CVE-2023-2023
published 2023-05-30CVE-2023-2023: The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.
PriorityP336medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EXPLOIT
EPSS
1.71%
74.5th percentile
The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.
Affected
43 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| f5 | big-ip | — | — |
| funadmin | funadmin | 0 – 3.2.0 | — |
| giflib_project | giflib | >= 0 < 5.1.9-1ubuntu0.1 | 5.1.9-1ubuntu0.1 |
| giflib_project | giflib | >= 0 < 5.1.9-2ubuntu0.1 | 5.1.9-2ubuntu0.1 |
| giflib_project | giflib | >= 0 < 5.1.4-0.3~16.04.1+esm1 | 5.1.4-0.3~16.04.1+esm1 |
| giflib_project | giflib | >= 0 < 5.1.4-2ubuntu0.1+esm1 | 5.1.4-2ubuntu0.1+esm1 |
| github.com | gofiber_fiber_v2 | >= 0 < 2.50.0 | 2.50.0 |
| github.com | libp2p_go-libp2p | >= 0 < 0.27.8 | 0.27.8 |
| github.com | libp2p_go-libp2p | >= 0.28.0 < 0.28.2 | 0.28.2 |
| github.com | libp2p_go-libp2p | >= 0.29.0 < 0.29.1 | 0.29.1 |
| knative.dev | serving | >= 0 < 0.39.0 | 0.39.0 |
| kunalnagar | custom_404_pro | < 3.7.3 | 3.7.3 |
| linux | linux_kernel | >= 0 < 5.15.0-105.115 | 5.15.0-105.115 |
| linux | linux_kernel | >= 5.12.0 < 5.15.112 | 5.15.112 |
| linux | linux_kernel | >= 5.16.0 < 6.1.29 | 6.1.29 |
| linux | linux_kernel | >= 6.2.0 < 6.2.16 | 6.2.16 |
| linux | linux_kernel | >= 6.3.0 < 6.3.3 | 6.3.3 |
| msrc | cbl2_emacs_28.2-4_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_hyperv-daemons_5.15.118.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_hyperv-daemons_5.15.158.1-1_on_cbl_mariner_2.0 | — | — |
| msrc | cbl2_kernel_5.15.135.1-2_on_cbl_mariner_2.0 | — | — |
| msrc | cbl_mariner_2.0_arm | — | — |
| msrc | cbl_mariner_2.0_x64 | — | — |
| msrc | microsoft_edge | — | — |
| msrc | microsoft_office_online_server | — | — |
Detection & IOCsextracted from sources · hover to see the quote
url/wp-admin/admin.php?page=c4p-main&s={{randstr}}%22%20style=animation-name:rotation%20onanimationstart=alert(document.domain)//↗
- →Detect exploitation attempts by looking for the XSS payload pattern in the 's' query parameter on the c4p-main admin page: URL-encoded double-quote followed by style/onanimationstart attributes. ↗
- →Match HTTP responses containing both 'onanimationstart=alert(document.domain)//' and 'Custom 404 Pro' in the body with a 200 status and text/html content-type to confirm successful XSS reflection. ↗
- →The vulnerability is triggered via the 's' (search) parameter on the wp-admin Custom 404 Pro page (page=c4p-main); monitor GET requests to this endpoint for unsanitized input reflected in HTML attributes. ↗
- →Exploitation requires authentication (WordPress admin login via /wp-login.php); correlate POST to /wp-login.php followed by GET to /wp-admin/admin.php?page=c4p-main with XSS payload in the same session. ↗
- ·This is an authenticated (admin-level) reflected XSS; exploitation requires a valid WordPress session obtained via /wp-login.php before the attack request to the admin panel. ↗
- ·Affected versions are Custom 404 Pro < 3.7.3; the fix is present in version 3.7.3 and later. Detections should be scoped to sites running vulnerable plugin versions. ↗
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
osv8.8HIGH
vendor_msrc8.8CRITICAL
vendor_oracle7.5HIGH
vendor_redhat6.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
ethtool: Fix uninitialized number of lanes
osv·2025-12-09
CVE-2023-53798 ethtool: Fix uninitialized number of lanes
ethtool: Fix uninitialized number of lanes
In the Linux kernel, the following vulnerability has been resolved:
ethtool: Fix uninitialized number of lanes
It is not possible to set the number of lanes when setting link modes
using the legacy IOCTL ethtool interface. Since 'struct
ethtool_link_ksettings' is not initialized in this path, drivers receive
an uninitialized number of lanes in 'struct
ethtool_link_ksettings::lanes'.
