Total
316927 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-7017 | 2025-11-04 | N/A | 9.8 CRITICAL | ||
| Sciener locks' firmware update mechanism do not authenticate or validate firmware updates if passed to the lock through the Bluetooth Low Energy service. A challenge request can be sent to the lock with a command to prepare for an update, rather than an unlock request, allowing an attacker to compromise the device. | |||||
| CVE-2023-7009 | 2025-11-04 | N/A | 8.2 HIGH | ||
| Some Sciener-based locks support plaintext message processing over Bluetooth Low Energy, allowing unencrypted malicious commands to be passed to the lock. These malicious commands, less then 16 bytes in length, will be processed by the lock as if they were encrypted communications. This can be further exploited by an attacker to compromise the lock's integrity. | |||||
| CVE-2023-7007 | 2025-11-04 | N/A | 8.2 HIGH | ||
| Sciener server does not validate connection requests from the GatewayG2, allowing an impersonation attack that provides the attacker the unlockKey field. | |||||
| CVE-2023-7006 | 2025-11-04 | N/A | 9.1 CRITICAL | ||
| The unlockKey character in a lock using Sciener firmware can be brute forced through repeated challenge requests, compromising the locks integrity. | |||||
| CVE-2023-7005 | 2025-11-04 | N/A | 7.5 HIGH | ||
| A specially crafted message can be sent to the TTLock App that downgrades the encryption protocol used for communication, and can be utilized to compromise the lock, such as through revealing the unlockKey field. | |||||
| CVE-2023-7004 | 2025-11-04 | N/A | 6.5 MEDIUM | ||
| The TTLock App does not employ proper verification procedures to ensure that it is communicating with the expected device, allowing for connection to a device that spoofs the MAC address of a lock, which compromises the legitimate locks integrity. | |||||
| CVE-2023-7003 | 2025-11-04 | N/A | 6.8 MEDIUM | ||
| The AES key utilized in the pairing process between a lock using Sciener firmware and a wireless keypad is not unique, and can be reused to compromise other locks using the Sciener firmware. | |||||
| CVE-2023-6960 | 2025-11-04 | N/A | 7.5 HIGH | ||
| TTLock App virtual keys and settings are only deleted client side, and if preserved, can access the lock after intended deletion. | |||||
| CVE-2023-6702 | 3 Fedoraproject, Google, Microsoft | 3 Fedora, Chrome, Edge Chromium | 2025-11-04 | N/A | 8.8 HIGH |
| Type confusion in V8 in Google Chrome prior to 120.0.6099.109 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2023-6536 | 3 Debian, Linux, Redhat | 17 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 14 more | 2025-11-04 | N/A | 6.5 MEDIUM |
| A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. | |||||
| CVE-2023-6535 | 2 Linux, Redhat | 16 Linux Kernel, Codeready Linux Builder Eus, Codeready Linux Builder Eus For Power Little Endian Eus and 13 more | 2025-11-04 | N/A | 6.5 MEDIUM |
| A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service. | |||||
| CVE-2023-6531 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-11-04 | N/A | 7.0 HIGH |
| A use-after-free flaw was found in the Linux Kernel due to a race problem in the unix garbage collector's deletion of SKB races with unix_stream_read_generic() on the socket that the SKB is queued on. | |||||
| CVE-2023-6356 | 3 Debian, Linux, Redhat | 17 Debian Linux, Linux Kernel, Codeready Linux Builder Eus and 14 more | 2025-11-04 | N/A | 6.5 MEDIUM |
| A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver and causing kernel panic and a denial of service. | |||||
| CVE-2023-6175 | 1 Wireshark | 1 Wireshark | 2025-11-04 | N/A | 7.8 HIGH |
| NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file | |||||
| CVE-2023-6004 | 3 Fedoraproject, Libssh, Redhat | 3 Fedora, Libssh, Enterprise Linux | 2025-11-04 | N/A | 4.8 MEDIUM |
| A flaw was found in libssh. By utilizing the ProxyCommand or ProxyJump feature, users can exploit unchecked hostname syntax on the client. This issue may allow an attacker to inject malicious code into the command of the features mentioned through the hostname parameter. | |||||
| CVE-2023-5388 | 2 Debian, Mozilla | 3 Debian Linux, Firefox, Thunderbird | 2025-11-04 | N/A | 6.5 MEDIUM |
| NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | |||||
| CVE-2023-52429 | 2 Fedoraproject, Linux | 2 Fedora, Linux Kernel | 2025-11-04 | N/A | 5.5 MEDIUM |
| dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count. | |||||
| CVE-2023-52426 | 1 Libexpat Project | 1 Libexpat | 2025-11-04 | N/A | 5.5 MEDIUM |
| libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time. | |||||
| CVE-2023-52425 | 1 Libexpat Project | 1 Libexpat | 2025-11-04 | N/A | 7.5 HIGH |
| libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | |||||
| CVE-2023-52160 | 6 Debian, Fedoraproject, Google and 3 more | 7 Debian Linux, Fedora, Android and 4 more | 2025-11-04 | N/A | 6.5 MEDIUM |
| The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a successful attack, wpa_supplicant must be configured to not verify the network's TLS certificate during Phase 1 authentication, and an eap_peap_decrypt vulnerability can then be abused to skip Phase 2 authentication. The attack vector is sending an EAP-TLV Success packet instead of starting Phase 2. This allows an adversary to impersonate Enterprise Wi-Fi networks. | |||||