CVEs from 2023
Total
6,112
critical
critical 239
high
high 1,529
medium
medium 1,388
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-52762 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: virtio-blk: fix implicit overflow on virtio_max_dma_size The following codes have an implicit conversion from size_t to u32: (u32… | |||
| CVE-2023-52662 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node When ida_alloc_max fails, resources allocated before should be freed, includi… | |||
| CVE-2023-52756 | high | — | 8.0 | 2y ago | RHSA-2024:5102: kernel-rt security update (Important) | |||
| CVE-2023-52622 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_si… | |||
| CVE-2023-5841 | high | — | 8.0 | 2y ago | Important: openexr security update | |||
| CVE-2023-43010 | high | — | 8.0 | 2y ago | The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. P… | |||
| CVE-2023-52800 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11k… | |||
| CVE-2023-52439 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2023-52798 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are protected by RCU but the DFS radar event handling code call… | |||
| CVE-2023-52884 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2023-31315 | high | — | 8.0 | 2y ago | RHSA-2024:7481: linux-firmware security update (Important) | |||
| CVE-2023-52771 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2023-52880 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2023-52651 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2023-52864 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2023-52796 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot reports using a stack of multiple ipvlan devices. Reduce stack … | |||
| CVE-2023-52623 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running p… | |||
| CVE-2023-52764 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in set_flicker Syzkaller reported the following issue: UBSAN: shift-out-of-bounds in dri… | |||
| CVE-2023-52530 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When ieee80211_key_link() is called by ieee80211_gtk_rekey_add() but returns 0 d… | |||
| CVE-2023-52471 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ice: Fix some null pointer dereference issues in ice_ptp.c devm_kasprintf() returns a pointer to dynamically allocated memory whi… | |||
| CVE-2023-52653 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: fix a memleak in gss_import_v2_context The ctx->mech_used.data allocated by kmemdup is not freed in neither gss_import_v2… | |||
| CVE-2023-52803 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries RPC client pipefs dentries cleanup is in separated rpc_remove_pipedir… | |||
| CVE-2023-52777 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix gtk offload status event locking The ath11k active pdevs are protected by RCU but the gtk offload status event … | |||
| CVE-2023-52847 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: bttv: fix use after free error due to btv->timeout timer There may be some a race condition between timer function bttv_ir… | |||
| CVE-2023-52845 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING syzbot reported the following uninit-value access issue [1]: … | |||
| CVE-2023-52638 | high | — | 8.0 | 2y ago | Important: kernel security update | |||
| CVE-2023-52669 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always read a whole blo… | |||
| CVE-2023-52675 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memo… | |||
| CVE-2023-52835 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When perf-record with a large AUX area, e.g 4GB, it fails with:… | |||
| CVE-2023-52781 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: config: fix iteration issue in 'usb_get_bos_descriptor()' The BOS descriptor defines a root descriptor and is the base descr… | |||
| CVE-2023-52877 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() It is possible that typec_register_partner() returns ERR_PTR on … | |||
| CVE-2023-52700 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ... [ 13.39… | |||
| CVE-2023-4727 | high | — | 8.0 | 2y ago | RHSA-2024:4367: pki-core security update (Important) | |||
| CVE-2023-6597 | high | — | 8.0 | 2y ago | An issue was found in the CPython `tempfile.TemporaryDirectory` class affecting versions 3.12.1, 3.11.7, 3.10.13, 3.9.18, and 3.8.18 and prior. The tempfile.TemporaryDirectory class would dereferenc… | |||
| CVE-2023-20592 | high | — | 8.0 | 2y ago | RHSA-2024:3178: linux-firmware security update (Important) | |||
| CVE-2023-53192 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vxlan: Fix nexthop hash size The nexthop code expects a 31 bit hash, such as what is returned by fib_multipath_hash() and rt6_mul… | |||
| CVE-2023-54215 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: virtio-vdpa: Fix cpumask memory leak in virtio_vdpa_find_vqs() Free the cpumask allocated by create_affinity_masks() before retur… | |||
| CVE-2023-53649 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: perf trace: Really free the evsel->priv area In 3cb4d5e00e037c70 ("perf trace: Free syscall tp fields in evsel->priv") it only wa… | |||
| CVE-2023-53713 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: sme: Use STR P to clear FFR context field in streaming SVE mode The FFR is a predicate register which can vary between 16 … | |||
