Search
Total
6686 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-37984 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows WLAN Service Elevation of Privilege Vulnerability | |||||
| CVE-2022-37993 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Group Policy Preference Client Elevation of Privilege Vulnerability | |||||
| CVE-2022-37971 | 1 Microsoft | 1 Malware Protection Engine | 2023-12-20 | N/A | 7.1 HIGH |
| Microsoft Windows Defender Elevation of Privilege Vulnerability | |||||
| CVE-2022-37986 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-38045 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | N/A | 8.8 HIGH |
| Windows Server Service Elevation of Privilege Vulnerability | |||||
| CVE-2022-37988 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-37982 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2022-33645 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.5 HIGH |
| Windows TCP/IP Driver Denial of Service Vulnerability | |||||
| CVE-2022-37976 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-20 | N/A | 8.8 HIGH |
| Active Directory Certificate Services Elevation of Privilege Vulnerability | |||||
| CVE-2022-37997 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2022-38038 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-37990 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-38048 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-12-20 | N/A | 7.8 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2022-37989 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | |||||
| CVE-2022-38041 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.5 HIGH |
| Windows Secure Channel Denial of Service Vulnerability | |||||
| CVE-2022-38040 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
| CVE-2022-37994 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Group Policy Preference Client Elevation of Privilege Vulnerability | |||||
| CVE-2022-38039 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-33635 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows GDI+ Remote Code Execution Vulnerability | |||||
| CVE-2022-38049 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-12-20 | N/A | 7.8 HIGH |
| Microsoft Office Graphics Remote Code Execution Vulnerability | |||||
| CVE-2022-37979 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Hyper-V Elevation of Privilege Vulnerability | |||||
| CVE-2022-38050 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2023-12-20 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-38036 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2023-12-20 | N/A | 7.5 HIGH |
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | |||||
| CVE-2022-41042 | 1 Microsoft | 1 Visual Studio Code | 2023-12-20 | N/A | 7.4 HIGH |
| Visual Studio Code Information Disclosure Vulnerability | |||||
| CVE-2022-38037 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-37972 | 1 Microsoft | 1 Endpoint Configuration Manager | 2023-12-20 | N/A | 7.5 HIGH |
| Microsoft Endpoint Configuration Manager Spoofing Vulnerability | |||||
| CVE-2022-47085 | 1 Ostree Project | 1 Ostree | 2023-12-20 | N/A | 7.5 HIGH |
| An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service or other unspecified impacts via the print_panic function in repo_checkout_filter.rs. | |||||
| CVE-2023-39340 | 1 Ivanti | 1 Connect Secure | 2023-12-20 | N/A | 7.5 HIGH |
| A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker can send a specific request which may lead to Denial of Service (DoS) of the appliance. | |||||
| CVE-2020-17483 | 1 Uffizio | 1 Gps Tracker | 2023-12-20 | N/A | 7.5 HIGH |
| An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at port 9000, we see it responds with a JSON body that has all the details about the devices which have been deployed. | |||||
| CVE-2023-48671 | 1 Dell | 3 Powermax Os, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2023-12-19 | N/A | 7.5 HIGH |
| Dell vApp Manager, versions prior to 9.2.4.x contain an information disclosure vulnerability. A remote attacker could potentially exploit this vulnerability leading to obtain sensitive information that may aid in further attacks. | |||||
| CVE-2023-50709 | 1 Cube | 1 Cube.js | 2023-12-19 | N/A | 7.5 HIGH |
| Cube is a semantic layer for building data applications. Prior to version 0.34.34, it is possible to make the entire Cube API unavailable by submitting a specially crafted request to a Cube API endpoint. The issue has been patched in `v0.34.34` and it's recommended that all users exposing Cube APIs to the public internet upgrade to the latest version to prevent service disruption. There are currently no workaround for older versions, and the recommendation is to upgrade. | |||||
