CVEs from 2023
Total
6,120
critical
critical 239
high
high 1,503
medium
medium 1,409
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-44487 | high | 7.5 | 10.0 | 3y ago | The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. | |||
| CVE-2023-4911 | high | 7.8 | 10.0 | 3y ago | GNU C Library's dynamic loader ld.so contains a buffer overflow vulnerability when processing the GLIBC_TUNABLES environment variable, allowing a local attacker to execute code with elevated privileg… | |||
| CVE-2023-0386 | high | — | 10.0 | 3y ago | Linux Kernel contains an improper ownership management vulnerability, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsyst… | |||
| CVE-2023-1998 | high | — | 9.0 | 3y ago | The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that… | |||
| CVE-2023-22809 | high | — | 9.0 | 3y ago | In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments passed in the user-provided environment variables (SUDO_EDITOR, VISUAL, and EDITOR), allowing a local attacker to app… | |||
| CVE-2023-33148 | high | 7.8 | 8.8 | 3y ago | Microsoft Office Elevation of Privilege Vulnerability | |||
| CVE-2023-6710 | medium | — | 6.5 | 2y ago | Moderate: mod_jk and mod_proxy_cluster security update |