Total
2676 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24909 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 8 more | 2024-11-21 | N/A | 8.8 HIGH |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability | |||||
| CVE-2023-24908 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||
| CVE-2023-24906 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | |||||
| CVE-2023-24871 | 1 Microsoft | 6 Windows 10 20h2, Windows 10 21h2, Windows 10 22h2 and 3 more | 2024-11-21 | N/A | 8.8 HIGH |
| Windows Bluetooth Service Remote Code Execution Vulnerability | |||||
| CVE-2023-24869 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||
| CVE-2023-24863 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | |||||
| CVE-2023-24609 | 2 Matrixssl, Rambus | 2 Matrixssl, Tls Toolkit | 2024-11-21 | N/A | 7.5 HIGH |
| Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate. | |||||
| CVE-2023-24180 | 1 Libelfin Project | 1 Libelfin | 2024-11-21 | N/A | 6.5 MEDIUM |
| Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmap_loader.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted elf file. | |||||
| CVE-2023-23559 | 3 Debian, Linux, Netapp | 3 Debian Linux, Linux Kernel, Hci Baseboard Management Controller | 2024-11-21 | N/A | 7.8 HIGH |
| In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. | |||||
| CVE-2023-23417 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-23410 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows HTTP.sys Elevation of Privilege Vulnerability | |||||
| CVE-2023-23405 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||
| CVE-2023-23385 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.0 HIGH |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability | |||||
| CVE-2023-23298 | 1 Garmin | 1 Connect-iq | 2024-11-21 | N/A | 9.8 CRITICAL |
| The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware. | |||||
| CVE-2023-22667 | 1 Qualcomm | 410 205, 205 Firmware, 215 and 407 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory Corruption in Audio while allocating the ion buffer during the music playback. | |||||
| CVE-2023-22666 | 1 Qualcomm | 344 Apq8009, Apq8009 Firmware, Apq8017 and 341 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory Corruption in Audio while playing amrwbplus clips with modified content. | |||||
| CVE-2023-22458 | 1 Redis | 1 Redis | 2024-11-21 | N/A | 5.5 MEDIUM |
| Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-22443 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2024-11-21 | N/A | 6.0 MEDIUM |
| Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. | |||||
| CVE-2023-22436 | 1 Openatom | 1 Openharmony | 2024-11-21 | N/A | 7.8 HIGH |
| The kernel subsystem function check_permission_for_set_tokenid within OpenHarmony-v3.1.5 and prior versions has an UAF vulnerability which local attackers can exploit this vulnerability to escalate the privilege to root. | |||||
| CVE-2023-22305 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
| Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. | |||||