| CVE-2023-54263 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: init hpd_irq_lock for PIOR DP Fixes OOPS on boards with ANX9805 DP encoders. | |||
| CVE-2023-53570 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: fix integer overflow in nl80211_parse_mbssid_elems() nl80211_parse_mbssid_elems() uses a u8 variable num_elems to … | |||
| CVE-2023-53628 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop gfx_v11_0_cp_ecc_error_irq_funcs The gfx.cp_ecc_error_irq is retired in gfx11. In gfx_v11_0_hw_fini still use am… | |||
| CVE-2023-53992 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: ocb: don't leave if not joined If there's no OCB state, don't ask the driver/mac80211 to leave, since that's just… | |||
| CVE-2023-41983 | high | — | 8.0 | 2y ago | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, Safari 17.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. Processing web content may lead t… | |||
| CVE-2023-53228 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: drop redundant sched job cleanup when cs is aborted Once command submission failed due to userptr invalidation in amd… | |||
| CVE-2023-53444 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulk_move corruption when adding a entry When the resource is the first in the bulk_move range, adding it again (thu… | |||
| CVE-2023-54251 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: Limit TCA_TAPRIO_ATTR_SCHED_CYCLE_TIME to INT_MAX. syzkaller found zero division error [0] in div_s64_rem() ca… | |||
| CVE-2023-54120 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix race condition in hidp_session_thread There is a potential race condition in hidp_session_thread that may lead to … | |||
| CVE-2023-54062 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix invalid free tracking in ext4_xattr_move_to_block() In ext4_xattr_move_to_block(), the value of the extended attribute … | |||
| CVE-2023-54229 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix registration of 6Ghz-only phy without the full channel range Because of what seems to be a typo, a 6Ghz-only ph… | |||
| CVE-2023-54145 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARN_ONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" … | |||
| CVE-2023-53209 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211_hwsim: Fix possible NULL dereference In a call to mac80211_hwsim_select_tx_link() the sta pointer might be NULL, t… | |||
| CVE-2023-54008 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: virtio_vdpa: build affinity masks conditionally We try to build affinity mask via create_affinity_masks() unconditionally which m… | |||
| CVE-2023-54156 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: sfc: fix crash when reading stats while NIC is resetting efx_net_stats() (.ndo_get_stats64) can be called during an ethtool self… | |||
| CVE-2023-53237 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini The gmc.ecc_irq is enabled by firmware per IFWI setting, and the h… | |||
| CVE-2023-53415 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, ot… | |||
| CVE-2023-53863 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes addre… | |||
| CVE-2023-53097 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it… | |||
| CVE-2023-53052 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix use-after-free bug in refresh_cache_worker() The UAF bug occurred because we were putting DFS root sessions in cifs_umo… | |||
| CVE-2023-53018 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix memory leaks When hci_cmd_sync_queue() failed in hci_le_terminate_big() or hci_le_big_terminate(), the m… | |||
| CVE-2023-53665 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: don't dereference mddev after export_rdev() Except for initial reference, mddev->kobject is referenced by rdev->kobject, and … | |||
| CVE-2023-42852 | high | — | 8.0 | 2y ago | A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, macOS Sonoma 14.1, Safari 17.1, tvOS 17.1. Processing we… | |||
| CVE-2023-53666 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix missing mbhc init error handling MBHC initialisation can fail so add the missing error handling to avo… | |||
| CVE-2023-45290 | high | — | 8.0 | 2y ago | RHSA-2024:8038: container-tools:rhel8 security update (Important) | |||
| CVE-2023-42890 | high | — | 8.0 | 2y ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arb… | |||
| CVE-2023-5574 | high | — | 8.0 | 2y ago | A use-after-free flaw was found in xorg-x11-server-Xvfb. This issue occurs in Xvfb with a very specific and legacy configuration (a multi-screen setup with multiple protocol screens, also known as Za… | |||
| CVE-2023-54137 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix cap_migration information leak Fix an information leak where an uninitialized hole in struct vfio_iommu_type1_inf… | |||
| CVE-2023-53663 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Check instead of asserting on nested TSC scaling support Check for nested TSC scaling support on nested SVM VMRUN inst… | |||
| CVE-2023-52581 | high | — | 8.0 | 2y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2023-53544 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cpufreq: davinci: Fix clk use after free The remove function first frees the clks and only then calls cpufreq_unregister_driver()… | |||
