a prototype pollution flaw due to improper handling of Cookies when using CookieJar in rejectPublicSuffixes=false mode. By adding or modifying properties of Object.prototype using a __proto__ or constructor payload, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE:   CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
CVSS Source:   IBM X-Force
CVSS Base score:   6.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)

CVEID:   CVE-2023-4863
DESCRIPTION:   Google Chrome is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by WebP. By persuading a victim to visit a specially crafted Web site, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CWE:   CWE-122: Heap-based Buffer Overflow
CVSS Source:   IBM X-Force
CVSS Base score:   8.8
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:   CVE-2019-9512
DESCRIPTION:   Multiple vendors are vulnerable to a denial of service, caused by a Ping Flood attack. By sending continual pings to an HTTP/2 peer, a remote attacker could consume excessive CPU resources.
CWE:   CWE-399: Resource Management Errors
CVSS Source:   IBM X-Force
CVSS Base score:   7.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2019-9514
DESCRIPTION:   Multiple vendors are vulnerable to a denial of service, caused by a Reset Flood attack. By opening a number of streams and sending an invalid request over each stream, a remote attacker could consume excessive CPU resources.
CWE:   CWE-399: Resource Management Errors
CVSS Source:   IBM X-Force
CVSS Base score:   7.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-45133
DESCRIPTION:   Babel could allow a local attacker to execute arbitrary code on the system, caused by a flaw in the path.evaluate()or path.evaluateTruthy(). By using a specially crafted code to compile, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE:   CWE-184: Incomplete List of Disallowed Inputs
CVSS Source:   IBM X-Force
CVSS Base score:   9.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)

CVEID:   CVE-2023-34969
DESCRIPTION:   D-Bus is vulnerable to a denial of service, caused by a flaw when a monitor is active and a message from the driver cannot be delivered. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to cause the dbus-daemon to crash, and results in a denial of service condition.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   6.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-46120
DESCRIPTION:   RabbitMQ Java Client is vulnerable to a denial of service, caused by no message size limit in maxBodyLebgth. By sending a specially crafted message, a remote attacker could exploit this vulnerability to cause a memory overflow, and results in a denial of service condition.
CWE:   CWE-400: Uncontrolled Resource Consumption
CVSS Source:   IBM X-Force
CVSS Base score:   4.9
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-4316
DESCRIPTION:   Zod is vulnerable to a denial of service. By sending a specially crafted email, a remote attacker could exploit this vulnerability to cause regular expression denial of service.
CWE:   CWE-1333: Inefficient Regular Expression Complexity
CVSS Source:   IBM X-Force
CVSS Base score:   7.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-44981
DESCRIPTION:   Apache ZooKeeper could allow a remote attacker to bypass security restrictions, caused by a flaw when SASL Quorum Peer authentication is enabled. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass authorization and allow arbitrary endpoints to join the cluster and begin propagating counterfeit changes.
CWE:   CWE-639: Authorization Bypass Through User-Controlled Key
CVSS Source:   IBM X-Force
CVSS Base score:   8.1
CVSS Vector:   (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2021-43975
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to execute arbitrary code on the system, caused by an out-of-bounds write in hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c. By sending a specially-crafted length value using an emulate networking device, an attacker could exploit this vulnerability to execute arbitrary code or crash the system.
CWE:   CWE-787: Out-of-bounds Write
CVSS Source:   IBM X-Force
CVSS Base score:   6.7
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2022-28388
DESCRIPTION:   Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a double-free flaw in usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
CWE:   CWE-415: Double Free
CVSS Source:   IBM X-Force
CVSS Base score:   8.4
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)

CVEID:   CVE-2022-3594
DESCRIPTION:   Linux Kernel is vulnerable to a denial of service, caused by an error in the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. A remote attacker could exploit this vulnerability to cause a denial of service.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)

CVEID:   CVE-2022-3640
DESCRIPTION:   A use-after-free in the function l2cap_conn_del of the file net/bluetooth/l2cap_core.c of the component Bluetooth in Linux Kernel could allow a remote authenticated attacker from within the local network to cause an unknown impact.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)

CVEID:   CVE-2022-38457
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the vmw_cmd_res_check function in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to cause a denial of service condition.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2022-40133
DESCRIPTION:   Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a use-after-free flaw in the vmw_execbuf_tie_context function in drivers/gpu/vmxgfx/vmxgfx_execbuf.c. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges to cause a denial of service condition.
CWE:   CWE-416: Use After Free
CVSS Source:   IBM X-Force
CVSS Base score:   6.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H)

CVEID:   CVE-2022-40982
DESCRIPTION:   Multiple Intel Processors could allow a local authenticated attacker to obtain sensitive information, caused by a flaw in the microarchitectural state after transient execution in certain vector execution units. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, and use this information to launch further attacks against the affected system.
CWE:   CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source:   IBM X-Force
CVSS Base score:   6.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N)

