CVEs from 2023
Total
6,091
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-53636 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: microchip: fix potential UAF in auxdev release callback Similar to commit 1c11289b34ab ("peci: cpu: Fix use-after-free in ad… | |||
| CVE-2023-53642 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86: fix clear_user_rep_good() exception handling annotation This code no longer exists in mainline, because it was removed in co… | |||
| CVE-2023-53644 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: radio-shark: Add endpoint checks The syzbot fuzzer was able to provoke a WARNING from the radio-shark2 driver: ----------… | |||
| CVE-2023-53650 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a… | |||
| CVE-2023-53658 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hif_mspi nor mspi is available If neither a "hif_mspi" nor "mspi" resource is present, the… | |||
| CVE-2023-53668 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Fix deadloop issue on reading trace_pipe Soft lockup occurs when reading file 'trace_pipe': watchdog: BUG: soft l… | |||
| CVE-2023-53672 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: output extra debug info if we failed to find an inline backref [BUG] Syzbot reported several warning triggered inside look… | |||
| CVE-2023-53693 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix the memory leak in raw_gadget driver Currently, increasing raw_dev->count happens before invoke the raw_queue_ev… | |||
| CVE-2023-53694 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: riscv: ftrace: Fixup panic by disabling preemption In RISCV, we must use an AUIPC + JALR pair to encode an immediate, forming a j… | |||
| CVE-2023-53707 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an int… | |||
| CVE-2023-53712 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ARM: 9317/1: kexec: Make smp stop calls asynchronous If a panic is triggered by a hrtimer interrupt all online cpus will be notif… | |||
| CVE-2023-53725 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clocksource/drivers/cadence-ttc: Fix memory leak in ttc_timer_probe Smatch reports: drivers/clocksource/timer-cadence-ttc.c:529 t… | |||
| CVE-2023-53759 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidraw_open() function increments the hidraw device reference counter. The coun… | |||
| CVE-2023-53758 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove() An early error exit in atmel_qspi_remove() doesn't … | |||
| CVE-2023-42114 | unknown | — | — | — | Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentica… | |||
| CVE-2023-42115 | unknown | — | — | — | Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not requir… | |||
| CVE-2023-42117 | unknown | — | — | — | Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentic… | |||
| CVE-2023-42119 | unknown | — | — | — | Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentic… | |||
| CVE-2023-1193 | unknown | — | — | — | A use-after-free flaw was found in setup_async_work in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. This issue could allow an attacker to crash the system by a… | |||
| CVE-2023-2007 | unknown | — | — | — | The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction … | |||
| CVE-2023-20941 | unknown | — | — | — | In acc_ctrlrequest_composite of f_accessory.c, there is a possible out of bounds write due to a missing bounds check. This could lead to physical escalation of privilege with no additional execution … | |||
| CVE-2023-21264 | unknown | — | — | — | In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with Syst… | |||
| CVE-2023-21400 | unknown | — | — | — | In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privil… | |||
| CVE-2023-22995 | unknown | — | — | — | In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls. | |||
| CVE-2023-22996 | unknown | — | — | — | In the Linux kernel before 5.17.2, drivers/soc/qcom/qcom_aoss.c does not release an of_find_device_by_node reference after use, e.g., with put_device. | |||
| CVE-2023-22999 | unknown | — | — | — | In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an err… | |||
| CVE-2023-23002 | unknown | — | — | — | In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error p… | |||
| CVE-2023-23003 | unknown | — | — | — | In the Linux kernel before 5.16, tools/perf/util/expr.c lacks a check for the hashmap__new return value. | |||
| CVE-2023-23004 | unknown | — | — | — | In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | |||
| CVE-2023-23005 | unknown | — | — | — | In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is di… | |||
| CVE-2023-23006 | unknown | — | — | — | In the Linux kernel before 5.15.13, drivers/net/ethernet/mellanox/mlx5/core/steering/dr_domain.c misinterprets the mlx5_get_uars_page return value (expects it to be NULL in the error case, whereas it… | |||
| CVE-2023-2430 | unknown | — | — | — | A vulnerability was found due to missing lock for IOPOLL flaw in io_cqring_event_overflow() in io_uring.c in Linux Kernel. This flaw allows a local attacker with user privilege to trigger a Denial of… | |||
