CVEs from 2023
Total
6,099
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-31626 | unknown | — | — | — | An issue in the gpf_notice component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||
| CVE-2023-31631 | unknown | — | — | — | An issue in the sqlo_preds_contradiction component of openlink virtuoso-opensource v7.2.9 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements. | |||
| CVE-2023-48949 | unknown | — | — | — | An issue in the box_add function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement. | |||
| CVE-2023-37419 | unknown | — | — | — | Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim… | |||
| CVE-2023-37442 | unknown | — | — | — | Multiple out-of-bounds read vulnerabilities exist in the VCD var definition section functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim woul… | |||
| CVE-2023-37420 | unknown | — | — | — | Multiple out-of-bounds write vulnerabilities exist in the VCD parse_valuechange portdump functionality of GTKWave 3.3.115. A specially crafted .vcd file can lead to arbitrary code execution. A victim… | |||
| CVE-2023-53247 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand While trying to get the subpage blocksize tests running, I hi… | |||
| CVE-2023-53243 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile Callers of `btrfs_reduce_alloc_profile` expect it to return ex… | |||
| CVE-2023-53238 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() The size of array 'priv->ports[]' is INNO_PHY_PORT_NUM. In t… | |||
| CVE-2023-50247 | unknown | — | — | — | h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. The QUIC stack (quicly), as used by H2O up to commit 43f86e5 (in version 2.3.0-beta and prior), is susceptible to a state exhaustio… | |||
| CVE-2023-53195 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init The line cards array is not freed in the error path of mlxsw_… | |||
| CVE-2023-53187 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes … | |||
| CVE-2023-29420 | unknown | — | — | — | An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3_decode_block. | |||
| CVE-2023-53186 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 ("skbuff: fix coalescing for page_pool fragment recy… | |||
| CVE-2023-2664 | unknown | — | — | — | In Xpdf 4.04 (and earlier), a PDF object loop in the embedded file tree leads to infinite recursion and a stack overflow. | |||
| CVE-2023-30259 | unknown | — | — | — | A Buffer Overflow vulnerability in importshp plugin in LibreCAD 2.2.0 allows attackers to obtain sensitive information via a crafted DBF file. | |||
| CVE-2023-25733 | unknown | — | — | — | The return value from `gfx::SourceSurfaceSkia::Map()` wasn't being verified which could have potentially lead to a null pointer dereference. This vulnerability affects Firefox < 110. | |||
| CVE-2023-53146 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: dw2102: Fix null-ptr-deref in dw2102_i2c_transfer() In dw2102_i2c_transfer, msg is controlled by user. When msg[i].buf is … | |||
| CVE-2023-46345 | unknown | — | — | — | Catdoc v0.95 was discovered to contain a NULL pointer dereference via the component xls2csv at src/xlsparse.c. | |||
| CVE-2023-49060 | unknown | — | — | — | An attacker could have accessed internal pages or data by ex-filtrating a security key from ReaderMode via the `referrerpolicy` attribute. This vulnerability affects Firefox for iOS < 120. | |||
| CVE-2023-53143 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ext4: fix another off-by-one fsmap error on 1k block filesystems Apparently syzbot figured out that issuing this FSMAP call: str… | |||
| CVE-2023-53141 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping() ila_xlat_nl_cmd_get_mapping() generates an empty skb, trigge… | |||
| CVE-2023-5172 | unknown | — | — | — | A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118. | |||
| CVE-2023-47993 | unknown | — | — | — | A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service. | |||
| CVE-2023-5758 | unknown | — | — | — | When opening a page in reader mode, the redirect URL could have caused attacker-controlled script to execute in a reflected Cross-Site Scripting (XSS) attack. This vulnerability affects Firefox for i… | |||
| CVE-2023-6866 | unknown | — | — | — | TypedArrays can be fallible and lacked proper exception handling. This could lead to abuse in other APIs which expect TypedArrays to always succeed. This vulnerability affects Firefox < 121. | |||
| CVE-2023-53080 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xsk: Add missing overflow check in xdp_umem_reg The number of chunks can overflow u32. Make sure to return -EINVAL on overflow. A… | |||
| CVE-2023-6868 | unknown | — | — | — | In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthori… | |||
| CVE-2023-31493 | unknown | — | — | — | RCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing e… | |||
| CVE-2023-53037 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Bad drive in topology results kernel crash When the SAS Transport Layer support is enabled and a device exposed to … | |||
| CVE-2023-49343 | unknown | — | — | — | Temporary data passed between application components by Budgie Extras Dropby applet could potentially be viewed or manipulated. The data is stored in a location that is accessible to any user who has… | |||
| CVE-2023-53032 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. When first_ip is 0, last_ip is 0xFFFFFFFF, and ne… | |||
