CVEs from 2023
Total
6,106
critical
critical 240
high
high 1,529
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-52859 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: perf: hisi: Fix use-after-free when register pmu fails When we fail to register the uncore pmu, the pmu context may not been allo… | |||
| CVE-2023-52634 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix disable_otg_wa logic [Why] When switching to another HDMI mode, we are unnecesarilly disabling/enabling FIFO… | |||
| CVE-2023-52690 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv: Add a null pointer check to scom_debug_init_one() kasprintf() returns a pointer to dynamically allocated memory … | |||
| CVE-2023-53997 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal: of: fix double-free on unregistration Since commit 3d439b1a2ad3 ("thermal/core: Alloc-copy-free the thermal zone paramet… | |||
| CVE-2023-44431 | medium | — | 5.5 | 2y ago | Moderate: bluez security update | |||
| CVE-2023-52637 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) Lock jsk->sk to prevent UAF when setsockopt(..., … | |||
| CVE-2023-51764 | medium | — | 5.5 | 2y ago | Postfix through 3.8.5 allows SMTP smuggling unless configured with smtpd_data_restrictions=reject_unauth_pipelining and smtpd_discard_ehlo_keywords=chunking (or certain other options that exist in re… | |||
| CVE-2023-45866 | medium | — | 5.5 | 2y ago | RHSA-2024:11154: bluez security update (Moderate) | |||
| CVE-2023-6681 | medium | — | 5.5 | 2y ago | Moderate: python-jwcrypto security update | |||
| CVE-2023-38709 | medium | — | 5.5 | 2y ago | Moderate: httpd security update | |||
| CVE-2023-53752 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmalloc_reserve() Blamed commit changed: ptr = kmalloc(size); if (ptr) size = k… | |||
| CVE-2023-50967 | medium | — | 5.5 | 2y ago | RHSA-2024:5294: jose security update (Moderate) | |||
| CVE-2023-53173 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: tty: pcn_uart: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it… | |||
| CVE-2023-53719 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: arc_uart: fix of_iomap leak in `arc_serial_probe` Smatch reports: drivers/tty/serial/arc_uart.c:631 arc_serial_probe() w… | |||
| CVE-2023-54083 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: phy: tegra: xusb: Clear the driver reference in usb-phy dev For the dual-role port, it will assign the phy dev to usb-phy dev and… | |||
| CVE-2023-54172 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/hyperv: Disable IBT when hypercall page lacks ENDBR instruction On hardware that supports Indirect Branch Tracking (IBT), Hyp… | |||
| CVE-2023-52462 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: fix check for attempt to corrupt spilled pointer When register is spilled onto a stack as a 1/2/4-byte register, we set slot… | |||
| CVE-2023-52473 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If device_register() in thermal_zone_device_register_… | |||
| CVE-2023-52698 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: calipso: fix memory leak in netlbl_calipso_add_pass() If IPv6 support is disabled at boot (ipv6.disable=1), the calipso_init() ->… | |||
| CVE-2023-52833 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: Add date->evt_skb is NULL check fix crash because of null pointers [ 6104.969662] BUG: kernel NULL pointer der… | |||
| CVE-2023-52837 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_open Commit 4af5f2e03013 ("nbd: use blk_mq_alloc_disk and blk_cleanup_disk") cleans up disk by blk_cleanup_di… | |||
| CVE-2023-52482 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which e… | |||
| CVE-2023-52498 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: PM: sleep: Fix possible deadlocks in core system-wide PM code It is reported that in low-memory situations the system-wide resume… | |||
| CVE-2023-52492 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure… | |||
| CVE-2023-52528 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg syzbot reported the following uninit-value access issue: ====… | |||
| CVE-2023-52565 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix OOB read If the index provided by the user is bigger than the mask size, we might do an out of bound read. | |||
| CVE-2023-52606 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for the instruc… | |||
| CVE-2023-52624 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wake DMCUB before executing GPINT commands [Why] DMCUB can be in idle when we attempt to interface with the HW t… | |||
| CVE-2023-52625 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Refactor DMCUB enter/exit idle interface [Why] We can hang in place trying to send commands when the DMCUB isn't… | |||
