CVEs from 2023
Total
6,106
critical
critical 240
high
high 1,529
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-53545 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: unmap and remove csa_va properly Root PD BO should be reserved before unmap and remove a bo_va from VM otherwise lock… | |||
| CVE-2023-54100 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qedi: Fix use after free bug in qedi_remove() In qedi_probe() we call __qedi_probe() which initializes &qedi->recovery_work… | |||
| CVE-2023-54106 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fix potential memory leak in mlx5e_init_rep_rx The memory pointed to by the priv->rx_res pointer is not freed in the er… | |||
| CVE-2023-53539 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix incomplete state save in rxe_requester If a send packet is dropped by the IP layer in rxe_requester() the call to r… | |||
| CVE-2023-53297 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: fix "bad unlock balance" in l2cap_disconnect_rsp conn->chan_lock isn't acquired before l2cap_get_chan_by_scid, … | |||
| CVE-2023-53615 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix deletion race condition System crash when using debug kernel due to link list corruption. The cause of the lin… | |||
| CVE-2023-51714 | medium | — | 5.5 | 2y ago | An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incor… | |||
| CVE-2023-54166 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igc: Fix Kernel Panic during ndo_tx_timeout callback The Xeon validation group has been carrying out some loaded tests with vario… | |||
| CVE-2023-54169 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5e_ptp_open When kvzalloc_node or kvzalloc failed in mlx5e_ptp_open, the memory pointed by "c" o… | |||
| CVE-2023-54179 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha->host_str' of size 16 may use index value(s) 16..19. … | |||
| CVE-2023-54184 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsit: Free cmds before session free Commands from recovery entries are freed after session has been closed. That … | |||
| CVE-2023-7008 | medium | — | 5.5 | 2y ago | A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the u… | |||
| CVE-2023-54186 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: fix pin_assignment_show This patch fixes negative indexing of buf array in pin_assignment_show … | |||
| CVE-2023-40474 | medium | — | 5.5 | 2y ago | RHSA-2024:3060: gstreamer1-plugins-bad-free security update (Moderate) | |||
| CVE-2023-53621 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: memcontrol: ensure memcg acquired by id is properly set up In the eviction recency check, we attempt to retrieve the memcg to whi… | |||
| CVE-2023-53501 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: iommu/amd/iommu_v2: Fix pasid_state refcount dec hit 0 warning on pasid unbind When unbinding pasid - a race condition exists vs … | |||
| CVE-2023-54201 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/efa: Fix wrong resources deallocation order When trying to destroy QP or CQ, we first decrease the refcount and potentially … | |||
| CVE-2023-50186 | medium | — | 5.5 | 2y ago | Moderate: gstreamer1-plugins-bad-free security update | |||
| CVE-2023-40476 | medium | — | 5.5 | 2y ago | RHSA-2024:3060: gstreamer1-plugins-bad-free security update (Moderate) | |||
| CVE-2023-54274 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Add a check for valid 'mad_agent' pointer When unregistering MAD agent, srpt module has a non-null check for 'mad_agen… | |||
| CVE-2023-54289 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix NULL dereference in error handling Smatch reported: drivers/scsi/qedf/qedf_main.c:3056 qedf_alloc_global_queues(… | |||
| CVE-2023-3618 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |||
| CVE-2023-53559 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ip_vti: fix potential slab-use-after-free in decode_session6 When ip_vti device is set to the qdisc of the sfb type, the cb field… | |||
| CVE-2023-38473 | medium | — | 5.5 | 2y ago | RHSA-2023:7836: avahi security update (Moderate) | |||
| CVE-2023-39353 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-40745 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |||
| CVE-2023-39354 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-3255 | medium | — | 5.5 | 2y ago | A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the … | |||
| CVE-2023-42467 | medium | — | 5.5 | 2y ago | QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU … | |||
| CVE-2023-38472 | medium | — | 5.5 | 2y ago | RHSA-2023:7836: avahi security update (Moderate) | |||
| CVE-2023-4693 | medium | — | 5.5 | 2y ago | Moderate: grub2 security update | |||