When this information is later queried from drivers, it results in the
ethtool code making decisions based on uninitialized memory, leading to
the following KMSAN splat [1]. In practice, this most likely only
happens with the tun driver that simply returns whatever it got in the
set operation.
As far as I can tell, this uninitialized memory is not leaked to user
s
OSV
rar vulnerabilities
osv·2025-03-12·CVSS 7.5
CVE-2022-30333 rar vulnerabilities
rar vulnerabilities
It was discovered that RAR incorrectly handled certain paths. If a user or
automated system were tricked into extracting a specially crafted RAR
archive, a remote attacker could possibly use this issue to write arbitrary
files outside of the targeted directory. (CVE-2022-30333)
It was discovered that RAR incorrectly handled certain recovery volumes. If
a user or automated system were tricked into extracting a specially crafted
RAR archive, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2023-40477)
OSV
giflib vulnerabilities
osv·2024-06-10·CVSS 8.8
CVE-2021-40633 giflib vulnerabilities
giflib vulnerabilities
It was discovered that GIFLIB incorrectly handled certain GIF files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-40633, CVE-2022-28506, CVE-2023-39742)
OSV
linux, linux-aws, linux-aws-5.15, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.1
osv·2024-04-19·CVSS 6.8
linux, linux-aws, linux-aws-5.15, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.1
linux, linux-aws, linux-aws-5.15, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gcp-5.15, linux-gke, linux-gkeop, linux-gkeop-5.15, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-intel-iotg, linux-intel-iotg-5.15, linux-kvm, linux-lowlatency-hwe-5.15, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities
Daniele Antonioli discovered that the Secure Simple Pairing and Secure
Connections pairing in the Bluetooth protocol could allow an
unauthenticated user to complete authentication without pairing
credentials. A physically proximate attacker placed between two Bluetooth
devices could use this to subsequently impersonate one of the paired
devices. (CVE-2023-24023)
Several security issues were discovered in the Linux kernel.
An attacker could possibly us
GHSA
Cross-Site Request Forgery in JFinalCMS via /admin/nav/update
ghsa·2023-12-05
CVE-2023-49447 [HIGH] CWE-352 Cross-Site Request Forgery in JFinalCMS via /admin/nav/update
Cross-Site Request Forgery in JFinalCMS via /admin/nav/update
JFinalCMS v5.0.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/nav/update.
GHSA
Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
ghsa·2023-11-27
CVE-2023-48713 [MEDIUM] CWE-400 Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
Knative Serving vulnerable to attacker-controlled pod causing denial of service of autoscaler
### Summary
A vulnerability was fond in Knative Serving that could allow an attacker to crash the Knative Serving autoscaler resulting in a denial of service. The attacker would need to have compromised one pod in the Knative Serving deployment, and with that position they could launch the attack against the autoscaler.
When the autoscaler scrapes the metrics of pods, it sends a request to the `/metrics` endpoint of each pod and reads the response. The attacker would need to detect the request from the autoscaler to the `/metrics` endpoint of the pod they had compromised and send a malicious response back to the autoscaler. At this point, the autoscaler would crash. The root cause of the vulnerab
GHSA
CSRF Token Reuse Vulnerability
ghsa·2023-10-17
CVE-2023-45128 [CRITICAL] CWE-20 CSRF Token Reuse Vulnerability
CSRF Token Reuse Vulnerability
A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to inject arbitrary values without any authentication, or perform various malicious actions on behalf of an authenticated user, potentially compromising the security and integrity of the application.
## Vulnerability Details
The vulnerability is caused by improper validation and enforcement of CSRF tokens within the application. The following issues were identified:
1. **Token Injection**: For 'safe' methods, the token was extracted from the cookie and saved to storage without further validation or sanitization.
