CVEs from 2023
Total
6,107
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-50447 | high | — | 8.0 | 2y ago | RHSA-2024:0893: python-pillow security update (Important) | |||
| CVE-2023-46233 | high | — | 8.0 | 2y ago | RHSA-2024:0806: dotnet7.0 security update (Important) | |||
| CVE-2023-2162 | high | — | 8.0 | 2y ago | A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal info… | |||
| CVE-2023-46724 | high | — | 8.0 | 2y ago | RHSA-2024:0046: squid:4 security update (Important) | |||
| CVE-2023-46728 | high | — | 8.0 | 2y ago | RHSA-2024:0046: squid:4 security update (Important) | |||
| CVE-2023-49286 | high | — | 8.0 | 2y ago | RHSA-2024:0046: squid:4 security update (Important) | |||
| CVE-2023-49285 | high | — | 8.0 | 2y ago | RHSA-2024:0046: squid:4 security update (Important) | |||
| CVE-2023-6861 | high | — | 8.0 | 3y ago | The `nsWindow::PickerOpen(void)` method was susceptible to a heap buffer overflow when running in headless mode. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. | |||
| CVE-2023-50762 | high | — | 8.0 | 3y ago | RHSA-2024:0003: thunderbird security update (Important) | |||
| CVE-2023-6867 | high | — | 8.0 | 3y ago | The timing of a button click causing a popup to disappear was approximately the same length as the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by… | |||
| CVE-2023-6864 | high | — | 8.0 | 3y ago | Memory safety bugs present in Firefox 120, Firefox ESR 115.5, and Thunderbird 115.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could… | |||
| CVE-2023-6863 | high | — | 8.0 | 3y ago | The `ShutdownObserver()` was susceptible to potentially undefined behavior due to its reliance on a dynamic type that lacked a virtual destructor. This vulnerability affects Firefox ESR < 115.6, Thun… | |||
| CVE-2023-6860 | high | — | 8.0 | 3y ago | The `VideoBridge` allowed any content process to use textures produced by remote decoders. This could be abused to escape the sandbox. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 1… | |||
| CVE-2023-6858 | high | — | 8.0 | 3y ago | Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. | |||
| CVE-2023-6857 | high | — | 8.0 | 3y ago | When resolving a symlink, a race may occur where the buffer passed to `readlink` may actually be smaller than necessary. *This bug only affects Firefox on Unix-based operating systems (Android, Linu… | |||
| CVE-2023-6856 | high | — | 8.0 | 3y ago | The WebGL `DrawElementsInstanced` method was susceptible to a heap buffer overflow when used on systems with the Mesa VM driver. This issue could allow an attacker to perform remote code execution a… | |||
| CVE-2023-50761 | high | — | 8.0 | 3y ago | RHSA-2024:0003: thunderbird security update (Important) | |||
| CVE-2023-6859 | high | — | 8.0 | 3y ago | A use-after-free condition affected TLS socket creation when under memory pressure. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. | |||
| CVE-2023-6862 | high | — | 8.0 | 3y ago | RHSA-2024:0012: firefox security update (Important) | |||
| CVE-2023-6865 | high | — | 8.0 | 3y ago | `EncryptingOutputStream` was susceptible to exposing uninitialized data. This issue could only be abused in order to write data to a local disk which may have implications for private browsing mode.… | |||
| CVE-2023-5869 | high | — | 8.0 | 3y ago | Important: postgresql:15 security update | |||
| CVE-2023-5868 | high | — | 8.0 | 3y ago | Important: postgresql:15 security update | |||
| CVE-2023-39418 | high | — | 8.0 | 3y ago | Important: postgresql:15 security update | |||
| CVE-2023-5870 | high | — | 8.0 | 3y ago | Important: postgresql:15 security update | |||
| CVE-2023-44446 | high | — | 8.0 | 3y ago | RHSA-2023:7841: gstreamer1-plugins-bad-free security update (Important) | |||
| CVE-2023-39417 | high | — | 8.0 | 3y ago | Important: postgresql:15 security update | |||
| CVE-2023-44429 | high | — | 8.0 | 3y ago | Important: gstreamer1-plugins-bad-free security update | |||
| CVE-2023-5345 | high | — | 8.0 | 3y ago | A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. In case of an error in smb3_fs_context_parse_param, ctx->password… | |||
| CVE-2023-1192 | high | — | 8.0 | 3y ago | A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system call, there are still local variable points to the memory re… | |||
| CVE-2023-45871 | high | — | 8.0 | 3y ago | An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. | |||
| CVE-2023-5557 | high | — | 8.0 | 3y ago | RHSA-2023:7732: tracker-miners security update (Important) | |||
| CVE-2023-52562 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() After the commit in Fixes:, if a module that created a… | |||
| CVE-2023-2163 | high | — | 8.0 | 3y ago | Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, … | |||
| CVE-2023-6208 | high | — | 8.0 | 3y ago | When using X11, text selected by the page using the Selection API was erroneously copied into the primary selection, a temporary storage not unlike the clipboard. *This bug only affects Firefox on X1… | |||
| CVE-2023-6206 | high | — | 8.0 | 3y ago | The black fade animation when exiting fullscreen is roughly the length of the anti-clickjacking delay on permission prompts. It was possible to use this fact to surprise users by luring them to click… | |||
| CVE-2023-6205 | high | — | 8.0 | 3y ago | It was possible to cause the use of a MessagePort after it had already been freed, which could potentially have led to an exploitable crash. This vulnerability affects Firefox < 120, Firefox ESR < 11… | |||