| CVE-2023-52674 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 and S… | |||
| CVE-2023-52676 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the … | |||
| CVE-2023-52749 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: spi: Fix null dereference on suspend A race condition exists where a synchronous (noqueue) transfer can be active during a system… | |||
| CVE-2023-52757 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All release_mid() callers seem to hold a reference of @mid so there is no… | |||
| CVE-2023-52819 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga For pptable structs that use flexible array sizes, use flexibl… | |||
| CVE-2023-52831 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cpu/hotplug: Don't offline the last non-isolated CPU If a system has isolated CPUs via the "isolcpus=" command line parameter, th… | |||
| CVE-2023-53059 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger `… | |||
| CVE-2023-53068 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb->len Packet length retrieved from descriptor may be larger than the actual socket b… | |||
| CVE-2023-53176 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Reinit port->pm on port specific driver unbind When we unbind a serial port hardware specific 8250 driver, the gene… | |||
| CVE-2023-53264 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: clk: imx: clk-imxrt1050: fix memory leak in imxrt1050_clocks_probe Use devm_of_iomap() instead of of_iomap() to automatically han… | |||
| CVE-2023-53395 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer ACPICA commit 90310989a0790032f5a0140741ff09b545af4bc5 According to the ACPI sp… | |||
| CVE-2023-53402 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: kernel/printk/index.c: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() call… | |||
| CVE-2023-53558 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Avoid pr_info() with spin lock in cblist_init_generic() pr_info() is called with rtp->cbs_gbl_lock spin lock locked. … | |||
| CVE-2023-52920 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction (jump) history to record instruction… | |||
| CVE-2023-54153 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ext4: turn quotas off if mount failed after enabling quotas Yi found during a review of the patch "ext4: don't BUG on inconsisten… | |||
| CVE-2023-48161 | medium | — | 5.5 | 2y ago | Moderate: java-1.8.0-openjdk security update | |||
| CVE-2023-52658 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2023-38575 | medium | — | 5.5 | 2y ago | Moderate: microcode_ctl security update | |||
| CVE-2023-39368 | medium | — | 5.5 | 2y ago | Moderate: microcode_ctl security update | |||
| CVE-2023-43490 | medium | — | 5.5 | 2y ago | Moderate: microcode_ctl security update | |||
| CVE-2023-46103 | medium | — | 5.5 | 2y ago | Moderate: microcode_ctl security update | |||
| CVE-2023-22655 | medium | — | 5.5 | 2y ago | Moderate: microcode_ctl security update | |||
| CVE-2023-45733 | medium | — | 5.5 | 2y ago | Moderate: microcode_ctl security update | |||
| CVE-2023-31356 | medium | — | 5.5 | 2y ago | Moderate: linux-firmware security update | |||
| CVE-2023-20584 | medium | — | 5.5 | 2y ago | Moderate: linux-firmware security update | |||
| CVE-2023-52463 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2023-52801 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2023-6349 | medium | — | 5.5 | 2y ago | RHSA-2024:5941: libvpx security update (Moderate) | |||
| CVE-2023-37920 | medium | — | 5.5 | 2y ago | Moderate: fence-agents security update | |||
| CVE-2023-25433 | medium | — | 5.5 | 2y ago | RHSA-2024:5079: libtiff security update (Moderate) | |||
| CVE-2023-52458 | medium | 5.5 | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2023-52809 | medium | — | 5.5 | 2y ago | Moderate: kernel security update | |||
| CVE-2023-45237 | medium | — | 5.5 | 2y ago | RHSA-2024:5297: edk2 security update (Moderate) | |||
| CVE-2023-45236 | medium | — | 5.5 | 2y ago | RHSA-2024:5297: edk2 security update (Moderate) | |||
| CVE-2023-31346 | medium | — | 5.5 | 2y ago | RHSA-2024:4262: linux-firmware security update (Moderate) | |||
| CVE-2023-52626 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2023-52667 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2023-38264 | medium | — | 5.5 | 2y ago | RHSA-2024:6595: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2023-52598 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: s390/ptrace: handle setting of fpc register correctly If the content of the floating point control (fpc) register of a traced pro… | |||