2. **Lack of
OSV
Large RSA keys can cause high resource usage in github.com/libp2p/go-libp2p
osv·2023-08-08
CVE-2023-39533 Large RSA keys can cause high resource usage in github.com/libp2p/go-libp2p
Large RSA keys can cause high resource usage in github.com/libp2p/go-libp2p
Large RSA keys can lead to resource exhaustion attacks.
With fix, the size of RSA keys transmitted during handshakes is restricted to <= 8192 bits.
GHSA
Apache Struts vulnerable to memory exhaustion
ghsa·2023-06-14
CVE-2023-34149 [MEDIUM] CWE-770 Apache Struts vulnerable to memory exhaustion
Apache Struts vulnerable to memory exhaustion
Denial of service via out of memory (OOM) owing to not properly checking of list bounds. When a Multipart request has non-file normal form fields, Struts used to bring them into memory as Strings without checking their sizes. This could lead to OOM if developer has set struts.multipart.maxSize to a value equal or greater than the available memory.
Upgrade to Struts 2.5.31 or 6.1.2.1 or greater.
GHSA
GHSA-2h88-qxq3-v97j: The Custom 404 Pro WordPress plugin before 3
ghsa_unreviewed·2023-05-30
CVE-2023-2023 [MEDIUM] CWE-79 GHSA-2h88-qxq3-v97j: The Custom 404 Pro WordPress plugin before 3
The Custom 404 Pro WordPress plugin before 3.7.3 does not escape some URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting.
GHSA
thorsten/phpmyfaq vulnerable to improper access control
ghsa·2023-04-05
CVE-2023-1883 [MEDIUM] CWE-284 thorsten/phpmyfaq vulnerable to improper access control
thorsten/phpmyfaq vulnerable to improper access control
thorsten/phpmyfaq prior to 3.1.12 is vulnerable to improper access control when FAQ News is marked as inactive in settings and have comments enabled, allowing comments to be posted on inactive FAQs. This has been fixed in 3.1.12.
OSV
linux-bluefield vulnerabilities
osv·2023-04-05·CVSS 5.5
CVE-2023-0461 linux-bluefield vulnerabilities
linux-bluefield vulnerabilities
It was discovered that the Upper Level Protocol (ULP) subsystem in the
Linux kernel did not properly handle sockets entering the LISTEN state in
certain protocols, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-0461)
It was discovered that the NVMe driver in the Linux kernel did not properly
handle reset events in some situations. A local attacker could use this to
cause a denial of service (system crash). (CVE-2022-3169)
It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
c
GHSA
SQL Injection in Funadmin
ghsa·2023-03-08
CVE-2023-24773 [CRITICAL] CWE-89 SQL Injection in Funadmin
SQL Injection in Funadmin
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list.
Red Hat
kernel: dmaengine: ptdma: check for null desc before calling pt_cmd_callback
vendor_redhat·2025-12-08·CVSS 4.7
CVE-2023-53755 [MEDIUM] CWE-476 kernel: dmaengine: ptdma: check for null desc before calling pt_cmd_callback
kernel: dmaengine: ptdma: check for null desc before calling pt_cmd_callback
In the Linux kernel, the following vulnerability has been resolved:
dmaengine: ptdma: check for null desc before calling pt_cmd_callback
Resolves a panic that can occur on AMD systems, typically during host
shutdown, after the PTDMA driver had been exercised. The issue was
the pt_issue_pending() function is mistakenly assuming that there will
be at least one descriptor in the Submitted queue when the function
is called. However, it is possible that both the Submitted and Issued
queues could be empty, which could result in pt_cmd_callback() being
mistakenly called with a NULL pointer.
Ref: Bugzilla Bug 216856.
AMD PTDMA (Pass-Through DMA) engine crashes the kernel when pt_issue_pending() encounters empty descript
Red Hat
kernel: btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
vendor_redhat·2025-09-15·CVSS 5.5
CVE-2023-53247 [MEDIUM] CWE-367 kernel: btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
kernel: btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
In the Linux kernel, the following vulnerability has been resolved:
btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand
While trying to get the subpage blocksize tests running, I hit the
following panic on generic/476
assertion failed: PagePrivate(page) && page->private, in fs/btrfs/subpage.c:229
kernel BUG at fs/btrfs/subpage.c:229!
