Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-31020 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-11-13 | N/A | 7.1 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering. | |||||
| CVE-2023-31027 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-11-13 | N/A | 7.3 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability that allows Windows users with low levels of privilege to escalate privileges when an administrator is updating GPU drivers, which may lead to escalation of privileges. | |||||
| CVE-2023-46947 | 1 Intelliants | 1 Subrion | 2023-11-13 | N/A | 8.8 HIGH |
| Subrion 4.2.1 has a remote command execution vulnerability in the backend. | |||||
| CVE-2023-20702 | 1 Mediatek | 22 Mt6835, Mt6873, Mt6875 and 19 more | 2023-11-13 | N/A | 7.5 HIGH |
| In 5G NRLC, there is a possible invalid memory access due to lack of error handling. This could lead to remote denial of service, if UE received invalid 1-byte rlc sdu, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00921261; Issue ID: MOLY01128895. | |||||
| CVE-2023-4769 | 1 Zohocorp | 1 Manageengine Desktop Central | 2023-11-13 | N/A | 8.8 HIGH |
| A SSRF vulnerability has been found in ManageEngine Desktop Central affecting version 9.1.0, specifically the /smtpConfig.do component. This vulnerability could allow an authenticated attacker to launch targeted attacks, such as a cross-port attack, service enumeration and other attacks via HTTP requests. | |||||
| CVE-2023-4043 | 1 Eclipse | 1 Parsson | 2023-11-13 | N/A | 7.5 HIGH |
| In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale. | |||||
| CVE-2023-42535 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 7.8 HIGH |
| Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-42532 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 7.5 HIGH |
| Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker to intercept the network traffic including Firmware information. | |||||
| CVE-2023-42530 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 7.5 HIGH |
| Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attackers to enable Wi-Fi and Wi-Fi Direct without User Interaction. | |||||
| CVE-2023-42529 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 7.8 HIGH |
| Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2023-42528 | 1 Samsung | 1 Android | 2023-11-13 | N/A | 7.8 HIGH |
| Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker to execute arbitrary code. | |||||
| CVE-2023-31017 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-11-13 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
| CVE-2023-1476 | 2 Linux, Redhat | 6 Linux Kernel, Enterprise Linux, Enterprise Linux Eus and 3 more | 2023-11-13 | N/A | 7.0 HIGH |
| A use-after-free flaw was found in the Linux kernel’s mm/mremap memory address space accounting source code. This issue occurs due to a race condition between rmap walk and mremap, allowing a local user to crash the system or potentially escalate their privileges on the system. | |||||
| CVE-2017-7252 | 1 Botan Project | 1 Botan | 2023-11-13 | N/A | 7.5 HIGH |
| bcrypt password hashing in Botan before 2.1.0 does not correctly handle passwords with a length between 57 and 72 characters, which makes it easier for attackers to determine the cleartext password. | |||||
| CVE-2023-34260 | 1 Kyocera | 2 D-copia253mf Plus, D-copia253mf Plus Firmware | 2023-11-13 | N/A | 7.5 HIGH |
| Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow a denial of service (service outage) via /wlmdeu%2f%2e%2e%2f%2e%2e followed by a directory reference such as %2fetc%00index.htm to try to read the /etc directory. | |||||
| CVE-2023-41259 | 1 Bestpractical | 1 Request Tracker | 2023-11-13 | N/A | 7.5 HIGH |
| Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Disclosure via fake or spoofed RT email headers in an email message or a mail-gateway REST API call. | |||||
| CVE-2023-41260 | 1 Bestpractical | 1 Request Tracker | 2023-11-13 | N/A | 7.5 HIGH |
| Best Practical Request Tracker (RT) before 4.4.7 and 5.x before 5.0.5 allows Information Exposure in responses to mail-gateway REST API calls. | |||||
| CVE-2023-41346 | 1 Asus | 2 Rt-ax55, Rt-ax55 Firmware | 2023-11-13 | N/A | 8.8 HIGH |
| ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services. | |||||
| CVE-2023-41345 | 1 Asus | 2 Rt-ax55, Rt-ax55 Firmware | 2023-11-13 | N/A | 8.8 HIGH |
| ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system, or terminate services. | |||||
| CVE-2023-5099 | 1 Jonashjalmarsson | 1 Html Filter And Csv-file Search | 2023-11-13 | N/A | 8.8 HIGH |