| CVE-2023-26544 | unknown | — | — | — | In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size. | |||
| CVE-2023-26607 | unknown | — | — | — | In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. | |||
| CVE-2023-26606 | unknown | — | — | — | In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c. | |||
| CVE-2023-28327 | unknown | — | — | — | A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This… | |||
| CVE-2023-2860 | unknown | — | — | — | An out-of-bounds read vulnerability was found in the SR-IPv6 implementation in the Linux kernel. The flaw exists within the processing of seg6 attributes. The issue results from the improper validati… | |||
| CVE-2023-3006 | unknown | — | — | — | A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malic… | |||
| CVE-2023-31085 | unknown | — | — | — | An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize), used indirectly by ctrl_cdev_ioctl, when mtd->erasesize is 0. | |||
| CVE-2023-32253 | unknown | — | — | — | A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service. | |||
| CVE-2023-3312 | unknown | — | — | — | A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of servi… | |||
| CVE-2023-32269 | unknown | — | — | — | An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, … | |||
| CVE-2023-3317 | unknown | — | — | — | A use-after-free flaw was found in mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c in wifi mt76/mt7921 sub-component in the Linux Kernel. This flaw could allow an … | |||
| CVE-2023-34324 | unknown | — | — | — | Closing of an event channel in the Linux kernel can result in a deadlock. This happens when the close is being performed in parallel to an unrelated Xen console action and the handling of a Xen conso… | |||
| CVE-2023-34319 | unknown | — | — | — | The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic intro… | |||
| CVE-2023-35829 | unknown | — | — | — | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c. | |||
| CVE-2023-37454 | unknown | — | — | — | An issue was discovered in the Linux kernel through 6.4.2. A crafted UDF filesystem image causes a use-after-free write operation in the udf_put_super and udf_close_lvid functions in fs/udf/super.c. … | |||
| CVE-2023-38430 | unknown | — | — | — | An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. | |||
| CVE-2023-39179 | unknown | — | — | — | A flaw was found within the handling of SMB2 read requests in the kernel ksmbd module. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the … | |||
| CVE-2023-39197 | unknown | — | — | — | An out-of-bounds read vulnerability was found in Netfilter Connection Tracking (conntrack) in the Linux kernel. This flaw allows a remote user to disclose sensitive information via the DCCP protocol. | |||
| CVE-2023-0128 | unknown | — | — | — | Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap c… | |||
| CVE-2023-0129 | unknown | — | — | — | Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a … | |||
| CVE-2023-0130 | unknown | — | — | — | Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. … | |||
| CVE-2023-0134 | unknown | — | — | — | Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption… | |||
| CVE-2023-0131 | unknown | — | — | — | Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security se… | |||
| CVE-2023-0135 | unknown | — | — | — | Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database corruption… | |||
| CVE-2023-4394 | unknown | — | — | — | A use-after-free flaw was found in btrfs_get_dev_args_from_path in fs/btrfs/volumes.c in btrfs file-system in the Linux Kernel. This flaw allows a local attacker with special privileges to cause a sy… | |||
| CVE-2023-0136 | unknown | — | — | — | Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium secu… | |||
| CVE-2023-0137 | unknown | — | — | — | Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corrup… | |||
| CVE-2023-0139 | unknown | — | — | — | Insufficient validation of untrusted input in Downloads in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to bypass download restrictions via a crafted HTML page. (Chromium… | |||
| CVE-2023-4569 | unknown | — | — | — | A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause double-deactivations of catchall elements, … | |||
| CVE-2023-0141 | unknown | — | — | — | Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-0699 | unknown | — | — | — | Use after free in GPU in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page and browser shutdown. (Chromium security severit… | |||
| CVE-2023-0471 | unknown | — | — | — | Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-0698 | unknown | — | — | — | Out of bounds read in WebRTC in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-0701 | unknown | — | — | — | Heap buffer overflow in WebUI in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via U… | |||
| CVE-2023-4611 | unknown | — | — | — | A use-after-free flaw was found in mm/mempolicy.c in the memory management subsystem in the Linux Kernel. This issue is caused by a race between mbind() and VMA-locked page fault, and may allow a loc… | |||
