Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21401 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In DevmemIntChangeSparse of devicemem_server.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21263 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In OSMMapPMRGeneric of pmr_os.c, there is a possible out of bounds write due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21228 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21227 | 1 Google | 1 Android | 2023-12-22 | N/A | 7.5 HIGH |
| In HTBLogKM of htbserver.c, there is a possible information disclosure due to log information disclosure. This could lead to local information disclosure in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21218 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21217 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In PMRWritePMPageList of TBD, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21216 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21215 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In DevmemIntAcquireRemoteCtx of devicemem_server.c, there is a possible arbitrary code execution due to a race condition. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21166 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In RGXBackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21164 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In DevmemIntMapPMR of devicemem_server.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21163 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In PMR_ReadBytes of pmr.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21162 | 1 Google | 1 Android | 2023-12-22 | N/A | 9.8 CRITICAL |
| In RGXUnbackingZSBuffer of rgxta3d.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21394 | 1 Google | 1 Android | 2023-12-22 | N/A | 5.5 MEDIUM |
| In registerPhoneAccount of TelecomServiceImpl.java, there is a possible way to reveal images from another user due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-34055 | 1 Vmware | 1 Spring Boot | 2023-12-21 | N/A | 6.5 MEDIUM |
| In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * org.springframework.boot:spring-boot-actuator is on the classpath | |||||
| CVE-2023-28376 | 1 Intel | 14 Ethernet Network Adapter E810-2cqda2, Ethernet Network Adapter E810-2cqda2 Firmware, Ethernet Network Adapter E810-cqda1 and 11 more | 2023-12-21 | N/A | 6.5 MEDIUM |
| Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2023-25756 | 1 Intel | 1258 Atom X6200fe, Atom X6200fe Firmware, Atom X6211e and 1255 more | 2023-12-21 | N/A | 8.0 HIGH |
| Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2023-22329 | 1 Intel | 1258 Atom X6200fe, Atom X6200fe Firmware, Atom X6211e and 1255 more | 2023-12-21 | N/A | 3.5 LOW |
| Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2022-3172 | 1 Kubernetes | 1 Apiserver | 2023-12-21 | N/A | 8.2 HIGH |
| A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties. | |||||
| CVE-2023-3893 | 1 Kubernetes | 1 Csi Proxy | 2023-12-21 | N/A | 8.8 HIGH |
| A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes running kubernetes-csi-proxy may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes running kubernetes-csi-proxy. | |||||
| CVE-2023-1194 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2023-12-21 | N/A | 8.1 HIGH |
| An out-of-bounds (OOB) memory read flaw was found in parse_lease_state in the KSMBD implementation of the in-kernel samba server and CIFS in the Linux kernel. When an attacker sends the CREATE command with a malformed payload to KSMBD, due to a missing check of `NameOffset` in the `parse_lease_state()` function, the `create_context` object can access invalid memory. | |||||
| CVE-2023-43665 | 2 Djangoproject, Fedoraproject | 2 Django, Fedora | 2023-12-21 | N/A | 7.5 HIGH |
| In Django 3.2 before 3.2.22, 4.1 before 4.1.12, and 4.2 before 4.2.6, the django.utils.text.Truncator chars() and words() methods (when used with html=True) are subject to a potential DoS (denial of service) attack via certain inputs with very long, potentially malformed HTML text. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which are thus also vulnerable. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232. | |||||
| CVE-2023-3955 | 2 Kubernetes, Microsoft | 2 Kubernetes, Windows | 2023-12-21 | N/A | 8.8 HIGH |
| A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes. | |||||
| CVE-2021-25736 | 2 Kubernetes, Microsoft | 2 Kubernetes, Windows | 2023-12-21 | N/A | 6.3 MEDIUM |
| Kube-proxy on Windows can unintentionally forward traffic to local processes listening on the same port (“spec.ports[*].port”) as a LoadBalancer Service when the LoadBalancer controller does not set the “status.loadBalancer.ingress[].ip” field. Clusters where the LoadBalancer controller sets the “status.loadBalancer.ingress[].ip” field are unaffected. | |||||
| CVE-2023-4809 | 1 Freebsd | 1 Freebsd | 2023-12-21 | N/A | 7.5 HIGH |