| CVE-2023-6204 | high | — | 8.0 | 3y ago | On some systems—depending on the graphics settings and drivers—it was possible to force an out-of-bounds read and leak memory data into the images created on the canvas element. This vulnerability af… | |||
| CVE-2023-6207 | high | — | 8.0 | 3y ago | Ownership mismanagement led to a use-after-free in ReadableByteStreams This vulnerability affects Firefox < 120, Firefox ESR < 115.5.0, and Thunderbird < 115.5. | |||
| CVE-2023-6209 | high | — | 8.0 | 3y ago | Relative URLs starting with three slashes were incorrectly parsed, and a path-traversal "/../" part in the path could be used to override the specified host. This could contribute to security problem… | |||
| CVE-2023-6212 | high | — | 8.0 | 3y ago | Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could… | |||
| CVE-2023-5824 | high | — | 8.0 | 3y ago | RHSA-2023:7668: squid:4 security update (Important) | |||
| CVE-2023-49288 | high | — | 8.0 | 3y ago | RHSA-2023:7668: squid:4 security update (Important) | |||
| CVE-2023-34059 | high | — | 8.0 | 3y ago | RHSA-2023:7265: open-vm-tools security update (Important) | |||
| CVE-2023-34058 | high | — | 8.0 | 3y ago | RHSA-2023:7265: open-vm-tools security update (Important) | |||
| CVE-2023-23455 | high | — | 8.0 | 3y ago | atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_S… | |||
| CVE-2023-31436 | high | — | 8.0 | 3y ago | qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX. | |||
| CVE-2023-4132 | high | — | 8.0 | 3y ago | A use-after-free vulnerability was found in the siano smsusb module in the Linux kernel. The bug occurs during device initialization when the siano device is plugged in. This flaw allows a local user… | |||
| CVE-2023-1118 | high | — | 8.0 | 3y ago | A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potent… | |||
| CVE-2023-4732 | high | — | 8.0 | 3y ago | A flaw was found in pfn_swap_entry_to_page in memory management subsystem in the Linux Kernel. In this flaw, an attacker with a local user privilege may cause a denial of service problem due to a BUG… | |||
| CVE-2023-35823 | high | — | 8.0 | 3y ago | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in saa7134_finidev in drivers/media/pci/saa7134/saa7134-core.c. | |||
| CVE-2023-3611 | high | — | 8.0 | 3y ago | An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The qfq_change_agg() function in net/sched/sch_qfq.c a… | |||
| CVE-2023-35824 | high | — | 8.0 | 3y ago | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c. | |||
| CVE-2023-31084 | high | — | 8.0 | 3y ago | An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interrup… | |||
| CVE-2023-39332 | high | — | 8.0 | 3y ago | RHSA-2023:7205: nodejs:20 security update (Important) | |||
| CVE-2023-53147 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn and x->preplay_esn should be allocated at xfrm_alloc_replay… | |||
| CVE-2023-39434 | high | — | 8.0 | 3y ago | A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. Processing web content may lead to arbitrary code execu… | |||
| CVE-2023-28772 | high | — | 8.0 | 3y ago | An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. | |||
| CVE-2023-53793 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: perf tool x86: Fix perf_env memory leak Found by leak sanitizer: ``` ==1632594==ERROR: LeakSanitizer: detected memory leaks Dire… | |||
| CVE-2023-28328 | high | — | 8.0 | 3y ago | A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into … | |||
| CVE-2023-53624 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_fq: fix integer overflow of "credit" if sch_fq is configured with "initial quantum" having values greater than INT… | |||
| CVE-2023-40451 | high | — | 8.0 | 3y ago | This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 17. An attacker with JavaScript execution may be able to execute arbitrary code. | |||
| CVE-2023-53073 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: perf/x86/amd/core: Always clear status for idx The variable 'status' (which contains the unhandled overflow bits) is not being pr… | |||
| CVE-2023-53084 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/shmem-helper: Remove another errant put in error path drm_gem_shmem_mmap() doesn't own reference in error code path, resultin… | |||
| CVE-2023-53079 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix steering rules cleanup vport's mc, uc and multicast rules are not deleted in teardown path when EEH happens. Since … | |||
| CVE-2023-53296 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: sctp: check send stream number after wait_for_sndbuf This patch fixes a corner case where the asoc out stream count may change af… | |||
| CVE-2023-53078 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate() If alua_rtpg_queue() failed from alua_activate(), then 'qdata' is … | |||
| CVE-2023-53051 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dm crypt: add cond_resched() to dmcrypt_write() The loop in dmcrypt_write may be running for unbounded amount of time, thus we ne… | |||
| CVE-2023-53299 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix leak of 'r10bio->remaining' for recovery raid10_sync_request() will add 'r10bio->remaining' for both rdev and repl… | |||
| CVE-2023-53050 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in margining Memory for the usb4->margining needs to be relased for the upstream port of the router … | |||
| CVE-2023-53334 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: USB: chipidea: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it… | |||
