Export limit exceeded: 45958 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (45958 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-32814 2 Google, Mediatek 40 Android, Mt2713, Mt2735 and 37 more 2024-11-21 4.4 Medium
In gnss service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08031947; Issue ID: ALPS08031947.
CVE-2023-32810 4 Google, Linux, Linuxfoundation and 1 more 42 Android, Linux Kernel, Yocto and 39 more 2024-11-21 4.4 Medium
In bluetooth driver, there is a possible out of bounds read due to improper input validation. This could lead to local information leak with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07867212; Issue ID: ALPS07867212.
CVE-2023-32807 3 Google, Linuxfoundation, Mediatek 27 Android, Yocto, Iot Yocto and 24 more 2024-11-21 4.4 Medium
In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588360; Issue ID: ALPS07588360.
CVE-2023-32763 1 Qt 1 Qt 2024-11-21 7.5 High
An issue was discovered in Qt before 5.15.15, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. When a SVG file with an image inside it is rendered, a QTextLayout buffer overflow can be triggered.
CVE-2023-32656 1 Intel 2 Realsense 450 Fa, Realsense 450 Fa Firmware 2024-11-21 5.3 Medium
Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-32651 1 Intel 7 Killer, Killer Wi-fi 6e Ax1675, Killer Wi-fi 6e Ax1690 and 4 more 2024-11-21 4.3 Medium
Improper validation of specified type of input for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-32642 1 Intel 10 Killer, Killer Wi-fi 6 Ax1650, Killer Wi-fi 6e Ax1675 and 7 more 2024-11-21 4.3 Medium
Insufficient adherence to expected conventions for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2023-32474 1 Dell 1 Display Manager 2024-11-21 6.6 Medium
Dell Display Manager application, version 2.1.1.17 and prior, contain an insecure operation on windows junction/mount point. A local malicious user could potentially exploit this vulnerability during installation leading to arbitrary folder or file deletion
CVE-2023-32471 1 Dell 20 Edge Gateway 3200, Edge Gateway 3200 Firmware, Edge Gateway 5200 and 17 more 2024-11-21 6 Medium
Dell Edge Gateway BIOS, versions 3200 and 5200, contains an out-of-bounds read vulnerability. A local authenticated malicious user with high privileges could potentially exploit this vulnerability to read contents of stack memory and use this information for further exploits.
CVE-2023-32470 1 Dell 1 Digital Delivery 2024-11-21 5 Medium
Dell Digital Delivery versions prior to 5.0.82.0 contain an Insecure Operation on Windows Junction / Mount Point vulnerability. A local malicious user could potentially exploit this vulnerability to create arbitrary folder leading to permanent Denial of Service (DOS).
CVE-2023-32461 1 Dell 104 Emc Xc Core Xc450, Emc Xc Core Xc450 Firmware, Emc Xc Core Xc650 and 101 more 2024-11-21 5 Medium
Dell PowerEdge BIOS and Dell Precision BIOS contain a buffer overflow vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability, leading to corrupt memory and potentially escalate privileges.  
CVE-2023-32454 1 Dell 1 Update Package Framework 2024-11-21 6.3 Medium
DUP framework version 4.9.4.36 and prior contains insecure operation on Windows junction/Mount point vulnerability. A local malicious standard user could exploit the vulnerability to create arbitrary files, leading to denial of service
CVE-2023-32443 1 Apple 1 Macos 2024-11-21 8.1 High
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to a denial-of-service or potentially disclose memory contents.
CVE-2023-32090 2 Pega, Pegasystems 2 Pega Platform, Pega Platform 2024-11-21 9.8 Critical
Pega platform clients who are using versions 6.1 through 7.3.1 may be utilizing default credentials
CVE-2023-31998 1 Ui 4 Aircube, Aircube Firmware, Edgemax Edgerouter and 1 more 2024-11-21 7.5 High
A heap overflow vulnerability found in EdgeRouters and Aircubes allows a malicious actor to interrupt UPnP service to said devices.
CVE-2023-31606 1 Promptworks 1 Redcloth 2024-11-21 7.5 High
A Regular Expression Denial of Service (ReDoS) issue was discovered in the sanitize_html function of redcloth gem v4.0.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via supplying a crafted payload.
CVE-2023-31489 3 Fedoraproject, Frrouting, Redhat 3 Fedora, Frrouting, Enterprise Linux 2024-11-21 5.5 Medium
An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_capability_llgr() function.
CVE-2023-31405 1 Sap 1 Netweaver Application Server For Java 2024-11-21 5.3 Medium
SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated attacker to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view any information or any effect on availability.
CVE-2023-31296 1 Sesami 1 Cash Point \& Transport Optimizer 2024-11-21 5.3 Medium
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows attackers to obtain sensitive information via the User Name field.
CVE-2023-31295 1 Sesami 1 Cash Point \& Transport Optimizer 2024-11-21 7.5 High
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (#718), allows remote attackers to obtain sensitive information via the User Profile field.