| In pf packet processing with a 'scrub fragment reassemble' rule, a packet containing multiple IPv6 fragment headers would be reassembled, and then immediately processed. That is, a packet with multiple fragment extension headers would not be recognized as the correct ultimate payload. Instead a packet with multiple IPv6 fragment headers would unexpectedly be interpreted as a fragmented packet, rather than as whatever the real payload is. As a result, IPv6 fragments may bypass pf firewall rules written on the assumption all fragments have been reassembled and, as a result, be forwarded or processed by the host. | |||||
| CVE-2022-27217 | 1 Jenkins | 1 Vmware Vrealize Codestream | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Vmware vRealize CodeStream Plugin 1.2 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. | |||||
| CVE-2022-30949 | 1 Jenkins | 1 Repo | 2023-12-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Jenkins REPO Plugin 1.14.0 and earlier allows attackers able to configure pipelines to check out some SCM repositories stored on the Jenkins controller's file system using local paths as SCM URLs, obtaining limited information about other projects' SCM contents. | |||||
| CVE-2022-30945 | 1 Jenkins | 1 Pipeline\ | 2023-12-21 | 6.8 MEDIUM | 8.5 HIGH |
| Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines. | |||||
| CVE-2022-29049 | 1 Jenkins | 1 Promoted Builds | 2023-12-21 | 4.0 MEDIUM | 5.4 MEDIUM |
| Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier, except 3.10.1, does not validate the names of promotions defined in Job DSL, allowing attackers with Job/Configure permission to create a promotion with an unsafe name. | |||||
| CVE-2022-29047 | 1 Jenkins | 1 Pipeline\ | 2023-12-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Jenkins Pipeline: Shared Groovy Libraries Plugin 564.ve62a_4eb_b_e039 and earlier, except 2.21.3, allows attackers able to submit pull requests (or equivalent), but not able to commit directly to the configured SCM, to effectively change the Pipeline behavior by changing the definition of a dynamically retrieved library in their pull request, even if the Pipeline is configured to not trust them. | |||||
| CVE-2022-29045 | 1 Jenkins | 1 Promoted Builds | 2023-12-21 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins promoted builds Plugin 873.v6149db_d64130 and earlier, except 3.10.1, does not escape the name and description of Promoted Build parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | |||||
| CVE-2022-29044 | 1 Jenkins | 1 Node And Label Parameter | 2023-12-21 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins Node and Label parameter Plugin 1.10.3 and earlier does not escape the name and description of Node and Label parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | |||||
| CVE-2022-27212 | 1 Jenkins | 1 List Git Branches Parameter | 2023-12-21 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins List Git Branches Parameter Plugin 0.0.9 and earlier does not escape the name of the 'List Git branches (and more)' parameter, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | |||||
| CVE-2022-25183 | 1 Jenkins | 1 Pipeline\ | 2023-12-21 | 6.5 MEDIUM | 8.8 HIGH |
| Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1 and earlier uses the names of Pipeline libraries to create cache directories without any sanitization, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM using specially crafted library names if a global Pipeline library configured to use caching already exists. | |||||
| CVE-2022-28135 | 1 Jenkins | 1 Instant-messaging | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins instant-messaging Plugin 1.41 and earlier stores passwords for group chats unencrypted in the global configuration file of plugins based on Jenkins instant-messaging Plugin on the Jenkins controller where they can be viewed by users with access to the Jenkins controller file system. | |||||
| CVE-2022-27218 | 1 Jenkins | 1 Incapptic Connect Uploader | 2023-12-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins incapptic connect uploader Plugin 1.15 and earlier stores tokens unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. | |||||
| CVE-2022-27208 | 1 Jenkins | 1 Kubernetes Continuous Deploy | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows users with Credentials/Create permission to read arbitrary files on the Jenkins controller. | |||||
| CVE-2023-38140 | 1 Microsoft | 8 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 5 more | 2023-12-21 | N/A | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2023-36803 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2023-12-21 | N/A | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2023-6295 | 1 Siteorigin | 1 Siteorigin Widgets Bundle | 2023-12-21 | N/A | 7.2 HIGH |
| The SiteOrigin Widgets Bundle WordPress plugin before 1.51.0 does not validate user input before using it to generate paths passed to include function/s, allowing users with the administrator role to perform LFI attacks in the context of Multisite WordPress sites. | |||||