| CVE-2023-0472 | unknown | — | — | — | Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-0473 | unknown | — | — | — | Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Med… | |||
| CVE-2023-52429 | unknown | — | — | — | dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioct… | |||
| CVE-2023-46343 | unknown | — | — | — | In the Linux kernel before 6.5.9, there is a NULL pointer dereference in send_acknowledge in net/nfc/nci/spi.c. | |||
| CVE-2023-0474 | unknown | — | — | — | Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web … | |||
| CVE-2023-0696 | unknown | — | — | — | Type confusion in V8 in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-0697 | unknown | — | — | — | Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 110.0.5481.77 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromi… | |||
| CVE-2023-5158 | unknown | — | — | — | A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero lengt… | |||
| CVE-2023-0700 | unknown | — | — | — | Inappropriate implementation in Download in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to potentially spoof the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromiu… | |||
| CVE-2023-52443 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: avoid crash when parsed profile name is empty When processing a packed profile in unpack_profile() described like "pr… | |||
| CVE-2023-0941 | unknown | — | — | — | Use after free in Prompts in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical) | |||
| CVE-2023-0704 | unknown | — | — | — | Insufficient policy enforcement in DevTools in Google Chrome prior to 110.0.5481.77 allowed a remote attacker to bypass same origin policy and proxy settings via a crafted HTML page. (Chromium securi… | |||
| CVE-2023-0928 | unknown | — | — | — | Use after free in SwiftShader in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-1812 | unknown | — | — | — | Out of bounds memory access in DOM Bindings in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severi… | |||
| CVE-2023-0705 | unknown | — | — | — | Integer overflow in Core in Google Chrome prior to 110.0.5481.77 allowed a remote attacker who had one a race condition to potentially exploit heap corruption via a crafted HTML page. (Chromium secur… | |||
| CVE-2023-0927 | unknown | — | — | — | Use after free in Web Payments API in Google Chrome on Android prior to 110.0.5481.177 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a … | |||
| CVE-2023-52438 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in shinker's callback The mmap read lock is used during the shrinker's callback, which means that usin… | |||
| CVE-2023-0929 | unknown | — | — | — | Use after free in Vulkan in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-0930 | unknown | — | — | — | Heap buffer overflow in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-1213 | unknown | — | — | — | Use after free in Swiftshader in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-0931 | unknown | — | — | — | Use after free in Video in Google Chrome prior to 110.0.5481.177 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-0932 | unknown | — | — | — | Use after free in WebRTC in Google Chrome on Windows prior to 110.0.5481.177 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corrupt… | |||
| CVE-2023-1214 | unknown | — | — | — | Type confusion in V8 in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-1216 | unknown | — | — | — | Use after free in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had convienced the user to engage in direct UI interaction to potentially exploit heap corruption via … | |||
| CVE-2023-1217 | unknown | — | — | — | Stack buffer overflow in Crash reporting in Google Chrome on Windows prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to obtain potentially sensitive informat… | |||
| CVE-2023-1219 | unknown | — | — | — | Heap buffer overflow in Metrics in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML pa… | |||
| CVE-2023-1220 | unknown | — | — | — | Heap buffer overflow in UMA in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. … | |||
| CVE-2023-52457 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() make… | |||
| CVE-2023-1221 | unknown | — | — | — | Insufficient policy enforcement in Extensions API in Google Chrome prior to 111.0.5563.64 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions v… | |||
| CVE-2023-1222 | unknown | — | — | — | Heap buffer overflow in Web Audio API in Google Chrome prior to 111.0.5563.64 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Me… | |||
| CVE-2023-52459 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix duplicated list deletion The list deletion call dropped here is already called from the helper function in… | |||
| CVE-2023-1235 | unknown | — | — | — | Type confusion in DevTools in Google Chrome prior to 111.0.5563.64 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted UI interacti… | |||
| CVE-2023-1813 | unknown | — | — | — | Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a c… |