| CVE-2023-53995 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix one memleak in __inet_del_ifa() I got the below warning when do fuzzing test: unregister_netdevice: waiting for bo… | |||
| CVE-2023-49083 | medium | — | 5.5 | 2y ago | RHSA-2025:14553: python-cryptography security update (Moderate) | |||
| CVE-2023-54003 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix GID entry ref leak when create_ah fails If AH create request fails, release sgid_attr to avoid GID entry referrenc… | |||
| CVE-2023-45802 | medium | — | 5.5 | 2y ago | When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection c… | |||
| CVE-2023-54014 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Check valid rport returned by fc_bsg_to_rport() Klocwork reported warning of rport maybe NULL and will be derefere… | |||
| CVE-2023-41360 | medium | — | 5.5 | 2y ago | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation. | |||
| CVE-2023-41175 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |||
| CVE-2023-53848 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5l_exit_log() Commit b13015af94cf ("md/raid5-cache: Clear conf->log after finishing work") int… | |||
| CVE-2023-53525 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Allow UD qp_type to join multicast only As for multicast: - The SIDR is the only mode that makes sense; - Besides PS_UD… | |||
| CVE-2023-40589 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-53530 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Use raw_smp_processor_id() instead of smp_processor_id() The following call trace was observed: localhost kernel:… | |||
| CVE-2023-53513 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: nbd: fix incomplete validation of ioctl arg We tested and found an alarm caused by nbd_ioctl arg without verification. The UBSAN … | |||
| CVE-2023-53585 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: reject unhashed sockets in bpf_sk_assign The semantics for bpf_sk_assign are as follows: sk = some_lookup_func() bp… | |||
| CVE-2023-53586 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix multiple LUN_RESET handling This fixes a bug where an initiator thinks a LUN_RESET has cleaned up running comma… | |||
| CVE-2023-6228 | medium | — | 5.5 | 2y ago | RHSA-2024:5079: libtiff security update (Moderate) | |||
| CVE-2023-53451 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix potential NULL pointer dereference Klocwork tool reported 'cur_dsd' may be dereferenced. Add fix to validate … | |||
| CVE-2023-53148 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igb: Fix igb_down hung on surprise removal In a setup where a Thunderbolt hub connects to Ethernet and a display through USB Type… | |||
| CVE-2023-53581 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Check for NOT_READY flag state after locking Currently the check for NOT_READY flag is performed before obtaining the … | |||
| CVE-2023-53611 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi_si: fix a memleak in try_smi_init() Kmemleak reported the following leak info in try_smi_init(): unreferenced object 0xffff… | |||
| CVE-2023-43622 | medium | — | 5.5 | 2y ago | An attacker, opening a HTTP/2 connection with an initial window size of 0, was able to block handling of that connection indefinitely in Apache HTTP Server. This could be used to exhaust worker resou… | |||
| CVE-2023-45897 | medium | — | 5.5 | 2y ago | exfatprogs before 1.2.2 allows out-of-bounds memory access, such as in read_file_dentry_set. | |||
| CVE-2023-53442 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at … | |||
| CVE-2023-41909 | medium | — | 5.5 | 2y ago | An issue was discovered in FRRouting FRR through 9.0. bgp_nlri_parse_flowspec in bgpd/bgp_flowspec.c processes malformed requests with no attributes, leading to a NULL pointer dereference. | |||
| CVE-2023-53696 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix memory leak in qla2x00_probe_one() There is a memory leak reported by kmemleak: unreferenced object 0xffffc… | |||
| CVE-2023-46316 | medium | — | 5.5 | 2y ago | RHSA-2024:3211: traceroute security update (Moderate) | |||
| CVE-2023-29406 | medium | — | 5.5 | 2y ago | RHSA-2023:7202: container-tools:4.0 security and bug fix update (Moderate) | |||
| CVE-2023-53343 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev(). With some IPv6 Ext Hdr (RPL, SRv6, etc.), we can send a pa… | |||
| CVE-2023-53722 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md: raid1: fix potential OOB in raid1_remove_disk() If rddev->raid_disk is greater than mddev->raid_disks, there will be an out-o… | |||
| CVE-2023-53843 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next (commit 759ab1edb56c ("net: store netdevs in an xarray")) re… | |||
| CVE-2023-46753 | medium | — | 5.5 | 2y ago | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur for a crafted BGP UPDATE message without mandatory attributes, e.g., one with only an unknown transit attribute. | |||
