CVEs from 2023
Total
6,091
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-4068 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-34872 | unknown | — | — | — | A vulnerability in Outline.cc for Poppler prior to 23.06.0 allows a remote attacker to cause a Denial of Service (DoS) (crash) via a crafted PDF file in OutlineItem::open. | |||
| CVE-2023-51698 | unknown | — | — | — | Atril is a simple multi-page document viewer. Atril is vulnerable to a critical Command Injection Vulnerability. This vulnerability gives the attacker immediate access to the target system when the t… | |||
| CVE-2023-52426 | unknown | — | — | — | libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. | |||
| CVE-2023-46853 | unknown | — | — | — | In Memcached before 1.6.22, an off-by-one error exists when processing proxy requests in proxy mode, if \n is used instead of \r\n. | |||
| CVE-2023-4572 | unknown | — | — | — | Use after free in MediaStream in Google Chrome prior to 116.0.5845.140 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-4900 | unknown | — | — | — | Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security s… | |||
| CVE-2023-5858 | unknown | — | — | — | Inappropriate implementation in WebApp Provider in Google Chrome prior to 119.0.6045.105 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-6347 | unknown | — | — | — | Use after free in Mojo in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-6510 | unknown | — | — | — | Use after free in Media Capture in Google Chrome prior to 120.0.6099.62 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via … | |||
| CVE-2023-0645 | unknown | — | — | — | An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit ht… | |||
| CVE-2023-35790 | unknown | — | — | — | An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop. | |||
| CVE-2023-2088 | unknown | — | — | — | A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerabil… | |||
| CVE-2023-52322 | unknown | — | — | — | ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics. | |||
| CVE-2023-25750 | unknown | — | — | — | Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox < 111. | |||
| CVE-2023-24258 | unknown | — | — | — | SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request. | |||
| CVE-2023-1823 | unknown | — | — | — | Inappropriate implementation in FedCM in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-4069 | unknown | — | — | — | Type Confusion in V8 in Google Chrome prior to 115.0.5790.170 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-4365 | unknown | — | — | — | Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Medium) | |||
| CVE-2023-47272 | unknown | — | — | — | Roundcube 1.5.x before 1.5.6 and 1.6.x before 1.6.5 allows XSS via a Content-Type or Content-Disposition header (used for attachment preview or download). | |||
| CVE-2023-4429 | unknown | — | — | — | Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-4431 | unknown | — | — | — | Out of bounds memory access in Fonts in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: M… | |||
| CVE-2023-4909 | unknown | — | — | — | Inappropriate implementation in Interstitials in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to obfuscate security UI via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-0054 | unknown | — | — | — | Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. | |||
| CVE-2023-0288 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. | |||
| CVE-2023-0049 | unknown | — | — | — | Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | |||
| CVE-2023-1127 | unknown | — | — | — | Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. | |||
| CVE-2023-1170 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. | |||
| CVE-2023-0051 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. | |||
| CVE-2023-0433 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1225. | |||
| CVE-2023-1175 | unknown | — | — | — | Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. | |||
| CVE-2023-6350 | unknown | — | — | — | Use after free in libavif in Google Chrome prior to 119.0.6045.199 allowed a remote attacker to potentially exploit heap corruption via a crafted avif file. (Chromium security severity: High) | |||
| CVE-2023-1264 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1392. | |||
| CVE-2023-2610 | unknown | — | — | — | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532. | |||
| CVE-2023-3896 | unknown | — | — | — | Divide By Zero in vim/vim from 9.0.1367-1 to 9.0.1367-3 | |||
| CVE-2023-2426 | unknown | — | — | — | Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. | |||
| CVE-2023-2609 | unknown | — | — | — | NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531. | |||
| CVE-2023-46246 | unknown | — | — | — | Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `src/alloc.c` at line 748, which is freed in the file… | |||
| CVE-2023-4738 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1848. | |||
| CVE-2023-4733 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.1840. | |||
| CVE-2023-4734 | unknown | — | — | — | Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. | |||
| CVE-2023-4750 | unknown | — | — | — | Use After Free in GitHub repository vim/vim prior to 9.0.1857. | |||
| CVE-2023-4735 | unknown | — | — | — | Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. | |||
| CVE-2023-4751 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. | |||
| CVE-2023-4781 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. | |||
| CVE-2023-48231 | unknown | — | — | — | Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viab… | |||
| CVE-2023-48232 | unknown | — | — | — | Vim is an open source command line text editor. A floating point exception may occur when calculating the line offset for overlong lines and smooth scrolling is enabled and the cpo-settings include t… | |||
| CVE-2023-52452 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix accesses to uninit stack slots Privileged programs are supposed to be able to read uninitialized stack memory (ever sinc… | |||
| CVE-2023-1523 | unknown | — | — | — | Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the sna… | |||
| CVE-2023-5568 | unknown | — | — | — | A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service. | |||
| CVE-2023-25740 | unknown | — | — | — | After downloading a Windows <code>.scf</code> script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This a… | |||
| CVE-2023-25741 | unknown | — | — | — | When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern… | |||
| CVE-2023-28159 | unknown | — | — | — | The fullscreen notification could have been hidden on Firefox for Android by using download popups, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Firefox for A… | |||