| The HTML filter and csv-file search plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 2.7 via the 'src' attribute of the 'csvsearch' shortcode. This allows authenticated attackers, with contributor-level permissions and above, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included. | |||||
| CVE-2023-38994 | 1 Univention | 1 Univention Corporate Server | 2023-11-13 | N/A | 7.8 HIGH |
| The 'check_univention_joinstatus' prometheus monitoring script (and other scripts) in UCS 5.0-5 revealed the LDAP plaintext password of the machine account in the process list allowing attackers with local ssh access to gain higher privileges and perform followup attacks. By default, the configuration of UCS does not allow local ssh access for regular users. | |||||
| CVE-2023-5583 | 1 Maca134 | 1 Wp Simple Galleries | 2023-11-13 | N/A | 8.8 HIGH |
| The WP Simple Galleries plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.34 via deserialization of untrusted input from the 'wpsimplegallery_gallery' post meta via 'wpsgallery' shortcode. This allows authenticated attackers, with contributor-level permissions and above, to inject a PHP Object. No POP chain is present in the vulnerable plugin. If a POP chain is present via an additional plugin or theme installed on the target system, it could allow the attacker to delete arbitrary files, retrieve sensitive data, or execute code. | |||||
| CVE-2023-5199 | 1 Php To Page Project | 1 Php To Page | 2023-11-13 | N/A | 8.8 HIGH |
| The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the 'php-to-page' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute code on the server. While subscribers may need to poison log files or otherwise get a file installed in order to achieve remote code execution, author and above users can upload files by default and achieve remote code execution easily. | |||||
| CVE-2023-5834 | 1 Hashicorp | 1 Vagrant | 2023-11-13 | N/A | 7.8 HIGH |
| HashiCorp Vagrant's Windows installer targeted a custom location with a non-protected path that could be junctioned, introducing potential for unauthorized file system writes. Fixed in Vagrant 2.4.0. | |||||
| CVE-2023-31016 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2023-11-13 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
| CVE-2023-5814 | 1 Oretnom23 | 1 Task Reminder System | 2023-11-13 | N/A | 8.8 HIGH |
| A vulnerability was found in SourceCodester Task Reminder System 1.0. It has been classified as critical. This affects an unknown part of the file /classes/Master.php?f=save_reminder. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The identifier VDB-243645 was assigned to this vulnerability. | |||||
| CVE-2023-5813 | 1 Oretnom23 | 1 Task Reminder System | 2023-11-13 | N/A | 8.8 HIGH |
| A vulnerability was found in SourceCodester Task Reminder System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /classes/Master.php?f=delete_reminder. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-243644. | |||||
| CVE-2023-36034 | 1 Microsoft | 1 Edge Chromium | 2023-11-13 | N/A | 7.3 HIGH |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2023-46352 | 1 Smartmodules | 1 Facebookconversiontrackingplus | 2023-11-10 | N/A | 7.5 HIGH |
| In the module "Pixel Plus: Events + CAPI + Pixel Catalog for Facebook Module" (facebookconversiontrackingplus) up to version 2.4.9 from Smart Modules for PrestaShop, a guest can download personal information without restriction. Due to a lack of permissions control, a guest can access exports from the module which can lead to a leak of personal information from ps_customer table such as name / surname / email. | |||||
| CVE-2023-39283 | 1 Insyde | 1 Insydeh2o | 2023-11-10 | N/A | 7.8 HIGH |
| An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could lead to privilege escalation. | |||||
| CVE-2023-39057 | 1 Lycorp | 1 Line Mini App | 2023-11-10 | N/A | 7.5 HIGH |
| An information leak in hirochanKAKIwaiting v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | |||||
| CVE-2023-39054 | 1 Lycorp | 1 Line Mini App | 2023-11-10 | N/A | 7.5 HIGH |
| An information leak in Tokudaya.ekimae_mc v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | |||||
| CVE-2023-39053 | 1 Lycorp | 1 Line Mini App | 2023-11-10 | N/A | 7.5 HIGH |
| An information leak in Hattoriya v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | |||||
| CVE-2023-39051 | 1 Lycorp | 1 Line Mini App | 2023-11-10 | N/A | 7.5 HIGH |
| An information leak in VISION MEAT WORKS Track Diner 10/10mbl v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | |||||
| CVE-2023-39050 | 1 Lycorp | 1 Line Mini App | 2023-11-10 | N/A | 7.5 HIGH |
| An information leak in Daiky-value.Fukueten v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | |||||
| CVE-2023-39048 | 1 Lycorp | 1 Line Mini App | 2023-11-10 | N/A | 7.5 HIGH |