Internal error: Oops - BUG: 00000000f2000800 [#1] SMP
CPU: 1 PID: 1453 Comm: fsstress Not tainted 6.4.0-rc7+ #12
Hardware name: QEMU KVM Virtual Machine, BIOS edk2-20230301gitf80f052277c8-26.fc38 03/01/2023
pstate: 61400005 (nZCv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)
pc : btrfs_subpage_assert+0xbc/0xf0
lr : btrfs_subpage_assert+0xbc/0xf0
Call trace:
btrfs_subpage_as
F5
CVE-2023-50170: Rejected reason: This is unused
vendor_f5·2024-02-14
CVE-2023-50170 CVE-2023-50170: Rejected reason: This is unused
CVE-2023-50170: Rejected reason: This is unused
Rejected reason: This is unused.
Red Hat
resque: Reflected XSS in Queue Endpoint
vendor_redhat·2023-12-19·CVSS 6.3
CVE-2023-50727 [MEDIUM] CWE-79 resque: Reflected XSS in Queue Endpoint
resque: Reflected XSS in Queue Endpoint
Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. Reflected XSS issue occurs when /queues is appended with /">. This issue has been patched in version 2.6.0.
A cross-site scripting flaw was found in Resque due to improper validation of user-supplied input by the Queue Endpoint. This issue could allow a remote authenticated attacker to use a specially crafted URL to execute script in a victim's web browser within the security context of the hosting web site once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.
Package: 3scale-amp-backend-container (Red Hat 3scale API Management Platform 2) - Will n
Oracle
Oracle Oracle Financial Services Applications Risk Matrix: Installer (Apache Commons FileUpload) — CVE-2023-24998
vendor_oracle·2023-10-15·CVSS 7.5
CVE-2023-24998 [HIGH] Oracle Oracle Financial Services Applications Risk Matrix: Installer (Apache Commons FileUpload) — CVE-2023-24998
Oracle Oracle Financial Services Applications Risk Matrix: Installer (Apache Commons FileUpload) vulnerability
CVE: CVE-2023-24998
CVSS: 7.5
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpuoct2023 (OCT 2023)
Microsoft
Kernel: vmwgfx: double free within the handling of vmw_buffer_object objects
vendor_msrc·2023-07-11·CVSS 6.7
CVE-2023-33952 [MEDIUM] CWE-415 Kernel: vmwgfx: double free within the handling of vmw_buffer_object objects
Kernel: vmwgfx: double free within the handling of vmw_buffer_object objects
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will update the CVE to reflect this.
Mariner: Mariner
redhat: redhat
Customer Action Required: Yes
Remediation: CBL-Mariner Releases
R
Microsoft
In __efi_rt_asm_wrapper of efi-rt-wrapper.S there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional
vendor_msrc·2023-05-09·CVSS 7.8
CVE-2023-21102 [HIGH] CWE-754 In __efi_rt_asm_wrapper of efi-rt-wrapper.S there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional
In __efi_rt_asm_wrapper of efi-rt-wrapper.S there is a possible bypass of shadow stack protection due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-260821414References: Upstream kernel
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work
Microsoft
Chromium: CVE-2023-2033 Type Confusion in V8
vendor_msrc·2023-04-11·CVSS 8.8
CVE-2023-2033 [HIGH] Chromium: CVE-2023-2033 Type Confusion in V8
Chromium: CVE-2023-2033 Type Confusion in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
Google is aware that an exploit for CVE-2023-2033 exists in the wild.
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
Cl
Microsoft
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification.
vendor_msrc·2023-03-14·CVSS 7.8
CVE-2023-27985 [HIGH] CWE-78 emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification.
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification. It is fixed in 29.0.90
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identif
Microsoft
Microsoft Excel Denial of Service Vulnerability
vendor_msrc·2023-03-14·CVSS 6.5
CVE-2023-23396 [MEDIUM] CWE-400 Microsoft Excel Denial of Service Vulnerability
Microsoft Excel Denial of Service Vulnerability
FAQ: How could an attacker exploit this vulnerability?
The attacker could exploit this vulnerability by convincing a victim to open a specially crafted XLSX file which when opened would cause a denial-of-service condition for other processes running on that machine.
FAQ: Is the Preview Pane an attack vector for this vulnerability?
No, the Preview Pane is not an attack vector.
