Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33162 | 1 Microsoft | 3 365 Apps, Office, Office Online Server | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Microsoft Excel Information Disclosure Vulnerability
|
|||||
| CVE-2023-33161 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33160 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33159 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft SharePoint Server Spoofing Vulnerability
|
|||||
| CVE-2023-33158 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33156 | 1 Microsoft | 1 Malware Protection Engine | 2024-11-21 | N/A | 6.3 MEDIUM |
|
Microsoft Defender Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-33155 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-33154 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Partition Management Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-33153 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Microsoft Outlook Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33152 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 7.0 HIGH |
|
Microsoft ActiveX Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33151 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Microsoft Outlook Spoofing Vulnerability
|
|||||
| CVE-2023-33149 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Graphics Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33146 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Office Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33144 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | N/A | 6.6 MEDIUM |
|
Visual Studio Code Spoofing Vulnerability
|
|||||
| CVE-2023-33142 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Microsoft SharePoint Server Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-33141 | 1 Microsoft | 1 Yet Another Reverse Proxy | 2024-11-21 | N/A | 7.5 HIGH |
|
Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability
|
|||||
| CVE-2023-33139 | 1 Microsoft | 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Visual Studio Information Disclosure Vulnerability
|
|||||
| CVE-2023-33137 | 1 Microsoft | 2 Office, Office Online Server | 2024-11-21 | N/A | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33136 | 1 Microsoft | 1 Azure Devops Server | 2024-11-21 | N/A | 8.8 HIGH |
|
Azure DevOps Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33135 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-11-21 | N/A | 7.3 HIGH |
|
.NET and Visual Studio Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-33134 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33132 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | N/A | 6.3 MEDIUM |
|
Microsoft SharePoint Server Spoofing Vulnerability
|
|||||
| CVE-2023-33130 | 1 Microsoft | 1 Sharepoint Server | 2024-11-21 | N/A | 7.3 HIGH |
|
Microsoft SharePoint Server Spoofing Vulnerability
|
|||||
| CVE-2023-33128 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-11-21 | N/A | 7.3 HIGH |
|
.NET and Visual Studio Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33127 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-11-21 | N/A | 8.1 HIGH |
|
.NET and Visual Studio Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-33126 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-11-21 | N/A | 7.3 HIGH |
|
.NET and Visual Studio Remote Code Execution Vulnerability
|
|||||
| CVE-2023-33040 | 1 Qualcomm | 288 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 285 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS in Data Modem during DTLS handshake.
|
|||||
| CVE-2023-33020 | 1 Qualcomm | 164 205, 205 Firmware, 215 and 161 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE.
|
|||||
| CVE-2023-33019 | 1 Qualcomm | 164 205, 205 Firmware, 215 and 161 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE.
|
|||||
| CVE-2023-32858 | 2 Google, Mediatek | 11 Android, Mt6761, Mt6765 and 8 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008.
|
|||||
| CVE-2023-32852 | 2 Google, Mediatek | 2 Android, Mt6779 | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971.
|
|||||
| CVE-2023-32819 | 2 Google, Mediatek | 15 Android, Mt6765, Mt6768 and 12 more | 2024-11-21 | N/A | 4.4 MEDIUM |
|
In display, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS08014138.
|
|||||
| CVE-2023-32764 | 2 Fabasoft, Microsoft | 4 Cloud, Cloud Enterprise Client, Folio \/ Egov-suite and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator.
|
|||||
| CVE-2023-32734 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | N/A | 7.8 HIGH |
|
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2023-32707 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-11-21 | N/A | 8.8 HIGH |
|
In versions of Splunk Enterprise below 9.0.5, 8.2.11, and 8.1.14, and Splunk Cloud Platform below version 9.0.2303.100, a low-privileged user who holds a role that has the ‘edit_user’ capability assigned to it can escalate their privileges to that of the admin user by providing specially crafted web requests.
|
|||||
| CVE-2023-32690 | 1 Dmtf | 1 Libspdm | 2024-11-21 | N/A | 5.7 MEDIUM |
|
libspdm is a sample implementation that follows the DMTF SPDM specifications. Prior to versions 2.3.3 and 3.0, following a successful CAPABILITIES response, a libspdm Requester stores the Responder's CTExponent into its context without validation. If the Requester sends a request message that requires a cryptography operation by the Responder, such as CHALLENGE, libspdm will calculate the timeout value using the Responder's unvalidated CTExponent.
A patch is available in version 2.3.3. A workar ...
Show More |
|||||
| CVE-2023-32654 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 6.5 MEDIUM |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.5. A user may be able to read information belonging to another user.
|
|||||
| CVE-2023-32647 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2023-32644 | 1 Intel | 10 Killer, Killer Wi-fi 6 Ax1650, Killer Wi-fi 6e Ax1675 and 7 more | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Protection mechanism failure for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
|
|||||
| CVE-2023-32642 | 1 Intel | 10 Killer, Killer Wi-fi 6 Ax1650, Killer Wi-fi 6e Ax1675 and 7 more | 2024-11-21 | N/A | 4.3 MEDIUM |
|
Insufficient adherence to expected conventions for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
|
|||||