| CVE-2023-6289 | 1 Swteplugins | 1 Swift Performance | 2023-12-21 | N/A | 4.3 MEDIUM |
| The Swift Performance Lite WordPress plugin before 2.3.6.15 does not prevent users from exporting the plugin's settings, which may include sensitive information such as Cloudflare API tokens. | |||||
| CVE-2023-49155 | 1 Wow-company | 1 Button Generator | 2023-12-21 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Wow-Company Button Generator – easily Button Builder.This issue affects Button Generator – easily Button Builder: from n/a through 2.3.8. | |||||
| CVE-2023-6903 | 1 Netentsec | 1 Application Security Gateway | 2023-12-21 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical has been found in Netentsec NS-ASG Application Security Gateway 6.3.1. This affects an unknown part of the file /admin/singlelogin.php?submit=1. The manipulation of the argument loginId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-248265 was assigned to this vulnerability. | |||||
| CVE-2023-50271 | 1 Hp | 2 Hp-ux, System Management Homepage | 2023-12-21 | N/A | 7.5 HIGH |
| A potential security vulnerability has been identified with HP-UX System Management Homepage (SMH). This vulnerability could be exploited locally or remotely to disclose information. | |||||
| CVE-2023-22508 | 1 Atlassian | 2 Confluence Data Center, Confluence Server | 2023-12-21 | N/A | 8.8 HIGH |
| This High severity RCE (Remote Code Execution) vulnerability known as CVE-2023-22508 was introduced in version 6.1.0 of Confluence Data Center & Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and no user interaction. Atlassian recommends that you upgrade your instance to avoid this bug using the following options: * Upgrade to a Confluence feature release greater than or equal to 8.2.0 (ie: 8.2, 8.2, 8.4, etc...) * Upgrade to a Confluence 7.19 LTS bugfix release greater than or equal to 7.19.8 (ie: 7.19.8, 7.19.9, 7.19.10, 7.19.11, etc...) * Upgrade to a Confluence 7.13 LTS bugfix release greater than or equal to 7.13.20 (Release available early August) See the release notes (https://confluence.atlassian.com/doc/confluence-release-notes-327.html ). You can download the latest version of Data Center & Server from the download center (https://www.atlassian.com/software/confluence/download-archives ). If you are unable to upgrade your instance please use the following guide to workaround the issue https://confluence.atlassian.com/confkb/how-to-disable-the-jmx-network-port-for-cve-2023-22508-1267761550.html This vulnerability was discovered by a private user and reported via our Bug Bounty program. | |||||
| CVE-2022-23096 | 2 Debian, Intel | 2 Debian Linux, Connman | 2023-12-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in the DNS proxy in Connman through 1.40. The TCP server reply implementation lacks a check for the presence of sufficient Header Data, leading to an out-of-bounds read. | |||||
| CVE-2023-6904 | 1 Nxfilter | 1 Nxfilter | 2023-12-21 | N/A | 8.8 HIGH |
| A vulnerability classified as problematic was found in Jahastech NxFilter 4.3.2.5. This vulnerability affects unknown code of the file /config,admin.jsp. The manipulation of the argument admin_name leads to cross-site request forgery. The attack can be initiated remotely. VDB-248266 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2022-23097 | 2 Debian, Intel | 2 Debian Linux, Connman | 2023-12-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in the DNS proxy in Connman through 1.40. forward_dns_reply mishandles a strnlen call, leading to an out-of-bounds read. | |||||
| CVE-2023-6905 | 1 Nxfilter | 1 Nxfilter | 2023-12-21 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as problematic, has been found in Jahastech NxFilter 4.3.2.5. This issue affects some unknown processing of the file user,adap.jsp?actionFlag=test&id=1 of the component Bind Request Handler. The manipulation leads to ldap injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-248267. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-3907 | 1 Gitlab | 1 Gitlab | 2023-12-21 | N/A | 8.8 HIGH |
| A privilege escalation vulnerability in GitLab EE affecting all versions from 16.0 prior to 16.4.4, 16.5 prior to 16.5.4, and 16.6 prior to 16.6.2 allows a project Maintainer to use a Project Access Token to escalate their role to Owner | |||||
| CVE-2023-30867 | 1 Apache | 1 Streampark | 2023-12-21 | N/A | 4.9 MEDIUM |
| In the Streampark platform, when users log in to the system and use certain features, some pages provide a name-based fuzzy search, such as job names, role names, etc. The sql syntax :select * from table where jobName like '%jobName%'. However, the jobName field may receive illegal parameters, leading to SQL injection. This could potentially result in information leakage. Mitigation: Users are recommended to upgrade to version 2.1.2, which fixes the issue. | |||||