| CVE-2023-54292 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix data race on CQP request done KCSAN detects a data race on cqp_request->request_done memory location which is acc… | |||
| CVE-2023-6546 | high | — | 8.0 | 2y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2023-53784 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm: bridge: dw_hdmi: fix connector access for scdc Commit 5d844091f237 ("drm/scdc-helper: Pimp SCDC debugs") changed the scdc in… | |||
| CVE-2023-53263 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/disp: fix use-after-free in error handling of nouveau_connector_create We can't simply free the connector after calli… | |||
| CVE-2023-6531 | high | — | 8.0 | 2y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2023-53057 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hci_init_stage_sync(stage) considers that stage[i] is v… | |||
| CVE-2023-45231 | high | — | 8.0 | 2y ago | RHSA-2024:3017: edk2 security update (Important) | |||
| CVE-2023-53813 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: fix rbtree traversal bug in ext4_mb_use_preallocated During allocations, while looking for preallocations(PA) in the per in… | |||
| CVE-2023-54026 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: opp: Fix use-after-free in lazy_opp_tables after probe deferral When dev_pm_opp_of_find_icc_paths() in _allocate_opp_table() retu… | |||
| CVE-2023-54283 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Address KCSAN report on bpf_lru_list KCSAN reported a data-race when accessing node->ref. Although node->ref does not have t… | |||
| CVE-2023-54260 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: Fix lost destroy smbd connection when MR allocate failed If the MR allocate failed, the smb direct connection info is NULL,… | |||
| CVE-2023-54022 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential memory leaks at error path for UMP open The allocation and initialization errors at alloc_midi_urb… | |||
| CVE-2023-53673 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In hci_cs_disconnect, we do hci_conn_del even if disconnectio… | |||
| CVE-2023-53993 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix memory leak with CONFIG_DEBUG_OBJECTS=y After a pci_doe_task completes, its work_struct needs to be destroyed to avo… | |||
| CVE-2023-53016 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix possible deadlock in rfcomm_sk_state_change syzbot reports a possible deadlock in rfcomm_sk_state_change [1]. Whil… | |||
| CVE-2023-54296 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Get source vCPUs from source VM for SEV-ES intrahost migration Fix a goof where KVM tries to grab source vCPUs from the… | |||
| CVE-2023-42883 | high | — | 8.0 | 2y ago | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processi… | |||
| CVE-2023-54048 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/bnxt_re: Prevent handling any completions after qp destroy HW may generate completions that indicates QP is destroyed. Drive… | |||
| CVE-2023-40414 | high | — | 8.0 | 2y ago | A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 10, iOS 17 and iPadOS 17, tvOS 17, macOS Sonoma 14, Safari 17. Processing web content may lead to … | |||
| CVE-2023-53004 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ovl: fix tmpfile leak Missed an error cleanup. | |||
| CVE-2023-53536 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: blk-crypto: make blk_crypto_evict_key() more robust If blk_crypto_evict_key() sees that the key is still in-use (due to a bug) or… | |||
| CVE-2023-54030 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring/net: don't overflow multishot recv Don't allow overflowing multishot recv CQEs, it might get out of hand, hurt performan… | |||
| CVE-2023-54028 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix the error "trying to register non-static key in rxe_cleanup_task" In the function rxe_create_qp(), rxe_qp_from_init… | |||
| CVE-2023-52940 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: mm: multi-gen LRU: fix crash during cgroup migration lru_gen_migrate_mm() assumes lru_gen_add_mm() runs prior to itself. This is… | |||
| CVE-2023-54235 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: PCI/DOE: Fix destroy_work_on_stack() race The following debug object splat was observed in testing: ODEBUG: free active (activ… | |||
| CVE-2023-53019 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: mdio: validate parameter addr in mdiobus_get_phy() The caller may pass any value as addr, what may result in an out-of-bound… | |||
| CVE-2023-54242 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: block, bfq: Fix division by zero error on zero wsum When the weighted sum is zero the calculation of limit causes a division by z… | |||
| CVE-2023-54261 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add missing gfx11 MQD manager callbacks mqd_stride function was introduced in commit 2f77b9a242a2 ("drm/amdkfd: Updat… | |||
| CVE-2023-6915 | high | — | 8.0 | 2y ago | Important: kernel security, bug fix, and enhancement update | |||
| CVE-2023-54038 | high | — | 8.0 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: return ERR_PTR instead of NULL when there is no link hci_connect_sco currently returns NULL when there is no… |