CVE-2023-1762
published 2023-03-31CVE-2023-1762: Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
PriorityP345high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.88%
54.4th percentile
Improper Privilege Management in GitHub repository thorsten/phpmyfaq prior to 3.1.12.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| phpmyfaq | phpmyfaq | < 3.1.12 | 3.1.12 |
| thorsten | phpmyfaq | >= 0 < 3.1.12 | 3.1.12 |
| thorsten | thorsten_phpmyfaq | >= unspecified < 3.1.12 | 3.1.12 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.07.2HIGHCVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
vendor_redhat5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
thorsten/phpmyfaq vulnerable privilege escalation from improper privilege management
ghsa·2023-03-31
CVE-2023-1762 [HIGH] CWE-269 thorsten/phpmyfaq vulnerable privilege escalation from improper privilege management
thorsten/phpmyfaq vulnerable privilege escalation from improper privilege management
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to privilege escalation from improper privilege management. Any user with the ability to add a new user can create a user with super admin rights. This has been fixed in 3.1.12.
OSV
thorsten/phpmyfaq vulnerable privilege escalation from improper privilege management
osv·2023-03-31
CVE-2023-1762 [HIGH] thorsten/phpmyfaq vulnerable privilege escalation from improper privilege management
thorsten/phpmyfaq vulnerable privilege escalation from improper privilege management
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to privilege escalation from improper privilege management. Any user with the ability to add a new user can create a user with super admin rights. This has been fixed in 3.1.12.
Red Hat
kernel: drm/amdgpu: unmap and remove csa_va properly
vendor_redhat·2025-10-04·CVSS 5.5
CVE-2023-53545 [MEDIUM] CWE-366 kernel: drm/amdgpu: unmap and remove csa_va properly
kernel: drm/amdgpu: unmap and remove csa_va properly
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: unmap and remove csa_va properly
Root PD BO should be reserved before unmap and remove
a bo_va from VM otherwise lockdep will complain.
v2: check fpriv->csa_va is not NULL instead of amdgpu_mcbp (christian)
[14616.936827] WARNING: CPU: 6 PID: 1711 at drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c:1762 amdgpu_vm_bo_del+0x399/0x3f0 [amdgpu]
[14616.937096] Call Trace:
[14616.937097]
[14616.937102] amdgpu_driver_postclose_kms+0x249/0x2f0 [amdgpu]
[14616.937187] drm_file_free+0x1d6/0x300 [drm]
[14616.937207] drm_close_helper.isra.0+0x62/0x70 [drm]
[14616.937220] drm_release+0x5e/0x100 [drm]
[14616.937234] __fput+0x9f/0x280
[14616.937239] ____fput+0xe/0x20
[14616.937241]
No detection rules found.
No public exploits indexed.
arXiv
Real-World Usability of Vulnerability Proof-of-Concepts: A Comprehensive Study
arxiv_fulltext·2025-10-21
Real-World Usability of Vulnerability Proof-of-Concepts: A Comprehensive Study
Real-World Usability of Vulnerability Proof-of-Concepts: A Comprehensive Study
Wenjing Dang, Kaixuan Li, Member, IEEE, Sen Chen, Member, IEEE, Zhenwei Zhuo, \ Zhang, Member, IEEE, and Zheli Liu, Member, IEEE
Wenjing Dang and Kaixuan Li contributed equally to this work.
Wenjing Dang and Zhenwei Zhuo are with the College of Intelligence and Computing, Tianjin University, China. Kaixuan Li and Lyuye Zhang are with the Nanyang Technological University, Singapore. Sen Chen (Corresponding author) and Zheli Liu are with the Nankai University, China. (email: [email protected]; [email protected]; [email protected]; [email protected]; [email protected]; [email protected])
## Abstract
The Proof-of-Concept (PoC) for a vulnerability is crucial in validating its existence, m
Bugzilla
CVE-2023-53545 kernel: drm/amdgpu: unmap and remove csa_va properly
bugzilla·2025-10-04·CVSS 5.5
CVE-2023-53545 [MEDIUM] CVE-2023-53545 kernel: drm/amdgpu: unmap and remove csa_va properly
CVE-2023-53545 kernel: drm/amdgpu: unmap and remove csa_va properly
In the Linux kernel, the following vulnerability has been resolved:
drm/amdgpu: unmap and remove csa_va properly
Root PD BO should be reserved before unmap and remove
a bo_va from VM otherwise lockdep will complain.
v2: check fpriv->csa_va is not NULL instead of amdgpu_mcbp (christian)
[14616.936827] WARNING: CPU: 6 PID: 1711 at drivers/gpu/drm/amd/amdgpu/amdgpu_vm.c:1762 amdgpu_vm_bo_del+0x399/0x3f0 [amdgpu]
[14616.937096] Call Trace:
[14616.937097]
[14616.937102] amdgpu_driver_postclose_kms+0x249/0x2f0 [amdgpu]
[14616.937187] drm_file_free+0x1d6/0x300 [drm]
[14616.937207] drm_close_helper.isra.0+0x62/0x70 [drm]
[14616.937220] drm_release+0x5e/0x100 [drm]
[14616.937234] __fput+0x9f/0x280
[14616.937239] ____fput+0xe/0
2023-03-31
Published