CVEID:   CVE-2023-22067
DESCRIPTION:   An unspecified vulnerability in Java SE related to the CORBA component could allow a remote attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:   CVE-2022-40433
DESCRIPTION:   Oracle JDK (HotSpot VM) and OpenJDK (HotSpot VM) are vulnerable to a denial of service, caused by a flaw in the ciMethodBlocks::make_block_at function. By sending a specially crafted request, a remote attacker could exploit this vulnerability to cause a denial of service condition.
CWE:   CWE-20: Improper Input Validation
CVSS Source:   IBM X-Force
CVSS Base score:   7.5
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-32360
DESCRIPTION:   Apple macOS Big Sur could allow a local attacker to obtain sensitive information, caused by an authentication issue in the CUPS component. An attacker could exploit this vulnerability to obtain recently printed documents and use this information to launch further attacks against the affected system.
CWE:   CWE-287: Improper Authentication
CVSS Source:   IBM X-Force
CVSS Base score:   6.2
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)

CVEID:   CVE-2022-46751
DESCRIPTION:   Apache Ivy could allow a remote attacker to obtain sensitive information, caused by improper handling of XML external entity (XXE) declarations by the XML parser. By using a specially crafted XML content, a remote attacker could exploit this vulnerability to exfiltrate data, access resources only the machine running Ivy has access to or disturb the execution of Ivy.
CWE:   CWE-91: XML Injection (aka Blind XPath Injection)
CVSS Source:   IBM X-Force
CVSS Base score:   8.2
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:L)

CVEID:   CVE-2021-3487
DESCRIPTION:   GNU Binutils is vulnerable to a denial of service, caused by a flaw in the read_section() function in dwarf2.c in the BFD library. By persuading a victim to open a specially-crafted file, a remote attacker could exploit this vulnerability to cause excessive memory consumption.
CWE:   CWE-400: Uncontrolled Resource Consumption
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:   CVE-2022-4285
DESCRIPTION:   GNU Binutils is vulnerable to a denial of service, caused by a NULL pointer dereference in _bfd_elf_get_symbol_version_string, resulting in a segmentation fault when parsing ELF files. By persuading a victim to open a specially-crafted ELF file containing corrupt symbol version information, a remote attacker could exploit this vulnerability to cause a denial of service.
CWE:   CWE-754: Improper Check for Unusual or Exceptional Conditions
CVSS Source:   IBM X-Force
CVSS Base score:   5.5
CVSS Vector:   (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H)

CVEID:   CVE-2023-5129
DESCRIPTION:   Google Chrome is vulnerable to a heap-based buffer overflow, caused by an out-of-bounds write in the ReadHuffmanCodes() function. By persuading a victim to visit a specially crafted Web site using the color_cache_bits value, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
CWE:   CWE-122: Heap-based Buffer Overflow
CVSS Source:   IBM X-Force
CVSS Base score:   8.8
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)

CVEID:   CVE-2023-38552
DESCRIPTION:   Node.js could allow a remote attacker to bypass security restrictions, caused by the circumvention of integrity checks by the policy feature. By sending a specially crafted request, an attacker could exploit this vulnerability to bypass the experimental permission model.
CWE:   CWE-287: Improper Authentication
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:   CVE-2023-39333
DESCRIPTION:   Node.js could allow a remote attacker to gain unauthorized access to the system, caused by a code injection flaw. By using specially crafted export names in an imported WebAssembly module, an attacker could exploit this vulnerability to inject JavaScript code and gain access to restricted data and functions.
CWE:   CWE-94: Improper Control of Generation of Code ('Code Injection')
CVSS Source:   IBM X-Force
CVSS Base score:   5.3
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)

CVEID:   CVE-2023-45143
DESCRIPTION:   Node.js undici module could allow a remote authenticated attacker to obtain sensitive information, caused by the failure to clear cookie header on cross-origin redirect in fetch. By persuading a victim to visit a specially crafted Web site, an attacker could exploit this vulnerability to obtain cookie header information, and use this information to launch further attacks against the affected system.
CWE:   CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVSS Source:   IBM X-Force
CVSS Base score:   3.9
CVSS Vector:   (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:L/I:L/A:L)

CVEID:   CVE-2010-5312
DESCRIPTION:   jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using the title parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE:   CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source:   IBM X-Force
CVSS Base score:   4.3
CVSS Vector:   (AV:N/AC:M/Au:N/C:N/I:P/A:N)

CVEID:   CVE-2016-7103
DESCRIPTION:   jQuery UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the dialog function. A remote attacker could exploit this vulnerability using the 'closeText' parameter in a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE:   CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source:   IBM X-Force
CVSS Base score:   6.1
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)

CVEID:   CVE-2021-41182
DESCRIPTION:   jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the altField parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE:   CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source:   IBM X-Force
CVSS Base score:   7.2
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)

CVEID:   CVE-2021-41183
DESCRIPTION:   jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the Datepicker widget. A remote attacker could exploit this vulnerability using the Text parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE:   CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source:   IBM X-Force
CVSS Base score:   7.2
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)

CVEID:   CVE-2021-41184
DESCRIPTION:   jQuery jQuery-UI is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the .position() function. A remote attacker could exploit this vulnerability using the of parameter to inject malicious script into a Web page which would be executed in a victim's Web browser within the security context of the hosting Web site, once the page is viewed. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
CWE:   CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSS Source:   IBM X-Force
CVSS Base score:   7.2
CVSS Vector:   (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)