Vulnerabilities (CVE)

Filtered by CWE-20
Total 11573 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-44204 1 Juniper 2 Junos, Junos Os Evolved 2026-06-17 N/A 6.5 MEDIUM
An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, the rpd crashes and restarts. This issue affects both eBGP and iBGP implementations. This issue affects: Juniper Networks Junos OS * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1, 23.2R2; Juniper Networks Junos OS Evolved * 21.4 versions prior to 21.4R3-S5-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 versions prior to 22.2R3-S3-EVO; * 22.3 versions prior to 22.3R2-S2-EVO; * 22.4 versions prior to 22.4R3-EVO; * 23.2 versions prior to 23.2R2-EVO;
CVE-2023-44110 1 Huawei 2 Emui, Harmonyos 2026-06-17 N/A 4.3 MEDIUM
Out-of-bounds access vulnerability in the audio module.Successful exploitation of this vulnerability may affect availability.
CVE-2023-43758 2026-06-17 N/A 8.2 HIGH
Improper input validation in UEFI firmware for some Intel(R) processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-43745 2026-06-17 N/A 2.8 LOW
Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2023-43073 1 Dell 1 Smartfabric Storage Software 2026-06-17 N/A 4.3 MEDIUM
Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data.
CVE-2023-43037 1 Ibm 1 Maximo Application Suite 2026-06-17 N/A 6.5 MEDIUM
IBM Maximo Application Suite 8.11 and 9.0 could allow an authenticated user to perform unauthorized actions due to improper input validation.
CVE-2023-42981 1 Apple 1 Macos 2026-06-17 N/A 5.4 MEDIUM
Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was addressed with improved checks.
CVE-2023-42977 1 Apple 3 Ipad Os, Iphone Os, Macos 2026-06-17 N/A 7.8 HIGH
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to break out of its sandbox.
CVE-2023-42826 1 Apple 1 Macos 2026-06-17 N/A 7.8 HIGH
The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing a file may lead to arbitrary code execution.
CVE-2023-42776 1 Intel 1 Sgx Dcap 2026-06-17 N/A 3.8 LOW
Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access.
CVE-2023-42766 1 Intel 4 Nuc 8 Compute Element Cm8v5cb, Nuc 8 Compute Element Cm8v5cb Firmware, Nuc 8 Compute Element Cm8v7cb and 1 more 2026-06-17 N/A 7.5 HIGH
Improper input validation in some Intel NUC 8 Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2023-42661 1 Jfrog 1 Artifactory 2026-06-17 N/A 7.2 HIGH
JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts.
CVE-2023-42527 1 Samsung 1 Android 2026-06-17 N/A 5.6 MEDIUM
Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information.
CVE-2023-41917 2026-06-17 N/A 10.0 CRITICAL
Inadequate input validation exposes the system to potential remote code execution (RCE) risks. Attackers can exploit this vulnerability by appending shell commands to the Speed-Measurement feature, enabling unauthorized code execution.
CVE-2023-41748 2 Acronis, Microsoft 2 Cloud Manager, Windows 2026-06-17 N/A 9.8 CRITICAL
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.
CVE-2023-41746 2 Acronis, Microsoft 2 Cloud Manager, Windows 2026-06-17 N/A 9.8 CRITICAL
Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.
CVE-2023-41355 1 Nokia 2 G-040w-q, G-040w-q Firmware 2026-06-17 N/A 9.8 CRITICAL
Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted package to modify the network routing table, resulting in a denial of service or sensitive information leaking.
CVE-2023-41336 1 Symfony 1 Ux Autocomplete 2026-06-17 N/A 6.5 MEDIUM
ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an `EntityType` that is *not* part of the valid choices. The problem has been fixed in `symfony/ux-autocomplete` version 2.11.2.
CVE-2023-41316 1 Tolgee 1 Tolgee 2026-06-17 N/A 5.5 MEDIUM
Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitation emails which appear as legitimate org invitations. Bad actors may direct users to malicious website or execute javascript in the context of the users browser. This vulnerability has been addressed in version 3.29.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVE-2023-41061 1 Apple 3 Ipados, Iphone Os, Watchos 2026-06-17 N/A 7.8 HIGH
A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.