Total
2814 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24869 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||
| CVE-2023-24863 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability | |||||
| CVE-2023-24609 | 2 Matrixssl, Rambus | 2 Matrixssl, Tls Toolkit | 2024-11-21 | N/A | 7.5 HIGH |
| Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate. | |||||
| CVE-2023-24180 | 1 Libelfin Project | 1 Libelfin | 2024-11-21 | N/A | 6.5 MEDIUM |
| Libelfin v0.3 was discovered to contain an integer overflow in the load function at elf/mmap_loader.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted elf file. | |||||
| CVE-2023-23417 | 1 Microsoft | 10 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows Partition Management Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-23410 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows HTTP.sys Elevation of Privilege Vulnerability | |||||
| CVE-2023-23405 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.1 HIGH |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability | |||||
| CVE-2023-23385 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.0 HIGH |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Elevation of Privilege Vulnerability | |||||
| CVE-2023-23298 | 1 Garmin | 1 Connect-iq | 2024-11-21 | N/A | 9.8 CRITICAL |
| The `Toybox.Graphics.BufferedBitmap.initialize` API method in CIQ API version 2.3.0 through 4.1.7 does not validate its parameters, which can result in integer overflows when allocating the underlying bitmap buffer. A malicious application could call the API method with specially crafted parameters and hijack the execution of the device's firmware. | |||||
| CVE-2023-22458 | 1 Redis | 1 Redis | 2024-11-21 | N/A | 5.5 MEDIUM |
| Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-22443 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2024-11-21 | N/A | 6.0 MEDIUM |
| Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. | |||||
| CVE-2023-22305 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
| Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-21803 | 1 Microsoft | 7 Windows 10, Windows 10 1607, Windows 10 1809 and 4 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Windows iSCSI Discovery Service Remote Code Execution Vulnerability | |||||
| CVE-2023-21802 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows Media Remote Code Execution Vulnerability | |||||
| CVE-2023-21797 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.8 HIGH |
| Microsoft ODBC Driver Remote Code Execution Vulnerability | |||||
| CVE-2023-21765 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2023-21754 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2023-21730 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft Cryptographic Services Elevation of Privilege Vulnerability | |||||
| CVE-2023-21716 | 1 Microsoft | 8 Office, Office Long Term Servicing Channel, Office Online Server and 5 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2023-21704 | 1 Microsoft | 1 Sql Server | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||