CVEs from 2023
Total
6,112
critical
critical 240
high
high 1,529
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33009 | unknown | — | 1.5 | 3y ago | Zyxel ATP, USG FLEX, USG FLEX 50(W), USG20(W)-VPN, VPN, and ZyWALL/USG firewalls contain a buffer overflow vulnerability in the notification function that could allow an unauthenticated attacker to c… | |||
| CVE-2023-32409 | unknown | — | 1.5 | 3y ago | Apple iOS, iPadOS, macOS, tvOS, watchOS, and Safari WebKit contain an unspecified vulnerability that can allow a remote attacker to break out of the Web Content sandbox. This vulnerability could impa… | |||
| CVE-2023-21492 | unknown | — | 1.5 | 3y ago | Samsung mobile devices running Android 11, 12, and 13 contain an insertion of sensitive information into log file vulnerability that allows a privileged, local attacker to conduct an address space la… | |||
| CVE-2023-25717 | unknown | — | 1.5 | 3y ago | Ruckus Wireless Access Point (AP) software contains an unspecified vulnerability in the web services component. If the web services component is enabled on the AP, an attacker can perform cross-site … | |||
| CVE-2023-2136 | unknown | — | 1.5 | 3y ago | Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML pag… | |||
| CVE-2023-2033 | unknown | — | 1.5 | 3y ago | Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multipl… | |||
| CVE-2023-29492 | unknown | — | 1.5 | 3y ago | Novi Survey contains an insecure deserialization vulnerability that allows remote attackers to execute code on the server in the context of the service account. | |||
| CVE-2023-20963 | unknown | — | 1.5 | 3y ago | Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed. | |||
| CVE-2023-28206 | unknown | — | 1.5 | 3y ago | Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges. | |||
| CVE-2023-26083 | unknown | — | 1.5 | 3y ago | Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. | |||
| CVE-2023-23397 | unknown | — | 1.5 | 3y ago | Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user. | |||
| CVE-2023-24880 | unknown | — | 1.5 | 3y ago | Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file. | |||
| CVE-2023-21823 | unknown | — | 1.5 | 3y ago | Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation. | |||
| CVE-2023-21715 | unknown | — | 1.5 | 3y ago | Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system. | |||
| CVE-2023-23376 | unknown | — | 1.5 | 3y ago | Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation. | |||
| CVE-2023-21674 | unknown | — | 1.5 | 3y ago | Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation. | |||
| CVE-2023-2640 | unknown | — | 1.0 | — | On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on th… | |||
| CVE-2023-27372 | unknown | — | 1.0 | — | SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. | |||
| CVE-2023-32629 | unknown | — | 1.0 | — | Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels | |||
| CVE-2023-50386 | unknown | — | 1.0 | 2y ago | Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets | |||
| CVE-2023-48292 | unknown | — | 1.0 | 3y ago | Run Shell Command allows Cross-Site Request Forgery | |||
| CVE-2023-40315 | unknown | — | 1.0 | 3y ago | OpenNMS privilege escalation vulnerability | |||
| CVE-2023-0872 | unknown | — | 1.0 | 3y ago | OpenNMS privilege elevation vulnerability | |||
| CVE-2023-36812 | unknown | — | 1.0 | 3y ago | Remote Code Execution for 2.4.1 and earlier | |||
| CVE-2023-34468 | unknown | — | 1.0 | 3y ago | Apache NiFi vulnerable to Code Injection | |||
| CVE-2023-25826 | unknown | — | 1.0 | 3y ago | Command injection in OpenTSDB | |||
| CVE-2023-0130 | unknown | — | — | — | Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. … | |||
| CVE-2023-28163 | unknown | — | — | — | When downloading files through the Save As dialog on Windows with suggested filenames containing environment variable names, Windows would have resolved those in the context of the current user. <br>… | |||
| CVE-2023-2467 | unknown | — | — | — | Inappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security sev… | |||
| CVE-2023-0129 | unknown | — | — | — | Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a … | |||
| CVE-2023-5722 | unknown | — | — | — | Using iterative requests an attacker was able to learn the size of an opaque response, as well as the contents of a server-supplied Vary header. This vulnerability affects Firefox < 119. | |||
| CVE-2023-54257 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: macb: fix a memory corruption in extended buffer descriptor mode For quite some time we were chasing a bug which looked like… | |||
| CVE-2023-53455 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: drop all currently held locks if deadlock happens If vc4_hdmi_reset_link() returns -EDEADLK, it means that a deadlock ha… | |||
| CVE-2023-24258 | unknown | — | — | — | SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request. | |||
| CVE-2023-53650 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: lcd_mipid: Fix an error handling path in mipid_spi_probe() If 'mipid_detect()' fails, we must free 'md' to avoid a… | |||
| CVE-2023-27320 | unknown | — | — | — | Sudo before 1.9.13p2 has a double free in the per-command chroot feature. | |||
| CVE-2023-45922 | unknown | — | — | — | glx_pbuffer.c in Mesa 23.0.4 was discovered to contain a segmentation violation when calling __glXGetDrawableAttribute(). NOTE: this is disputed because there are no common situations in which users … | |||
| CVE-2023-53642 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86: fix clear_user_rep_good() exception handling annotation This code no longer exists in mainline, because it was removed in co… | |||
