Total
1887 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-29125 | 1 Enelx | 2 Waybox Pro, Waybox Pro Firmware | 2026-06-17 | N/A | 9.0 CRITICAL |
| A heap buffer overflow could be triggered by sending a specific packet to TCP port 7700. | |||||
| CVE-2023-28905 | 2026-06-17 | N/A | 8.0 HIGH | ||
| A heap buffer overflow in the image processing binary of the MIB3 infotainment unit allows an attacker to execute arbitrary code on it. The vulnerability was originally discovered in Skoda Superb III car with MIB3 infotainment unit OEM part number 3V0035820. The list of affected MIB3 OEM part numbers is provided in the referenced resources. | |||||
| CVE-2023-28798 | 1 Zscaler | 1 Client Connector | 2026-06-17 | N/A | 6.5 MEDIUM |
| An out-of-bounds write to heap in the pacparser library on Zscaler Client Connector on Mac may lead to arbitrary code execution. | |||||
| CVE-2023-28311 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2026-06-17 | N/A | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2023-28292 | 1 Microsoft | 5 Raw Image Extension, Windows 10 20h2, Windows 10 21h2 and 2 more | 2026-06-17 | N/A | 7.8 HIGH |
| Raw Image Extension Remote Code Execution Vulnerability | |||||
| CVE-2023-28275 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2026-06-17 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-28269 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2026-06-17 | N/A | 6.2 MEDIUM |
| Windows Boot Manager Security Feature Bypass Vulnerability | |||||
| CVE-2023-28262 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio 2022 | 2026-06-17 | N/A | 7.8 HIGH |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2023-28254 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2026-06-17 | N/A | 7.2 HIGH |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2023-28252 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2026-06-17 | N/A | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-28240 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2026-06-17 | N/A | 8.8 HIGH |
| Windows Network Load Balancing Remote Code Execution Vulnerability | |||||
| CVE-2023-28231 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2026-06-17 | N/A | 8.8 HIGH |
| DHCP Server Service Remote Code Execution Vulnerability | |||||
| CVE-2023-28227 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2026-06-17 | N/A | 7.5 HIGH |
| Windows Bluetooth Driver Remote Code Execution Vulnerability | |||||
| CVE-2023-28225 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2026-06-17 | N/A | 7.8 HIGH |
| Windows NTLM Elevation of Privilege Vulnerability | |||||
| CVE-2023-28218 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2026-06-17 | N/A | 7.0 HIGH |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||
| CVE-2023-27911 | 1 Autodesk | 1 Fbx Software Development Kit | 2026-06-17 | N/A | 7.8 HIGH |
| A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution. | |||||
| CVE-2023-27585 | 1 Teluu | 1 Pjsip | 2026-06-17 | N/A | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. | |||||
| CVE-2023-27410 | 1 Siemens | 2 Scalance Lpe9403, Scalance Lpe9403 Firmware | 2026-06-17 | N/A | 2.7 LOW |
| A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). A heap-based buffer overflow vulnerability was found in the `edgebox_web_app` binary. The binary will crash if supplied with a backup password longer than 255 characters. This could allow an authenticated privileged attacker to cause a denial of service. | |||||
| CVE-2023-27390 | 1 Diagon Project | 1 Diagon | 2026-06-17 | N/A | 7.8 HIGH |
| A heap-based buffer overflow vulnerability exists in the Sequence::DrawText functionality of Diagon v1.0.139. A specially crafted markdown file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger this vulnerability. | |||||
| CVE-2023-26793 | 1 Libmodbus | 1 Libmodbus | 2026-06-17 | N/A | 9.8 CRITICAL |
| libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c. | |||||