Total
2944 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24906 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
|
|||||
| CVE-2023-24871 | 1 Microsoft | 6 Windows 10 20h2, Windows 10 21h2, Windows 10 22h2 and 3 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Windows Bluetooth Service Remote Code Execution Vulnerability
|
|||||
| CVE-2023-24869 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
|
Remote Procedure Call Runtime Remote Code Execution Vulnerability
|
|||||
| CVE-2023-24863 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability
|
|||||
| CVE-2023-24609 | 2 Matrixssl, Rambus | 2 Matrixssl, Tls Toolkit | 2024-11-21 | N/A | 7.5 HIGH |
|
Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate.
|
|||||
| CVE-2023-24180 | 1 Libelfin Project | 1 Libelfin | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmap_loader.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted elf file.
|
|||||
| CVE-2023-23417 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Partition Management Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-23410 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows HTTP.sys Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-23405 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
|
Remote Procedure Call Runtime Remote Code Execution Vulnerability
|
|||||
| CVE-2023-23385 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.0 HIGH |
|
Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-23298 | 1 Garmin | 1 Connect-iq | 2024-11-21 | N/A | 9.8 CRITICAL |
|
The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware.
|
|||||
| CVE-2023-22666 | 1 Qualcomm | 344 Apq8009, Apq8009 Firmware, Apq8017 and 341 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory Corruption in Audio while playing amrwbplus clips with modified content.
|
|||||
| CVE-2023-22458 | 1 Redis | 1 Redis | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
|
|||||
| CVE-2023-22443 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2024-11-21 | N/A | 6.0 MEDIUM |
|
Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access.
|
|||||
| CVE-2023-22436 | 1 Openatom | 1 Openharmony | 2024-11-21 | N/A | 7.8 HIGH |
|
The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an
UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root.
|
|||||
| CVE-2023-22305 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access.
|
|||||
| CVE-2023-21803 | 1 Microsoft | 7 Windows 10, Windows 10 1607, Windows 10 1809 and 4 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Windows iSCSI Discovery Service Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21802 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Media Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21797 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21765 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Print Spooler Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21754 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21730 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21716 | 1 Microsoft | 8 Office, Office Long Term Servicing Channel, Office Online Server and 5 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Microsoft Word Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21704 | 1 Microsoft | 1 Sql Server | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21686 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-21655 | 1 Qualcomm | 62 Qca6391, Qca6391 Firmware, Qca6574au and 59 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
Memory corruption in Audio while validating and mapping metadata.
|
|||||
| CVE-2023-21644 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.
|
|||||
| CVE-2023-21630 | 1 Qualcomm | 84 Qca6391, Qca6391 Firmware, Qca6574 and 81 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal.
|
|||||
| CVE-2023-21579 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2023-21561 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-21557 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability
|
|||||
| CVE-2023-21375 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-21371 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In Secure Element, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-21370 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-21241 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
|
In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-21193 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.5 HIGH |
|
In VideoFrame of VideoFrame.h, there is a possible abort due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233006499
|
|||||
| CVE-2023-21065 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239630493References: N/A
|
|||||
| CVE-2023-20756 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07549928.
|
|||||
| CVE-2023-20755 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07509605.
|
|||||
| CVE-2023-20693 | 3 Google, Linuxfoundation, Mediatek | 15 Android, Yocto, Mt6739 and 12 more | 2024-11-21 | N/A | 7.5 HIGH |
|
In wlan firmware, there is possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07664711; Issue ID: ALPS07664711.
|
|||||