| CVE-2023-53320 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix issues in mpi3mr_get_all_tgt_info() The function mpi3mr_get_all_tgt_info() has four issues: 1) It calculates v… | |||
| CVE-2023-53218 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: rxrpc: Make it so that a waiting process can be aborted When sendmsg() creates an rxrpc call, it queues it to wait for a connecti… | |||
| CVE-2023-53044 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: dm stats: check for and propagate alloc_percpu failure Check alloc_precpu()'s return value and return an error from dm_stats_init… | |||
| CVE-2023-53042 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit [WHY] Writing to DRR registers such as OTG_V_TOTAL_MIN on the same frame as a pipe… | |||
| CVE-2023-53333 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: dccp: copy entire header to stack buffer, not just basic one Eric Dumazet says: nf_conntrack_dccp_packet(… | |||
| CVE-2023-53053 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: erspan: do not use skb_mac_header() in ndo_start_xmit() Drivers should not assume skb_mac_header(skb) == skb->data in their ndo_s… | |||
| CVE-2023-53359 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: USB: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it, otherwis… | |||
| CVE-2023-53363 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in pci_bus_release_domain_nr() Commit c14f7ccc9f5d ("PCI: Assign PCI domain IDs by ida_alloc()") introduc… | |||
| CVE-2023-53028 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: Revert "wifi: mac80211: fix memory leak in ieee80211_if_add()" This reverts commit 13e5afd3d773c6fc6ca2b89027befaaaa1ea7293. iee… | |||
| CVE-2023-53366 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: block: be a bit more careful in checking for NULL bdev while polling Wei reports a crash with an application using polled IO: PG… | |||
| CVE-2023-38572 | high | — | 8.0 | 3y ago | The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. A website may be … | |||
| CVE-2023-53372 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctp_ifwdtsn_skip Currently, when traversing ifwdtsn skips with _sctp_walk_ifwdtsn, it only che… | |||
| CVE-2023-40397 | high | — | 8.0 | 3y ago | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.5. A remote attacker may be able to cause arbitrary javascript code execution. | |||
| CVE-2023-53233 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net/smc: fix deadlock triggered by cancel_delayed_work_syn() The following LOCKDEP was detected: Workqueue: events smc_lgr_free… | |||
| CVE-2023-53376 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Use number of bits to manage bitmap sizes To allocate bitmaps, the mpi3mr driver calculates sizes of bitmaps using … | |||
| CVE-2023-38611 | high | — | 8.0 | 3y ago | The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arb… | |||
| CVE-2023-38600 | high | — | 8.0 | 3y ago | The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary co… | |||
| CVE-2023-38599 | high | — | 8.0 | 3y ago | A logic issue was addressed with improved state management. This issue is fixed in Safari 16.6, watchOS 9.6, iOS 15.7.8 and iPadOS 15.7.8, tvOS 16.6, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5. A w… | |||
| CVE-2023-52991 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net: fix NULL pointer in skb_segment_list Commit 3a1296a38d0c ("net: Support GRO/GSO fraglist chaining.") introduced UDP listifye… | |||
| CVE-2023-53453 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/radeon: free iio for atombios when driver shutdown Fix below kmemleak when unload radeon driver: unreferenced object 0xffff9… | |||
| CVE-2023-38597 | high | — | 8.0 | 3y ago | The issue was addressed with improved checks. This issue is fixed in iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, Safari 16.6. Processing web content may lead to arbitr… | |||
| CVE-2023-27954 | high | — | 8.0 | 3y ago | The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, tvOS 16.4, watchOS 9.4. A websi… | |||
| CVE-2023-53461 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring: wait interruptibly for request completions on exit WHen the ring exits, cleanup is done and the final cancelation and w… | |||
| CVE-2023-53466 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: fix memory leak in mt7915_mcu_exit Always purge mcu skb queues in mt7915_mcu_exit routine even if mt7915_firm… | |||
| CVE-2023-27932 | high | — | 8.0 | 3y ago | This issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, tvOS 16.4, watchOS 9.4. Processing maliciously crafted web c… | |||
| CVE-2023-53211 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: driver core: location: Free struct acpi_pld_info *pld before return false struct acpi_pld_info *pld should be freed before the re… | |||
| CVE-2023-53511 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: io_uring: fix fget leak when fs don't support nowait buffered read Heming reported a BUG when using io_uring doing link-cp on ocf… | |||
| CVE-2023-53512 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Fix a memory leak Add a forgotten kfree(). | |||
| CVE-2023-53090 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix an illegal memory access In the kfd_wait_on_events() function, the kfd_event_waiter structure is allocated by all… | |||
| CVE-2023-53108 | high | — | 8.0 | 3y ago | In the Linux kernel, the following vulnerability has been resolved: net/iucv: Fix size of interrupt data iucv_irq_data needs to be 4 bytes larger. These bytes are not used by the iucv module, but w… |