Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38170 | 1 Microsoft | 1 Hevc Video Extensions | 2023-08-10 | N/A | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2023-36911 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Microsoft Message Queuing Remote Code Execution Vulnerability | |||||
| CVE-2023-36909 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 6.5 MEDIUM |
| Microsoft Message Queuing Denial of Service Vulnerability | |||||
| CVE-2023-36907 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 7.5 HIGH |
| Windows Cryptographic Services Information Disclosure Vulnerability | |||||
| CVE-2023-36906 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 7.5 HIGH |
| Windows Cryptographic Services Information Disclosure Vulnerability | |||||
| CVE-2023-36904 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2023-08-10 | N/A | 7.8 HIGH |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-4172 | 1 Cdwanjiang | 1 Flash Flood Disaster Monitoring And Warning System | 2023-08-10 | N/A | 7.5 HIGH |
| A vulnerability, which was classified as problematic, has been found in Chengdu Flash Flood Disaster Monitoring and Warning System 2.0. This issue affects some unknown processing of the file \Service\FileHandler.ashx. The manipulation of the argument FileDirectory leads to absolute path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236207. | |||||
| CVE-2023-36908 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 6.5 MEDIUM |
| Windows Hyper-V Information Disclosure Vulnerability | |||||
| CVE-2023-36898 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2023-08-10 | N/A | 7.8 HIGH |
| Tablet Windows User Interface Application Core Remote Code Execution Vulnerability | |||||
| CVE-2023-4191 | 1 Resort Reservation System Project | 1 Resort Reservation System | 2023-08-10 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. Affected by this issue is some unknown functionality of the file index.php. The manipulation of the argument page leads to file inclusion. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-236234 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-4186 | 1 Pharmacy Management System Project | 1 Pharmacy Management System | 2023-08-10 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Pharmacy Management System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file manage_website.php. The manipulation leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-236221 was assigned to this vulnerability. | |||||
| CVE-2023-29330 | 1 Microsoft | 1 Teams | 2023-08-10 | N/A | 8.8 HIGH |
| Microsoft Teams Remote Code Execution Vulnerability | |||||
| CVE-2023-29328 | 1 Microsoft | 1 Teams | 2023-08-10 | N/A | 8.8 HIGH |
| Microsoft Teams Remote Code Execution Vulnerability | |||||
| CVE-2023-36903 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Windows System Assessment Tool Elevation of Privilege Vulnerability | |||||
| CVE-2023-4193 | 1 Resort Reservation System Project | 1 Resort Reservation System | 2023-08-10 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in SourceCodester Resort Reservation System 1.0 and classified as critical. This vulnerability affects unknown code of the file view_fee.php. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-236236. | |||||
| CVE-2023-35359 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-35372 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-08-10 | N/A | 7.8 HIGH |
| Microsoft Office Visio Remote Code Execution Vulnerability | |||||
| CVE-2023-36900 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-4201 | 1 Mayurik | 1 Inventory Management System | 2023-08-10 | N/A | 9.8 CRITICAL |
| A vulnerability was found in SourceCodester Inventory Management System 1.0 and classified as critical. This issue affects some unknown processing of the file ex_catagory_data.php. The manipulation of the argument columns[1][data] leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-236291. | |||||
| CVE-2023-4200 | 1 Mayurik | 1 Inventory Management System | 2023-08-10 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file product_data.php.. The manipulation of the argument columns[1][data] leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-236290 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-35371 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2023-08-10 | N/A | 7.8 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2023-21709 | 1 Microsoft | 1 Exchange Server | 2023-08-10 | N/A | 9.8 CRITICAL |
| Microsoft Exchange Server Elevation of Privilege Vulnerability | |||||
| CVE-2023-35378 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2023-08-10 | N/A | 7.0 HIGH |
| Windows Projected File System Elevation of Privilege Vulnerability | |||||
| CVE-2023-35380 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-35379 | 1 Microsoft | 1 Windows Server 2008 | 2023-08-10 | N/A | 7.8 HIGH |
| Reliability Analysis Metrics Calculation Engine (RACEng) Elevation of Privilege Vulnerability | |||||
| CVE-2023-38937 | 1 Tenda | 14 Ac10, Ac10 Firmware, Ac1206 and 11 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, AC9 V3.0 V15.03.06.42_multi and AC10 v4.0 V16.03.10.13 were discovered to contain a stack overflow via the list parameter in the formSetVirtualSer function. | |||||
| CVE-2023-35381 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2023-08-10 | N/A | 8.8 HIGH |
| Windows Fax Service Remote Code Execution Vulnerability | |||||