| CVE-2023-25749 | unknown | — | — | — | Android applications with unpatched vulnerabilities can be launched from a browser using Intents, exposing users to these vulnerabilities. Firefox will now confirm with users that they want to launch… | |||
| CVE-2023-28160 | unknown | — | — | — | When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects… | |||
| CVE-2023-29551 | unknown | — | — | — | Memory safety bugs present in Firefox 111. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code… | |||
| CVE-2023-52761 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: riscv: VMAP_STACK overflow detection thread-safe commit 31da94c25aea ("riscv: add VMAP_STACK overflow detection") added support f… | |||
| CVE-2023-37456 | unknown | — | — | — | The session restore helper crashed whenever there was no parameter sent to the message handler. This vulnerability affects Firefox for iOS < 115. | |||
| CVE-2023-5168 | unknown | — | — | — | A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug… | |||
| CVE-2023-5173 | unknown | — | — | — | In a non-standard configuration of Firefox, an integer overflow could have occurred based on network traffic (possibly under influence of a local unprivileged webpage), leading to an out-of-bounds wr… | |||
| CVE-2023-5175 | unknown | — | — | — | During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulne… | |||
| CVE-2023-5722 | unknown | — | — | — | Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119. | |||
| CVE-2023-6210 | unknown | — | — | — | When an https: web page created a pop-up from a "javascript:" URL, that pop-up was incorrectly allowed to load blockable content such as iframes from insecure http: URLs This vulnerability affects Fi… | |||
| CVE-2023-53138 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbl_device_notify() syzbot reported use-after-free in cfusbl_device_notify() [1]. This cause… | |||
| CVE-2023-53135 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode When CONFIG_FRAME_POINTER is unset, the stack unwinding function w… | |||
| CVE-2023-34237 | unknown | — | — | — | SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Scrip… | |||
| CVE-2023-46569 | unknown | — | — | — | An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. | |||
| CVE-2023-20588 | unknown | — | — | — | A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | |||
| CVE-2023-21255 | unknown | — | — | — | In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User… | |||
| CVE-2023-53032 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. When first_ip is 0, last_ip is 0xFFFFFFFF, and ne… | |||
| CVE-2023-53037 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to … | |||
| CVE-2023-53043 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent If the controller is not marked as cache coherent, then kernel w… | |||
| CVE-2023-53080 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xsk: Add missing overflow check in xdp_umem_reg The number of chunks can overflow u32. Make sure to return -EINVAL on overflow. A… | |||
| CVE-2023-53111 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues do_req_filebacked() calls blk_mq_complete_request() synchronously or asynchronously when using as… | |||
| CVE-2023-53115 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc() Don't allocate memory again when IOC is being reinitialized. | |||
| CVE-2023-53194 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add length check in indx_get_root This adds a length check to guarantee the retrieved index root is legit. [ 162.4595… | |||
| CVE-2023-53172 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fsverity: reject FS_IOC_ENABLE_VERITY on mode 3 fds Commit 56124d6c87fd ("fsverity: support enabling with tree block size < PAGE_… | |||
| CVE-2023-41259 | unknown | — | — | — | Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call. | |||
| CVE-2023-53174 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() ne… | |||
| CVE-2023-41260 | unknown | — | — | — | Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls. | |||
| CVE-2023-53186 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 ("skbuff: fix coalescing for page_pool fragment recy… | |||
| CVE-2023-53187 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes … | |||
| CVE-2023-53216 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efi_rt_lock a raw_spinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: … | |||
| CVE-2023-53238 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() The size of array 'priv->ports[]' is INNO_PHY_PORT_NUM. In t… | |||
| CVE-2023-53243 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile Callers of `btrfs_reduce_alloc_profile` expect it to return ex… | |||
| CVE-2023-53247 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand While trying to get the subpage blocksize tests running, I hi… | |||
| CVE-2023-53274 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt8183: Add back SSPM related clocks This reverts commit 860690a93ef23b567f781c1b631623e27190f101. On the MT8183,… | |||
| CVE-2023-53348 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then d… | |||
| CVE-2023-53388 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtk_drm_bind() can fail, in which case drm_dev_put() is called, destroyin… | |||
| CVE-2023-5972 | unknown | — | — | — | A null pointer dereference flaw was found in the nft_inner.c functionality of netfilter in the Linux kernel. This issue could allow a local user to crash the system or escalate their privileges on th… | |||
| CVE-2023-6270 | unknown | — | — | — | A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered … | |||
| CVE-2023-7042 | unknown | — | — | — | A null pointer dereference vulnerability was found in ath10k_wmi_tlv_op_pull_mgmt_tx_compl_ev() in drivers/net/wireless/ath/ath10k/wmi-tlv.c in the Linux kernel. This issue could be exploited to trig… | |||
| CVE-2023-7192 | unknown | — | — | — | A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause… | |||
| CVE-2023-1605 | unknown | — | — | — | Denial of Service in GitHub repository radareorg/radare2 prior to 5.8.6. | |||
| CVE-2023-46570 | unknown | — | — | — | An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32 function of libr/arch/p/nds32/nds32-dis.h. | |||
| CVE-2023-4322 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.9.0. | |||
| CVE-2023-38060 | unknown | — | — | — | Improper Input Validation vulnerability in the ContentType parameter for attachments on TicketCreate or TicketUpdate operations of the OTRS Generic Interface modules allows any authenticated attacke… | |||
| CVE-2023-42114 | unknown | — | — | — | Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Exim. Authentica… | |||
| CVE-2023-42115 | unknown | — | — | — | Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not requir… | |||
| CVE-2023-42117 | unknown | — | — | — | Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentic… |