| CVE-2023-28686 | unknown | — | — | — | Dino before 0.2.3, 0.3.x before 0.3.2, and 0.4.x before 0.4.2 allows attackers to modify the personal bookmark store via a crafted message. The attacker can change the display of group chats or force… | |||
| CVE-2023-20519 | unknown | — | — | — | ||||
| CVE-2023-34408 | unknown | — | — | — | DokuWiki before 2023-04-04a allows XSS via RSS titles. | |||
| CVE-2023-32723 | unknown | — | — | — | Request to LDAP is sent before user permissions are checked. | |||
| CVE-2023-45684 | unknown | — | — | — | Northern.tech CFEngine Enterprise before 3.21.3 allows SQL Injection. The fixed versions are 3.18.6 and 3.21.3. The earliest affected version is 3.6.0. The issue is in the Mission Portal login page i… | |||
| CVE-2023-43628 | unknown | — | — | — | An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malici… | |||
| CVE-2023-32721 | unknown | — | — | — | A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL. | |||
| CVE-2023-21255 | unknown | — | — | — | In multiple functions of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User… | |||
| CVE-2023-38319 | unknown | — | — | — | An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the configuration file, allowing attackers that have direct or indirect access to this file to execute arbi… | |||
| CVE-2023-5332 | unknown | — | — | — | Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only … | |||
| CVE-2023-38199 | unknown | — | — | — | coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payl… | |||
| CVE-2023-0358 | unknown | — | — | — | Use After Free in GitHub repository gpac/gpac prior to 2.3.0-DEV. | |||
| CVE-2023-0760 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. | |||
| CVE-2023-0819 | unknown | — | — | — | Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. | |||
| CVE-2023-1448 | unknown | — | — | — | A vulnerability, which was classified as problematic, was found in GPAC 2.3-DEV-rev35-gbbca86917-master. This affects the function gf_m2ts_process_sdt of the file media_tools/mpegts.c. The manipulati… | |||
| CVE-2023-49356 | unknown | — | — | — | A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592. | |||
| CVE-2023-40303 | unknown | — | — | — | GNU inetutils before 2.5 may allow privilege escalation because of unchecked return values of set*id() family functions in ftpd, rcp, rlogin, rsh, rshd, and uucpd. This is, for example, relevant if t… | |||
| CVE-2023-46569 | unknown | — | — | — | An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. | |||
| CVE-2023-51106 | unknown | — | — | — | A floating point exception (divide-by-zero) vulnerability was discovered in mupdf 1.23.4 in function pnm_binary_read_image() of load-pnm.c when fz_colorspace_n returns zero. | |||
| CVE-2023-51104 | unknown | — | — | — | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function pnm_binary_read_image() of load-pnm.c when span equals zero. | |||
| CVE-2023-31794 | unknown | — | — | — | MuPDF v1.21.1 was discovered to contain an infinite recursion in the component pdf_mark_list_push. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | |||
| CVE-2023-51103 | unknown | — | — | — | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in the function fz_new_pixmap_from_float_data() of pixmap.c. | |||
| CVE-2023-51105 | unknown | — | — | — | A floating point exception (divide-by-zero) vulnerability was discovered in Artifex MuPDF 1.23.4 in function bmp_decompress_rle4() of load-bmp.c. | |||
| CVE-2023-27985 | unknown | — | — | — | emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification… | |||
| CVE-2023-45663 | unknown | — | — | — | stb_image is a single file MIT licensed library for processing images. The stbi__getn function reads a specified number of bytes from context (typically a file) into the specified buffer. In case the… | |||
| CVE-2023-6936 | unknown | — | — | — | In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (W… | |||
| CVE-2023-45661 | unknown | — | — | — | stb_image is a single file MIT licensed library for processing images. A crafted image file may trigger out of bounds memcpy read in `stbi__gif_load_next`. This happens because two_back points to a m… | |||
| CVE-2023-53076 | unknown | — | — | — | ||||
| CVE-2023-34318 | unknown | — | — | — | A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure. | |||
| CVE-2023-42118 | unknown | — | — | — | Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentic… | |||
| CVE-2023-38857 | unknown | — | — | — | Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to execute arbitrary code and cause a denial of service via the stcoin function in mp4read.c. | |||
| CVE-2023-30801 | unknown | — | — | — | All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, th… | |||
| CVE-2023-47480 | unknown | — | — | — | An issue in Pure Data 0.54-0 and fixed in 0.54-1 allows a local attacker to escalate privileges via the set*id () function. | |||
| CVE-2023-54103 | unknown | — | — | — | ||||
| CVE-2023-24808 | unknown | — | — | — | PDFio is a C library for reading and writing PDF files. In versions prior to 1.1.0 a denial of service (DOS) vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run a… | |||
| CVE-2023-48039 | unknown | — | — | — | GPAC 2.3-DEV-rev617-g671976fcc-master is vulnerable to memory leak in gf_mpd_parse_string media_tools/mpd.c:75. | |||