| CVE-2023-53998 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: hwrng: virtio - Fix race on data_avail and actual data The virtio rng device kicks off a new entropy request whenever the data av… | |||
| CVE-2023-54147 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for ida_alloc Add the check for the return value of the ida_alloc in order … | |||
| CVE-2023-53080 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xsk: Add missing overflow check in xdp_umem_reg The number of chunks can overflow u32. Make sure to return -EINVAL on overflow. A… | |||
| CVE-2023-45931 | unknown | — | — | — | Mesa 23.0.4 was discovered to contain a NULL pointer dereference in check_xshm() for the has_error state. NOTE: this is disputed because there is no scenario in which the vulnerability was demonstrat… | |||
| CVE-2023-53783 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: blk-iocost: fix divide by 0 error in calc_lcoefs() echo max of u64 to cost.model can cause divide by 0 error. # echo 8:0 rbps=… | |||
| CVE-2023-31437 | unknown | — | — | — | An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a … | |||
| CVE-2023-2463 | unknown | — | — | — | Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (C… | |||
| CVE-2023-46569 | unknown | — | — | — | An out-of-bounds read in radare2 v.5.8.9 and before exists in the print_insn32_fpu function of libr/arch/p/nds32/nds32-dis.h. | |||
| CVE-2023-53658 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: bcm-qspi: return error if neither hif_mspi nor mspi is available If neither a "hif_mspi" nor "mspi" resource is present, the… | |||
| CVE-2023-53166 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: power: supply: bq25890: Fix external_power_changed race bq25890_charger_external_power_changed() dereferences bq->charger, which … | |||
| CVE-2023-0471 | unknown | — | — | — | Use after free in WebTransport in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-53707 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix integer overflow in amdgpu_cs_pass1 The type of size is unsigned int, if size is 0x40000000, there will be an int… | |||
| CVE-2023-25740 | unknown | — | — | — | After downloading a Windows <code>.scf</code> script from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system. This a… | |||
| CVE-2023-53587 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Sync IRQ works before buffer destruction If something was written to the buffer just before destruction, it may be p… | |||
| CVE-2023-53758 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove() An early error exit in atmel_qspi_remove() doesn't … | |||
| CVE-2023-54086 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Add preempt_count_{sub,add} into btf id deny list The recursion check in __bpf_prog_enter* and __bpf_prog_exit* leave preemp… | |||
| CVE-2023-54193 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_api: remove block_cb from driver_list before freeing Error handler of tcf_block_bind() frees the whole bo->cb_list… | |||
| CVE-2023-5729 | unknown | — | — | — | A malicious web site can enter fullscreen mode while simultaneously triggering a WebAuthn prompt. This could have obscured the fullscreen notification and could have been leveraged in a spoofing atta… | |||
| CVE-2023-4576 | unknown | — | — | — | On Windows, an integer overflow could occur in `RecordedSourceSurfaceCreation` which resulted in a heap buffer overflow potentially leaking sensitive data that could have led to a sandbox escape. *Th… | |||
| CVE-2023-53172 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fsverity: reject FS_IOC_ENABLE_VERITY on mode 3 fds Commit 56124d6c87fd ("fsverity: support enabling with tree block size < PAGE_… | |||
| CVE-2023-53138 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbl_device_notify() syzbot reported use-after-free in cfusbl_device_notify() [1]. This cause… | |||
| CVE-2023-2311 | unknown | — | — | — | Insufficient policy enforcement in File System API in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security seve… | |||
| CVE-2023-53186 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: skbuff: Fix a race between coalescing and releasing SKBs Commit 1effe8ca4e34 ("skbuff: fix coalescing for page_pool fragment recy… | |||
| CVE-2023-53589 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't trust firmware n_channels If the firmware sends us a corrupted MCC response with n_channels much larger… | |||
| CVE-2023-52889 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix null pointer deref when receiving skb during sock creation The panic below is observed when receiving ICMP packets … | |||
| CVE-2023-3195 | unknown | — | — | — | A stack-based buffer overflow issue was found in ImageMagick's coders/tiff.c. This flaw allows an attacker to trick the user into opening a specially crafted malicious tiff file, causing an applicati… | |||
| CVE-2023-38039 | unknown | — | — | — | When curl retrieves an HTTP response, it stores the incoming headers so that they can be accessed later via the libcurl headers API. However, curl did not have a limit in how many or how large heade… | |||
| CVE-2023-2135 | unknown | — | — | — | Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafte… | |||
| CVE-2023-5568 | unknown | — | — | — | A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service. | |||
| CVE-2023-4154 | unknown | — | — | — | A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allo… | |||
| CVE-2023-54219 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a ("IB/isert: Fix incorrect release of isert conn… | |||
| CVE-2023-29543 | unknown | — | — | — | An attacker could have caused memory corruption and a potentially exploitable use-after-free of a pointer in a global object's debugger vector. This vulnerability affects Firefox for Android < 112, F… | |||