| CVE-2023-49580 | 1 Sap | 1 Graphical User Interface | 2023-12-19 | N/A | 7.3 HIGH |
| SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create Layout configurations of the ABAP List Viewer and with this causing a mild impact on integrity and availability, e.g. also increasing the response times of the AS ABAP. | |||||
| CVE-2023-50011 | 1 Popojicms | 1 Popojicms | 2023-12-19 | N/A | 7.2 HIGH |
| PopojiCMS version 2.0.1 is vulnerable to remote command execution in the Meta Social field. | |||||
| CVE-2023-45166 | 1 Ibm | 2 Aix, Vios | 2023-12-19 | N/A | 7.8 HIGH |
| IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piodmgrsu command to obtain elevated privileges. IBM X-Force ID: 267964. | |||||
| CVE-2023-45170 | 1 Ibm | 2 Aix, Vios | 2023-12-19 | N/A | 7.8 HIGH |
| IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the piobe command to escalate privileges or cause a denial of service. IBM X-Force ID: 267968. | |||||
| CVE-2023-45174 | 1 Ibm | 2 Aix, Vios | 2023-12-19 | N/A | 7.8 HIGH |
| IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a privileged local user to exploit a vulnerability in the qdaemon command to escalate privileges or cause a denial of service. IBM X-Force ID: 267972. | |||||
| CVE-2023-41720 | 1 Ivanti | 1 Connect Secure | 2023-12-19 | N/A | 7.8 HIGH |
| A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker with a foothold on an Ivanti Connect Secure (ICS) appliance can escalate their privileges by exploiting a vulnerable installed application. This vulnerability allows the attacker to gain elevated execution privileges on the affected system. | |||||
| CVE-2023-41719 | 1 Ivanti | 1 Connect Secure | 2023-12-19 | N/A | 7.2 HIGH |
| A vulnerability exists on all versions of Ivanti Connect Secure below 22.6R2 where an attacker impersonating an administrator may craft a specific web request which may lead to remote code execution. | |||||
| CVE-2023-25644 | 1 Zte | 4 Mc801a, Mc801a1, Mc801a1 Firmware and 1 more | 2023-12-18 | N/A | 7.5 HIGH |
| There is a denial of service vulnerability in some ZTE mobile internet products. Due to insufficient validation of Web interface parameter, an attacker could use the vulnerability to perform a denial of service attack. | |||||
| CVE-2023-4694 | 1 Hp | 24 Officejet Pro 8730 D9l19a, Officejet Pro 8730 D9l19a Firmware, Officejet Pro 8730 J7a28a and 21 more | 2023-12-18 | N/A | 7.5 HIGH |
| Certain HP OfficeJet Pro printers are potentially vulnerable to a Denial of Service when sending a SOAP message to the service on TCP port 3911 that contains a body but no header. | |||||
| CVE-2023-50764 | 1 Jenkins | 1 Scriptler | 2023-12-18 | N/A | 8.1 HIGH |
| Jenkins Scriptler Plugin 342.v6a_89fd40f466 and earlier does not restrict a file name query parameter in an HTTP endpoint, allowing attackers with Scriptler/Configure permission to delete arbitrary files on the Jenkins controller file system. | |||||
| CVE-2023-36004 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-12-18 | N/A | 7.5 HIGH |
| Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability | |||||
| CVE-2023-36005 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-12-18 | N/A | 8.1 HIGH |
| Windows Telephony Server Elevation of Privilege Vulnerability | |||||
| CVE-2023-36003 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2023-12-18 | N/A | 7.3 HIGH |
| XAML Diagnostics Elevation of Privilege Vulnerability | |||||
| CVE-2023-36006 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2023-12-18 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-36010 | 1 Microsoft | 1 Malware Protection Platform | 2023-12-18 | N/A | 7.5 HIGH |
| Microsoft Defender Denial of Service Vulnerability | |||||
| CVE-2023-47579 | 1 Relyum | 2 Rely-pcie, Rely-pcie Firmware | 2023-12-18 | N/A | 7.5 HIGH |
| Relyum RELY-PCIe 22.2.1 devices suffer from a system group misconfiguration, allowing read access to the central password hash file of the operating system. | |||||
| CVE-2023-36011 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2023-12-18 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2023-36019 | 1 Microsoft | 2 Azure Logic Apps, Power Platform | 2023-12-18 | N/A | 7.4 HIGH |
| Microsoft Power Platform Connector Spoofing Vulnerability | |||||
| CVE-2023-42890 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-12-18 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution. | |||||