| CVE-2023-4135 | unknown | — | — | — | A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is u… | |||
| CVE-2023-1326 | unknown | — | — | — | ||||
| CVE-2023-36813 | unknown | — | — | — | Kanboard is project management software that focuses on the Kanban methodology. In versions prior to 1.2.31authenticated user is able to perform a SQL Injection, leading to a privilege escalation or … | |||
| CVE-2023-45667 | unknown | — | — | — | stb_image is a single file MIT licensed library for processing images. If `stbi__load_gif_main` in `stbi_load_gif_from_memory` fails it returns a null pointer and may keep the `z` variable uninitial… | |||
| CVE-2023-25516 | unknown | — | — | — | NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of… | |||
| CVE-2023-54288 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fortify the spinlock against deadlock by interrupt In the function ieee80211_tx_dequeue() there is a particular l… | |||
| CVE-2023-54241 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: MIPS: KVM: Fix NULL pointer dereference After commit 45c7e8af4a5e3f0bea4ac209 ("MIPS: Remove KVM_TE support") we get a NULL point… | |||
| CVE-2023-45675 | unknown | — | — | — | stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if the len r… | |||
| CVE-2023-54219 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert conn… | |||
| CVE-2023-54180 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace [BUG] There is a bug report that a BUG_ON() in btrfs_repair_io_failure() … | |||
| CVE-2023-22484 | unknown | — | — | — | cmark-gfm is GitHub's fork of cmark, a CommonMark parsing and rendering library and program in C. Versions prior to 0.29.0.gfm.7 are subject to a polynomial time complexity issue in cmark-gfm that ma… | |||
| CVE-2023-5341 | unknown | — | — | — | A heap use-after-free flaw was found in coders/bmp.c in ImageMagick. | |||
| CVE-2023-39978 | unknown | — | — | — | ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw. | |||
| CVE-2023-3745 | unknown | — | — | — | A heap-based buffer overflow issue was found in ImageMagick's PushCharPixel() function in quantum-private.h. This issue may allow a local attacker to trick the user into opening a specially crafted f… | |||
| CVE-2023-45677 | unknown | — | — | — | stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of bounds write in `f->vendor[len] = (char)'\0';`. The root cause is that if `len` rea… | |||
| CVE-2023-3428 | unknown | — | — | — | A heap-based buffer overflow vulnerability was found in coders/tiff.c in ImageMagick. This issue may allow a local attacker to trick the user into opening a specially crafted file, resulting in an a… | |||
| CVE-2023-45678 | unknown | — | — | — | stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger out of buffer write in `start_decoder` because at maximum `m->submaps` can be 16 but `subm… | |||
| CVE-2023-45679 | unknown | — | — | — | stb_vorbis is a single file MIT licensed library for processing ogg vorbis files. A crafted file may trigger memory allocation failure in `start_decoder`. In that case the function returns early, but… | |||
| CVE-2023-27783 | unknown | — | — | — | An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | |||
| CVE-2023-53455 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: drop all currently held locks if deadlock happens If vc4_hdmi_reset_link() returns -EDEADLK, it means that a deadlock ha… | |||
| CVE-2023-53231 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: erofs: Fix detection of atomic context Current check for atomic context is not sufficient as z_erofs_decompressqueue_endio can be… | |||
| CVE-2023-47212 | unknown | — | — | — | A heap-based buffer overflow vulnerability exists in the comment functionality of stb _vorbis.c v1.22. A specially crafted .ogg file can lead to an out-of-bounds write. An attacker can provide a mali… | |||
| CVE-2023-53023 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: nfc: Fix use-after-free in local_cleanup() Fix a use-after-free that occurs in kfree_skb() called from local_cleanup(). This… | |||
| CVE-2023-5727 | unknown | — | — | — | The executable file warning was not presented when downloading .msix, .msixbundle, .appx, and .appxbundle files, which can run commands on a user's computer. *Note: This issue only affected Windows… | |||
| CVE-2023-52885 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener svc_sock is freed, and before invoking svc_tcp_accept() for the… | |||
| CVE-2023-31982 | unknown | — | — | — | Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capture_packet_reasm_ip at /src/capture.c. | |||
| CVE-2023-0818 | unknown | — | — | — | Off-by-one Error in GitHub repository gpac/gpac prior to v2.3.0-DEV. | |||
| CVE-2023-5729 | unknown | — | — | — | A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing atta… | |||
| CVE-2023-46930 | unknown | — | — | — | GPAC 2.3-DEV-rev605-gfc9e29089-master contains a SEGV in gpac/MP4Box in gf_isom_find_od_id_for_track /afltest/gpac/src/isomedia/media_odf.c:522:14. | |||
| CVE-2023-4778 | unknown | — | — | — | Out-of-bounds Read in GitHub repository gpac/gpac prior to 2.3-DEV. | |||
| CVE-2023-50120 | unknown | — | — | — | MP4Box GPAC version 2.3-DEV-rev636-gfbd7e13aa-master was discovered to contain an infinite loop in the function av1_uvlc at media_tools/av_parsers.c. This vulnerability allows attackers to cause a De… | |||
| CVE-2023-24288 | unknown | — | — | — |