| CVE-2023-2088 | unknown | — | — | — | A flaw was found in OpenStack due to an inconsistency between Cinder and Nova. This issue can be triggered intentionally or by accident. A remote, authenticated attacker could exploit this vulnerabil… | |||
| CVE-2023-6873 | unknown | — | — | — | Memory safety bugs present in Firefox 120. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code… | |||
| CVE-2023-45896 | unknown | — | — | — | ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts… | |||
| CVE-2023-28160 | unknown | — | — | — | When following a redirect to a publicly accessible web extension file, the URL may have been translated to the actual local path, leaking potentially sensitive information. This vulnerability affects… | |||
| CVE-2023-53111 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues do_req_filebacked() calls blk_mq_complete_request() synchronously or asynchronously when using as… | |||
| CVE-2023-53215 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: sched/fair: Don't balance task to its current running CPU We've run into the case that the balancer tries to balance a migration … | |||
| CVE-2023-53853 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: netlink: annotate accesses to nlk->cb_running Both netlink_recvmsg() and netlink_native_seq_show() read nlk->cb_running locklessl… | |||
| CVE-2023-54094 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: prevent skb corruption on frag list segmentation Ian reported several skb corruptions triggered by rx-gro-list, collecting d… | |||
| CVE-2023-53240 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: xsk: check IFF_UP earlier in Tx path Xsk Tx can be triggered via either sendmsg() or poll() syscalls. These two paths share a cal… | |||
| CVE-2023-2313 | unknown | — | — | — | Inappropriate implementation in Sandbox in Google Chrome on Windows prior to 112.0.5615.49 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a mal… | |||
| CVE-2023-28320 | unknown | — | — | — | A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous… | |||
| CVE-2023-34188 | unknown | — | — | — | The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the s… | |||
| CVE-2023-53082 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: vp_vdpa: fix the crash in hot unplug with vp_vdpa While unplugging the vp_vdpa device, it triggers a kernel panic The root cause … | |||
| CVE-2023-1822 | unknown | — | — | — | Incorrect security UI in Navigation in Google Chrome prior to 112.0.5615.49 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Low) | |||
| CVE-2023-53187 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of new block group that became unused If a task creates a new block group and that block group becomes … | |||
| CVE-2023-27537 | unknown | — | — | — | A double free vulnerability exists in libcurl <8.0.0 when sharing HSTS data between separate "handles". This sharing was introduced without considerations for do this sharing across separate threads … | |||
| CVE-2023-2905 | unknown | — | — | — | Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a hea… | |||
| CVE-2023-1544 | unknown | — | — | — | A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring o… | |||
| CVE-2023-3748 | unknown | — | — | — | A flaw was found in FRRouting when parsing certain babeld unicast hello messages that are intended to be ignored. This issue may allow an attacker to send specially crafted hello messages with the un… | |||
| CVE-2023-25741 | unknown | — | — | — | When dragging and dropping an image cross-origin, the image's size could potentially be leaked. This behavior was shipped in 109 and caused web compatibility problems as well as this security concern… | |||
| CVE-2023-52322 | unknown | — | — | — | ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input from _request() is not restricted to safe characters such as alphanumerics. | |||
| CVE-2023-28161 | unknown | — | — | — | If temporary "one-time" permissions, such as the ability to use the Camera, were granted to a document loaded using a file: URL, that permission persisted in that tab for all other documents loaded f… | |||
| CVE-2023-35790 | unknown | — | — | — | An issue was discovered in dec_patch_dictionary.cc in libjxl before 0.8.2. An integer underflow in patch decoding can lead to a denial of service, such as an infinite loop. | |||
| CVE-2023-23597 | unknown | — | — | — | A compromised web child process could disable web security opening restrictions, leading to a new child process being spawned within the `file://` context. Given a reliable exploit primitive, this ne… | |||
| CVE-2023-25750 | unknown | — | — | — | Under certain circumstances, a ServiceWorker's offline cache may have leaked to the file system when using private browsing mode. This vulnerability affects Firefox < 111. | |||
| CVE-2023-0472 | unknown | — | — | — | Use after free in WebRTC in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||
| CVE-2023-2466 | unknown | — | — | — | Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity… | |||
| CVE-2023-23604 | unknown | — | — | — | A duplicate `SystemPrincipal` object could be created when parsing a non-system html document via `DOMParser::ParseFromSafeString`. This could have lead to bypassing web security checks. This vulnera… | |||
| CVE-2023-53165 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: udf: Fix uninitialized array access for some pathnames For filenames that begin with . and are between 2 and 5 characters long, U… | |||
| CVE-2023-53778 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Clean up integer overflow checking in map_user_pages() The encode_dma() function has some validation on in_trans->siz… |