| CVE-2023-35382 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2023-08-10 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-38936 | 1 Tenda | 18 Ac10, Ac10 Firmware, Ac1206 and 15 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6, AC9 V3.0 V15.03.06.42_multi and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | |||||
| CVE-2023-35387 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2023-08-10 | N/A | 8.8 HIGH |
| Windows Bluetooth A2DP driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-35386 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2023-08-10 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-35389 | 1 Microsoft | 1 Dynamics 365 | 2023-08-10 | N/A | 6.5 MEDIUM |
| Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | |||||
| CVE-2023-28537 | 1 Qualcomm | 366 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 363 more | 2023-08-10 | N/A | 7.8 HIGH |
| Memory corruption while allocating memory in COmxApeDec module in Audio. | |||||
| CVE-2023-28561 | 1 Qualcomm | 2 Qcn7606, Qcn7606 Firmware | 2023-08-10 | N/A | 9.8 CRITICAL |
| Memory corruption in QESL while processing payload from external ESL device to firmware. | |||||
| CVE-2023-28555 | 1 Qualcomm | 142 Ar8035, Ar8035 Firmware, Mdm9628 and 139 more | 2023-08-10 | N/A | 7.5 HIGH |
| Transient DOS in Audio while remapping channel buffer in media codec decoding. | |||||
| CVE-2023-3717 | 1 Farmakom | 1 Remote Administration Console | 2023-08-10 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farmakom Remote Administration Console allows SQL Injection.This issue affects Remote Administration Console: before 1.02. | |||||
| CVE-2023-37373 | 1 Siemens | 1 Ruggedcom Crossbow | 2023-08-10 | N/A | 7.5 HIGH |
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications accept unauthenticated file write messages. An unauthenticated remote attacker could write arbitrary files to the affected application's file system. | |||||
| CVE-2023-37372 | 1 Siemens | 1 Ruggedcom Crossbow | 2023-08-10 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execute arbitrary SQL queries on the server database. | |||||
| CVE-2023-27411 | 1 Siemens | 1 Ruggedcom Crossbow | 2023-08-10 | N/A | 8.8 HIGH |
| A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an authenticated remote attackers to execute arbitrary SQL queries on the server database and escalate privileges. | |||||
| CVE-2023-3573 | 1 Phoenixcontact | 12 Wp 6070-wvps, Wp 6070-wvps Firmware, Wp 6101-wxps and 9 more | 2023-08-10 | N/A | 8.8 HIGH |
| In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges may use a command injection in a HTTP POST request releated to font configuration operations to gain full access to the device. | |||||
| CVE-2023-37569 | 1 Esds.co | 1 Emagic Data Center Management | 2023-08-10 | N/A | 8.8 HIGH |
| This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input sanitization in its Ping component. A remote authenticated attacker could exploit this by injecting OS commands on the targeted system. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code on targeted system. | |||||
| CVE-2023-37570 | 1 Esds.co | 1 Emagic Data Center Management | 2023-08-10 | N/A | 8.8 HIGH |
| This vulnerability exists in ESDS Emagic Data Center Management Suit due to non-expiry of session cookie. By reusing the stolen cookie, a remote attacker could gain unauthorized access to the targeted system. | |||||
| CVE-2023-3898 | 1 Mayanets | 1 E-commerce | 2023-08-10 | N/A | 9.8 CRITICAL |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mAyaNet E-Commerce Software allows SQL Injection.This issue affects E-Commerce Software: before 1.1. | |||||
| CVE-2022-40510 | 1 Qualcomm | 408 Apq8009, Apq8009 Firmware, Apq8009w and 405 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Memory corruption due to buffer copy without checking size of input in Audio while voice call with EVS vocoder. | |||||
| CVE-2023-21625 | 1 Qualcomm | 92 Apq8009, Apq8009 Firmware, Apq8017 and 89 more | 2023-08-10 | N/A | 7.5 HIGH |
| Information disclosure in Network Services due to buffer over-read while the device receives DNS response. | |||||
| CVE-2023-21626 | 1 Qualcomm | 370 Apq8009, Apq8009 Firmware, Apq8017 and 367 more | 2023-08-10 | N/A | 7.1 HIGH |
| Cryptographic issue in HLOS due to improper authentication while performing key velocity checks using more than one key. | |||||
| CVE-2023-21627 | 1 Qualcomm | 96 Aqt1000, Aqt1000 Firmware, Qca6390 and 93 more | 2023-08-10 | N/A | 7.8 HIGH |
| Memory corruption in Trusted Execution Environment while calling service API with invalid address. | |||||
| CVE-2023-38935 | 1 Tenda | 10 Ac10, Ac10 Firmware, Ac1206 and 7 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Tenda AC1206 V15.03.06.23, AC8 V4 V16.03.34.06, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and AC9 V3.0 V15.03.06.42_multi were discovered to contain a tack overflow via the list parameter in the formSetQosBand function. | |||||
| CVE-2023-38933 | 1 Tenda | 18 Ac10, Ac10 Firmware, Ac1206 and 15 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Tenda AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, FH1203 V2.0.1.6 and AC9 V3.0 V15.03.06.42_multi, and FH1205 V2.0.0.7(775) were discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function. | |||||
| CVE-2023-38931 | 1 Tenda | 16 Ac10, Ac10 Firmware, Ac1206 and 13 more | 2023-08-10 | N/A | 9.8 CRITICAL |
| Tenda AC10 V1.0 V15.03.06.23, AC1206 V15.03.06.23, AC8 v4 V16.03.34.06, AC6 V2.0 V15.03.06.23, AC7 V1.0 V15.03.06.44, F1203 V2.0.1.6, AC5 V1.0 V15.03.06.28, AC10 v4.0 V16.03.10.13 and FH1203 V2.0.1.6 were discovered to contain a stack overflow via the list parameter in the setaccount function. | |||||