| CVE-2023-54064 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ipmi:ssif: Fix a memory leak when scanning for an adapter The adapter scan ssif_info_find() sets info->adapter_name if the adapte… | |||
| CVE-2023-53322 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport System crash due to use after free. Current code allows terminate_rport_io t… | |||
| CVE-2023-46752 | medium | — | 5.5 | 2y ago | An issue was discovered in FRRouting FRR through 9.0.1. It mishandles malformed MP_REACH_NLRI data, leading to a crash. | |||
| CVE-2023-4874 | medium | — | 5.5 | 2y ago | RHSA-2024:3058: mutt security update (Moderate) | |||
| CVE-2023-31489 | medium | — | 5.5 | 2y ago | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function. | |||
| CVE-2023-31490 | medium | — | 5.5 | 2y ago | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function. | |||
| CVE-2023-40186 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-41358 | medium | — | 5.5 | 2y ago | An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c processes NLRIs if the attribute length is zero. | |||
| CVE-2023-41359 | medium | — | 5.5 | 2y ago | An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP … | |||
| CVE-2023-53354 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: skbuff: skb_segment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 ("skbuff: in skb_segment, call zeroco… | |||
| CVE-2023-40569 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-53280 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Remove unused nvme_ls_waitq wait queue System crash when qla2x00_start_sp(sp) returns error code EGAIN and wake_up… | |||
| CVE-2023-4875 | medium | — | 5.5 | 2y ago | RHSA-2024:3058: mutt security update (Moderate) | |||
| CVE-2023-3758 | medium | — | 5.5 | 2y ago | RHSA-2024:3270: sssd security update (Moderate) | |||
| CVE-2023-54148 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanup_tx For IP tunnel encapsulation in ECMP (Equal-Cost Multipath) mode, … | |||
| CVE-2023-53999 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: TC, Fix internal port memory leak The flow rule can be splited, and the extra post_act rules are added to post_act tab… | |||
| CVE-2023-40181 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-37327 | medium | — | 5.5 | 2y ago | GStreamer FLAC File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interact… | |||
| CVE-2023-39351 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-4692 | medium | — | 5.5 | 2y ago | Moderate: grub2 security update | |||
| CVE-2023-40475 | medium | — | 5.5 | 2y ago | RHSA-2024:3060: gstreamer1-plugins-bad-free security update (Moderate) | |||
| CVE-2023-40567 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-43785 | medium | — | 5.5 | 2y ago | Moderate: libX11 security update | |||
| CVE-2023-5215 | medium | — | 5.5 | 2y ago | Moderate: libnbd security update | |||
| CVE-2023-6917 | medium | — | 5.5 | 2y ago | A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operat… | |||
| CVE-2023-40188 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-5871 | medium | — | 5.5 | 2y ago | Moderate: libnbd security update | |||
| CVE-2023-53151 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid10: prevent soft lockup while flush writes Currently, there is no limit for raid1/raid10 plugged bio. While flushing write… | |||
| CVE-2023-31122 | medium | — | 5.5 | 2y ago | Out-of-bounds Read vulnerability in mod_macro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57. | |||
| CVE-2023-39350 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-1579 | medium | — | 5.5 | 2y ago | Moderate: mingw components security update | |||
| CVE-2023-54324 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipat… | |||
| CVE-2023-37328 | medium | — | 5.5 | 2y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2023-43786 | medium | — | 5.5 | 2y ago | Moderate: libX11 security update | |||
| CVE-2023-52323 | medium | — | 5.5 | 2y ago | Moderate: fence-agents security and bug fix update | |||
| CVE-2023-53821 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: ip6_vti: fix slab-use-after-free in decode_session6 When ipv6_vti device is set to the qdisc of the sfb type, the cb field of the… | |||
| CVE-2023-53421 | medium | 5.5 | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats() When blkg_alloc() is called to allocate a blkcg_gq struc… | |||
| CVE-2023-53441 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpu_map_update_elem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced o… | |||
| CVE-2023-53762 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_sync: Fix UAF in hci_disconnect_all_sync Use-after-free can occur in hci_disconnect_all_sync if a connection is de… |