CVEs from 2023
Total
6,107
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33204 | medium | — | 5.5 | 3y ago | RHSA-2023:7010: sysstat security and bug fix update (Moderate) | |||
| CVE-2023-53705 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6_find_tlv() optlen is fetched without checking whether there is more than one byte to parse… | |||
| CVE-2023-1786 | medium | — | 5.5 | 3y ago | RHSA-2023:6943: cloud-init security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-28642 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-27561 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-25809 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-54004 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: udplite: Fix NULL pointer dereference in __sk_mem_raise_allocated(). syzbot reported [0] a null-ptr-deref in sk_get_rmem0() while… | |||
| CVE-2023-53089 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix task hung in ext4_xattr_delete_inode Syzbot reported a hung task problem: =============================================… | |||
| CVE-2023-54057 | medium | — | 5.5 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Add a length limitation for the ivrs_acpihid command-line parameter The 'acpiid' buffer in the parse_ivrs_acpihid func… | |||
| CVE-2023-38197 | medium | — | 5.5 | 3y ago | An issue was discovered in Qt before 5.15.15, 6.x before 6.2.10, and 6.3.x through 6.5.x before 6.5.3. There are infinite loops in recursive entity expansion. | |||
| CVE-2023-2680 | medium | — | 5.5 | 3y ago | This CVE exists because of an incomplete fix for CVE-2021-3750. More specifically, the qemu-kvm package as released for Red Hat Enterprise Linux 9.1 via RHSA-2022:7967 included a version of qemu-kvm … | |||
| CVE-2023-2283 | medium | — | 5.5 | 3y ago | RHSA-2023:3839: libssh security update (Moderate) | |||
| CVE-2023-34410 | medium | — | 5.5 | 3y ago | An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.2. Certificate validation for TLS does not always consider whether the root of a chain is a configur… | |||
| CVE-2023-28625 | medium | — | 5.5 | 3y ago | RHSA-2023:6940: mod_auth_openidc:2.3 security and bug fix update (Moderate) | |||
| CVE-2023-26769 | medium | — | 5.5 | 3y ago | Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c. | |||
| CVE-2023-26768 | medium | — | 5.5 | 3y ago | Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions. | |||
| CVE-2023-38711 | medium | — | 5.5 | 3y ago | RHSA-2023:7052: libreswan security update (Moderate) | |||
| CVE-2023-28370 | medium | — | 5.5 | 3y ago | Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user acc… | |||
| CVE-2023-44271 | medium | — | 5.5 | 3y ago | RHSA-2024:3005: python-pillow security update (Moderate) | |||
| CVE-2023-0567 | medium | — | 5.5 | 3y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2023-0568 | medium | — | 5.5 | 3y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2023-3247 | medium | — | 5.5 | 3y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2023-3824 | medium | — | 5.5 | 3y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2023-3823 | medium | — | 5.5 | 3y ago | RHSA-2024:10952: php:7.4 security update (Moderate) | |||
| CVE-2023-22025 | medium | — | 5.5 | 3y ago | RHSA-2023:6887: java-21-openjdk security and bug fix update (Moderate) | |||
| CVE-2023-22067 | medium | — | 5.5 | 3y ago | RHSA-2024:0866: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2023-29409 | medium | — | 5.5 | 3y ago | Moderate: container-tools:rhel8 security update | |||
| CVE-2023-39323 | medium | — | 5.5 | 3y ago | RHBA-2023:6928: go-toolset:rhel8 bug fix and enhancement update (Moderate) | |||
| CVE-2023-36799 | medium | — | 5.5 | 3y ago | RHSA-2023:6247: .NET 7.0 security update (Moderate) | |||
| CVE-2023-38200 | medium | — | 5.5 | 3y ago | Moderate: keylime security update | |||
| CVE-2023-2602 | medium | — | 5.5 | 3y ago | RHSA-2023:4524: libcap security update (Moderate) | |||
| CVE-2023-38201 | medium | — | 5.5 | 3y ago | Moderate: keylime security update | |||
| CVE-2023-20593 | medium | — | 5.5 | 3y ago | Moderate: linux-firmware security update | |||
| CVE-2023-38633 | medium | — | 5.5 | 3y ago | Moderate: librsvg2 security update | |||
| CVE-2023-2603 | medium | — | 5.5 | 3y ago | RHSA-2023:4524: libcap security update (Moderate) | |||
| CVE-2023-30630 | medium | — | 5.5 | 3y ago | RHSA-2023:5252: dmidecode security update (Moderate) | |||
| CVE-2023-29303 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker c… | |||
| CVE-2023-38245 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulner… | |||
| CVE-2023-38238 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use-After-Free vulnerability that could lead to disclosure of sensitive memory. An attacker c… | |||
| CVE-2023-38236 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attac… | |||
| CVE-2023-38235 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attac… | |||
| CVE-2023-34969 | medium | — | 5.5 | 3y ago | D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor … | |||
| CVE-2023-28322 | medium | — | 5.5 | 3y ago | An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even whe… | |||