| CVE-2023-52607 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix null-pointer dereference in pgtable_cache_add kasprintf() returns a pointer to dynamically allocated memory which… | |||
| CVE-2023-43361 | medium | — | 5.5 | 2y ago | RHSA-2024:3095: vorbis-tools security update (Moderate) | |||
| CVE-2023-53648 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: Fix possible NULL dereference in snd_ac97_mixer smatch error: sound/pci/ac97/ac97_codec.c:2354 snd_ac97_mixer() error… | |||
| CVE-2023-53798 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ethtool: Fix uninitialized number of lanes It is not possible to set the number of lanes when setting link modes using the legacy… | |||
| CVE-2023-53698 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: xsk: fix refcount underflow in error path Fix a refcount underflow problem reported by syzbot that can happen when a system is ru… | |||
| CVE-2023-53266 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: arm64: acpi: Fix possible memory leak of ffh_ctxt Allocated 'ffh_ctxt' memory leak is possible if the SMCCC version and conduit c… | |||
| CVE-2023-1513 | medium | — | 5.5 | 2y ago | A flaw was found in KVM. When calling the KVM_GET_DEBUGREGS ioctl, on 32-bit systems, there might be some uninitialized portions of the kvm_debugregs structure that could be copied to userspace, caus… | |||
| CVE-2023-39192 | medium | — | 5.5 | 2y ago | A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure. This flaw allows a local privileged attacker to trigger an out-… | |||
| CVE-2023-42755 | medium | — | 5.5 | 2y ago | A flaw was found in the IPv4 Resource Reservation Protocol (RSVP) classifier in the Linux kernel. The xprt pointer may go beyond the linear part of the skb, leading to an out-of-bounds read in the `r… | |||
| CVE-2023-52737 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: btrfs: lock the inode in shared mode before starting fiemap Currently fiemap does not take the inode's lock (VFS lock), it only l… | |||
| CVE-2023-6240 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2023-5090 | medium | — | 5.5 | 2y ago | Moderate: kernel security and bug fix update | |||
| CVE-2023-53585 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpf_sk_assign The semantics for bpf_sk_assign are as follows: sk = some_lookup_func() bp… | |||
| CVE-2023-53615 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the lin… | |||
| CVE-2023-53621 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: memcontrol: ensure memcg acquired by id is properly set up In the eviction recency check, we attempt to retrieve the memcg to whi… | |||
| CVE-2023-53661 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bnxt: avoid overflow in bnxt_get_nvram_directory() The value of an arithmetic expression is subject of possible overflow due to a… | |||
| CVE-2023-53696 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc… | |||
| CVE-2023-53722 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-o… | |||
| CVE-2023-53751 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCP_Server_Info::hostname TCP_Server_Info::hostname may be updated once or many times … | |||
| CVE-2023-53761 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a use… | |||
| CVE-2023-53843 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) re… | |||
| CVE-2023-53848 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") int… | |||
| CVE-2023-53995 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bo… | |||
| CVE-2023-54003 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails, release sgid_attr to avoid GID entry referrenc… | |||
| CVE-2023-54014 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be derefere… | |||
| CVE-2023-54064 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapte… | |||
| CVE-2023-54070 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 ("igb: Enable SR-IOV after reinit"), removing the… | |||
| CVE-2023-54072 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential data race at PCM memory allocation helpers The PCM memory allocation helpers have a sanity check against… | |||
| CVE-2023-54090 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ixgbe: Fix panic during XDP_TX with > 64 CPUs Commit 4fe815850bdc ("ixgbe: let the xdpdrv work with more than 64 cpus") adds supp… | |||
| CVE-2023-54096 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: soundwire: fix enumeration completion The soundwire subsystem uses two completion structures that allow drivers to wait for sound… | |||
| CVE-2023-54100 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qedi_remove() In qedi_probe() we call __qedi_probe() which initializes &qedi->recovery_work… | |||
| CVE-2023-54106 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the er… |