CVE-2023-5978

HIGH Year: 2023
CVSS v3 Score
7.5
High
Weakness Type
CWE-269
View all →

Vulnerability Description

In versions of FreeBSD 13-RELEASE before 13-RELEASE-p5, under certain circumstances the cap_net libcasper(3) service incorrectly validates that updated constraints are strictly subsets of the active constraints. When only a list of resolvable domain names was specified without setting any other limitations, an application could submit a new list of domains including include entries not previously listed. This could permit the application to resolve domain names that were previously restricted.

Related Vulnerabilities

CVE-2012-5663

HIGH
CVSS:7.5(High)

The isearch package (textproc/isearch) before 1.47.01nb1 uses the tempnam() function to create insecure temporary files into a publicly-writable area (/tmp).

CWE-2692012

CVE-2015-8467

HIGH
CVSS:7.5(High)

The samldb_check_user_account_control_acl function in dsdb/samdb/ldb_modules/samldb.c in Samba 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 does not properly check for administrative ...

CWE-2692015

CVE-2017-16520

HIGH
CVSS:7.5(High)

Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners.

CWE-2692017

CVE-2017-5722

HIGH
CVSS:7.5(High)

Incorrect policy enforcement in system firmware for Intel NUC7i3BNK, NUC7i3BNH, NUC7i5BNK, NUC7i5BNH, NUC7i7BNH versions BN0049 and below allows attackers with local or physical access to bypass enfor...

CWE-2692017

CVE-2017-7803

HIGH
CVSS:7.5(High)

When a page's content security policy (CSP) header contains a "sandbox" directive, other directives are ignored. This results in the incorrect enforcement of CSP. This vulnerability affects Thunderbir...

CWE-2692017