| CVE-2023-32681 | medium | — | 5.5 | 3y ago | Moderate: python-requests security update | |||
| CVE-2023-30079 | medium | — | 5.5 | 3y ago | Moderate: libeconf security update | |||
| CVE-2023-28321 | medium | — | 5.5 | 3y ago | An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl… | |||
| CVE-2023-22652 | medium | — | 5.5 | 3y ago | Moderate: libeconf security update | |||
| CVE-2023-29469 | medium | — | 5.5 | 3y ago | An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various l… | |||
| CVE-2023-28484 | medium | — | 5.5 | 3y ago | In libxml2 before 2.10.4, parsing of certain invalid XSD schemas can lead to a NULL pointer dereference and subsequently a segfault. This occurs in xmlSchemaFixupComplexType in xmlschemas.c. | |||
| CVE-2023-3347 | medium | — | 5.5 | 3y ago | RHSA-2023:4328: samba security and bug fix update (Moderate) | |||
| CVE-2023-30581 | medium | — | 5.5 | 3y ago | Moderate: nodejs:18 security, bug fix, and enhancement update | |||
| CVE-2023-30589 | medium | — | 5.5 | 3y ago | Moderate: nodejs:18 security, bug fix, and enhancement update | |||
| CVE-2023-30588 | medium | — | 5.5 | 3y ago | Moderate: nodejs:18 security, bug fix, and enhancement update | |||
| CVE-2023-30590 | medium | — | 5.5 | 3y ago | Moderate: nodejs:18 security, bug fix, and enhancement update | |||
| CVE-2023-25193 | medium | — | 5.5 | 3y ago | RHSA-2024:2980: harfbuzz security update (Moderate) | |||
| CVE-2023-22044 | medium | — | 5.5 | 3y ago | RHSA-2023:4159: java-17-openjdk security and bug fix update (Moderate) | |||
| CVE-2023-3128 | medium | — | 5.5 | 3y ago | RHSA-2023:6972: grafana security and enhancement update (Moderate) | |||
| CVE-2023-33162 | medium | 5.5 | 5.5 | 3y ago | Microsoft Excel Information Disclosure Vulnerability | |||
| CVE-2023-36617 | medium | — | 5.5 | 3y ago | RHSA-2024:4499: ruby security update (Moderate) | |||
| CVE-2023-26604 | medium | — | 5.5 | 3y ago | systemd before 247 does not adequately block local privilege escalation for some Sudo configurations, e.g., plausible sudoers files in which the "systemctl status" command may be executed. Specifical… | |||
| CVE-2023-0801 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-0797 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-0796 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-28466 | medium | — | 5.5 | 3y ago | do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | |||
| CVE-2023-0798 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-2455 | medium | — | 5.5 | 3y ago | Moderate: postgresql:15 security update | |||
| CVE-2023-2454 | medium | — | 5.5 | 3y ago | Moderate: postgresql:15 security update | |||
| CVE-2023-0465 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-2700 | medium | — | 5.5 | 3y ago | RHSA-2023:3822: virt:rhel and virt-devel:rhel security and bug fix update (Moderate) | |||
| CVE-2023-0466 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-2650 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-0464 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-0803 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-0800 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-0802 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-1255 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-0795 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-0804 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-0799 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-24540 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-29400 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24534 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24538 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24539 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24536 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24537 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-25563 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-25564 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-25565 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-25566 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-25567 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-23936 | medium | — | 5.5 | 3y ago | RHSA-2023:1583: nodejs:18 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-30775 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-23919 | medium | — | 5.5 | 3y ago | RHSA-2023:1583: nodejs:18 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-52340 | medium | — | 5.5 | 3y ago | The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when… | |||
| CVE-2023-24807 | medium | — | 5.5 | 3y ago | RHSA-2023:1583: nodejs:18 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-30774 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-30086 | medium | — | 5.5 | 3y ago | Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. | |||
| CVE-2023-1018 | medium | — | 5.5 | 3y ago | RHSA-2023:2757: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-0664 | medium | — | 5.5 | 3y ago | A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their p… |