Total
11506 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-37545 | 1 Codesys | 16 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 13 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550 | |||||
| CVE-2023-37241 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | N/A | 7.5 HIGH |
| Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart. | |||||
| CVE-2023-36899 | 1 Microsoft | 10 .net Framework, Windows 10 1809, Windows 10 21h2 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
| ASP.NET Elevation of Privilege Vulnerability | |||||
| CVE-2023-36897 | 1 Microsoft | 6 365 Apps, Office, Visual Studio 2010 Tools For Office Runtime and 3 more | 2024-11-21 | N/A | 8.1 HIGH |
| Visual Studio Tools for Office Runtime Spoofing Vulnerability | |||||
| CVE-2023-36893 | 1 Microsoft | 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Microsoft Outlook Spoofing Vulnerability | |||||
| CVE-2023-36873 | 1 Microsoft | 12 .net Framework, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 7.4 HIGH |
| .NET Framework Spoofing Vulnerability | |||||
| CVE-2023-36872 | 1 Microsoft | 1 Vp9 Video Extensions | 2024-11-21 | N/A | 5.5 MEDIUM |
| VP9 Video Extensions Information Disclosure Vulnerability | |||||
| CVE-2023-36860 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | N/A | 7.1 HIGH |
| Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2023-36821 | 1 Uptime-kuma Project | 1 Uptime-kuma | 2024-11-21 | N/A | 8.8 HIGH |
| Uptime Kuma, a self-hosted monitoring tool, allows an authenticated attacker to install a maliciously crafted plugin in versions prior to 1.22.1, which may lead to remote code execution. Uptime Kuma allows authenticated users to install plugins from an official list of plugins. This feature is currently disabled in the web interface, but the corresponding API endpoints are still available after login. After downloading a plugin, it's installed by calling `npm install` in the installation directory of the plugin. Because the plugin is not validated against the official list of plugins or installed with `npm install --ignore-scripts`, a maliciously crafted plugin taking advantage of npm scripts can gain remote code execution. Version 1.22.1 contains a patch for this issue. | |||||
| CVE-2023-36767 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 4.3 MEDIUM |
| Microsoft Office Security Feature Bypass Vulnerability | |||||
| CVE-2023-36762 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2024-11-21 | N/A | 7.3 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2023-36731 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2023-36719 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability | |||||
| CVE-2023-36707 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Windows Deployment Services Denial of Service Vulnerability | |||||
| CVE-2023-36706 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Windows Deployment Services Information Disclosure Vulnerability | |||||
| CVE-2023-36697 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 6.8 MEDIUM |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2023-36674 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | N/A | 5.3 MEDIUM |
| An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax. | |||||
| CVE-2023-36619 | 1 Unify | 1 Session Border Controller | 2024-11-21 | N/A | 9.8 CRITICAL |
| Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users. | |||||
| CVE-2023-36585 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows upnphost.dll Denial of Service Vulnerability | |||||
| CVE-2023-36566 | 1 Microsoft | 1 Common Data Model Sdk | 2024-11-21 | N/A | 6.5 MEDIUM |
| Microsoft Common Data Model SDK Denial of Service Vulnerability | |||||