FAQ: According to the CVSS metric, the attack vector is network (AV:N). What does that mean for this vulnerability?
An attacker could trigger this vulnerability by convincing a victim to access a malicious file via a network connection or by downloading and opening the malicious file locally. In the worst case scenario, the malicious file could be triggered with a web
No detection rules found.
Nuclei
Custom 404 Pro < 3.7.3 - Cross-Site Scripting
nuclei·CVSS 6.1
CVE-2023-2023 [MEDIUM] Custom 404 Pro < 3.7.3 - Cross-Site Scripting
Custom 404 Pro < 3.7.3 - Cross-Site Scripting
Custom 404 Pro before 3.7.3 is susceptible to cross-site scripting via the search parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
Template:
id: CVE-2023-2023
info:
name: Custom 404 Pro < 3.7.3 - Cross-Site Scripting
author: r3Y3r53
severity: medium
description: |
Custom 404 Pro before 3.7.3 is susceptible to cross-site scripting via the search parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context
Nuclei
Adobe ColdFusion - Access Control Bypass
nuclei·CVSS 7.5
CVE-2023-38205 [HIGH] Adobe ColdFusion - Access Control Bypass
Adobe ColdFusion - Access Control Bypass
There is an access control bypass vulnerability in Adobe ColdFusion versions 2023 Update 2 and below, 2021 Update 8 and below and 2018 update 18 and below, which allows a remote attacker to bypass the ColdFusion mechanisms that restrict unauthenticated external access to ColdFusion's Administrator.
Template:
id: CVE-2023-38205
info:
name: Adobe ColdFusion - Access Control Bypass
author: DhiyaneshDk
severity: high
description: |
There is an access control bypass vulnerability in Adobe ColdFusion versions 2023 Update 2 and below, 2021 Update 8 and below and 2018 update 18 and below, which allows a remote attacker to bypass the ColdFusion mechanisms that restrict unauthenticated external access to ColdFusion's Administrator.
impact: |
Successful ex
Greynoiseio
NoiseLetter December 2025
blogs_greynoiseio·CVSS 10.0
[CRITICAL] NoiseLetter December 2025
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
Wiz
CVE-2023-54047 Impact, Exploitability, and Mitigation Steps | Wiz
blogs_wiz
CVE-2023-54047 CVE-2023-54047 Impact, Exploitability, and Mitigation Steps | Wiz
## CVE-2023-54047 :
Linux Kernel vulnerability analysis and mitigation
In the Linux kernel, the following vulnerability has been resolved:
drm/rockchip: dw_hdmi: cleanup drm encoder during unbind
This fixes a use-after-free crash during rmmod.
The DRM encoder is embedded inside the larger rockchip_hdmi,
which is allocated with the component. The component memory
gets freed before the main drm device is destroyed. Fix it
by running encoder cleanup before tearing down its container.
[moved encoder cleanup above clk_disable, similar to bind-error-path]
Source : NVD
Published December 24, 2025
CNA Score N/A
Affected Technologies
Linux Kernel
Linux Debian
Has Public Exploit No
Has CISA KEV Exploit No
CISA KEV Release Date N/A
CISA KEV Due Date N/A
Exploitation Probability Perce
Bugzilla
CVE-2023-52684 kernel: firmware: qcom: qseecom: fix memory leaks in error paths
bugzilla·2024-05-18·CVSS 5.5
CVE-2023-52684 [MEDIUM] CVE-2023-52684 kernel: firmware: qcom: qseecom: fix memory leaks in error paths
CVE-2023-52684 kernel: firmware: qcom: qseecom: fix memory leaks in error paths
In the Linux kernel, the following vulnerability has been resolved:
firmware: qcom: qseecom: fix memory leaks in error paths
The Linux kernel CVE team has assigned CVE-2023-52684 to this issue.
Upstream advisory:
https://lore.kernel.org/linux-cve-announce/2024051752-CVE-2023-52684-8d25@gregkh/T
Discussion:
Created kernel tracking bugs for this issue:
Affects: fedora-all [bug 2281316]
---
The result of automatic check (that is developed by Alexander Larkin) for this CVE-2023-52684 is: SKIP No affected files built, so skip this CVE NO - - unknown (where first YES/NO value means if related sources built).
2023-05-30
Published