| An information leak in Tokudaya.honten v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | |||||
| CVE-2023-39047 | 1 Lycorp | 1 Line Mini App | 2023-11-10 | N/A | 7.5 HIGH |
| An information leak in shouzu sweets oz v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | |||||
| CVE-2023-39042 | 1 Lycorp | 1 Line Mini App | 2023-11-10 | N/A | 7.5 HIGH |
| An information leak in Gyouza-newhushimi v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | |||||
| CVE-2023-41914 | 2 Fedoraproject, Schedmd | 2 Fedora, Slurm | 2023-11-09 | N/A | 7.0 HIGH |
| SchedMD Slurm 23.02.x before 23.02.6 and 22.05.x before 22.05.10 allows filesystem race conditions for gaining ownership of a file, overwriting a file, or deleting files. | |||||
| CVE-2020-28407 | 1 Swtpm Project | 1 Swtpm | 2023-11-09 | N/A | 7.1 HIGH |
| In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall. | |||||
| CVE-2023-46725 | 1 Foodcoopshop | 1 Foodcoopshop | 2023-11-09 | N/A | 7.5 HIGH |
| FoodCoopShop is open source software for food coops and local shops. Versions starting with 3.2.0 prior to 3.6.1 are vulnerable to server-side request forgery. In the Network module, a manufacturer account can use the `/api/updateProducts.json` endpoint to make the server send a request to an arbitrary host. This means that the server can be used as a proxy into the internal network where the server is. Furthermore, the checks on a valid image are not adequate, leading to a time of check time of use issue. For example, by using a custom server that returns 200 on HEAD requests, then return a valid image on first GET request and then a 302 redirect to final target on second GET request, the server will copy whatever file is at the redirect destination, making this a full SSRF. Version 3.6.1 fixes this vulnerability. | |||||
| CVE-2023-5923 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2023-11-09 | N/A | 7.5 HIGH |
| A vulnerability classified as critical has been found in Campcodes Simple Student Information System 1.0. This affects an unknown part of the file /admin/index.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-244323. | |||||
| CVE-2023-1720 | 1 Bitrix24 | 1 Bitrix24 | 2023-11-09 | N/A | 8.0 HIGH |
| Lack of mime type response header in Bitrix24 22.0.300 allows authenticated remote attackers to execute arbitrary JavaScript code in the victim's browser, and possibly execute arbitrary PHP code on the server if the victim has administrator privilege, via uploading a crafted HTML file through /desktop_app/file.ajax.php?action=uploadfile. | |||||
| CVE-2023-5924 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2023-11-09 | N/A | 7.5 HIGH |
| A vulnerability classified as critical was found in Campcodes Simple Student Information System 1.0. This vulnerability affects unknown code of the file /admin/courses/view_course.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244324. | |||||
| CVE-2023-4504 | 3 Debian, Fedoraproject, Openprinting | 4 Debian Linux, Fedora, Cups and 1 more | 2023-11-09 | N/A | 7.0 HIGH |
| Due to failure in validating the length provided by an attacker-crafted PPD PostScript document, CUPS and libppd are susceptible to a heap-based buffer overflow and possibly code execution. This issue has been fixed in CUPS version 2.4.7, released in September of 2023. | |||||
| CVE-2022-29450 | 1 Admin Management Xtended Project | 1 Admin Management Xtended | 2023-11-09 | 6.8 MEDIUM | 8.8 HIGH |
| Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Admin Management Xtended plugin <= 2.4.4 at WordPress. | |||||
| CVE-2023-5925 | 1 Simple Student Information System Project | 1 Simple Student Information System | 2023-11-09 | N/A | 7.5 HIGH |
| A vulnerability, which was classified as critical, has been found in Campcodes Simple Student Information System 1.0. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument f leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244325 was assigned to this vulnerability. | |||||
| CVE-2023-43615 | 2 Arm, Fedoraproject | 2 Mbed Tls, Fedora | 2023-11-09 | N/A | 7.5 HIGH |
| Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow. | |||||
| CVE-2022-1215 | 1 Freedesktop | 1 Libinput | 2023-11-09 | 7.2 HIGH | 7.8 HIGH |
| A format string vulnerability was found in libinput | |||||
| CVE-2022-23220 | 4 Canonical, Debian, Gentoo and 1 more | 4 Ubuntu Linux, Debian Linux, Linux and 1 more | 2023-11-09 | 7.2 HIGH | 7.8 HIGH |
| USBView 2.1 before 2.2 allows some local users (e.g., ones logged in via SSH) to execute arbitrary code as root because certain Polkit settings (e.g., allow_any=yes) for pkexec disable the authentication requirement. Code execution can, for example, use the --gtk-module option. This affects Ubuntu, Debian, and Gentoo. | |||||