Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 339475 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (339475 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28466 | 4 Debian, Linux, Netapp and 1 more | 10 Debian Linux, Linux Kernel, H300s and 7 more | 2025-05-05 | 7 High |
| do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). | ||||
| CVE-2023-28323 | 1 Ivanti | 1 Endpoint Manager | 2025-05-05 | 9.8 Critical |
| A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with other OS (Operating System) vulnerabilities to escalate privileges on the machine or be used as a stepping stone to get to other network attached machines. | ||||
| CVE-2023-28214 | 1 Apple | 1 Macos | 2025-05-05 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2023-28213 | 1 Apple | 1 Macos | 2025-05-05 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2023-28212 | 1 Apple | 1 Macos | 2025-05-05 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2023-28005 | 2 Microsoft, Trendmicro | 2 Windows, Trend Micro Endpoint Encryption | 2025-05-05 | 6.8 Medium |
| A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows� Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the device. An attacker must first obtain physical access to the target system in order to exploit this vulnerability. It is also important to note that the contents of the drive(s) encrypted with TMEE FDE would still be protected and would NOT be accessible by the attacker by exploitation of this vulnerability alone. | ||||
| CVE-2023-27167 | 1 Supremainc | 1 Biostar 2 | 2025-05-05 | 6.5 Medium |
| Suprema BioStar 2 v2.8.16 was discovered to contain a SQL injection vulnerability via the values parameter at /users/absence?search_month=1. | ||||
| CVE-2023-27076 | 1 Tenda | 2 G103, G103 Firmware | 2025-05-05 | 9.8 Critical |
| Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter. | ||||
| CVE-2023-26802 | 1 Dcnglobal | 2 Dcbi-netlog-lab, Dcbi-netlog-lab Firmware | 2025-05-05 | 9.8 Critical |
| An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request. | ||||
| CVE-2023-26801 | 1 Lb-link | 8 Bl-ac1900, Bl-ac1900 Firmware, Bl-lte300 and 5 more | 2025-05-05 | 9.8 Critical |
| LB-LINK BL-AC1900_2.0 v1.0.1, LB-LINK BL-WR9000 v2.4.9, LB-LINK BL-X26 v1.2.5, and LB-LINK BL-LTE300 v1.0.8 were discovered to contain a command injection vulnerability via the mac, time1, and time2 parameters at /goform/set_LimitClient_cfg. | ||||
| CVE-2023-26609 | 1 Abus | 2 Tvip 20000-21150, Tvip 20000-21150 Firmware | 2025-05-05 | 7.2 High |
| ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field. | ||||
| CVE-2023-26607 | 2 Linux, Netapp | 2 Linux Kernel, Hci Baseboard Management Controller | 2025-05-05 | 7.1 High |
| In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c. | ||||
| CVE-2023-26606 | 1 Linux | 1 Linux Kernel | 2025-05-05 | 7.8 High |
| In the Linux kernel 6.0.8, there is a use-after-free in ntfs_trim_fs in fs/ntfs3/bitmap.c. | ||||
| CVE-2023-26605 | 1 Linux | 1 Linux Kernel | 2025-05-05 | 7.8 High |
| In the Linux kernel 6.0.8, there is a use-after-free in inode_cgwb_move_to_attached in fs/fs-writeback.c, related to __list_del_entry_valid. | ||||
| CVE-2023-26544 | 1 Linux | 1 Linux Kernel | 2025-05-05 | 7.8 High |
| In the Linux kernel 6.0.8, there is a use-after-free in run_unpack in fs/ntfs3/run.c, related to a difference between NTFS sector size and media sector size. | ||||
| CVE-2023-26242 | 1 Linux | 1 Linux Kernel | 2025-05-05 | 7.8 High |
| afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow. | ||||
| CVE-2023-26068 | 1 Lexmark | 152 B2236, B2338, B2442 and 149 more | 2025-05-05 | 9.8 Critical |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4). | ||||
| CVE-2023-25012 | 1 Linux | 1 Linux Kernel | 2025-05-05 | 4.6 Medium |
| The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long. | ||||
| CVE-2023-24678 | 1 Centralite | 2 Pearl, Pearl Firmware | 2025-05-05 | 7.5 High |
| A vulnerability in Centralite Pearl Thermostat 0x04075010 allows attackers to cause a Denial of Service (DoS) via a crafted Zigbee message. | ||||
| CVE-2023-23559 | 3 Debian, Linux, Netapp | 3 Debian Linux, Linux Kernel, Hci Baseboard Management Controller | 2025-05-05 | 7.8 High |
| In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition. | ||||