Total
11596 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33100 | 1 Qualcomm | 100 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 97 more | 2026-06-17 | N/A | 7.5 HIGH |
| Transient DOS while processing DL NAS Transport message when message ID is not defined in the 3GPP specification. | |||||
| CVE-2023-33099 | 1 Qualcomm | 208 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 205 more | 2026-06-17 | N/A | 7.5 HIGH |
| Transient DOS while processing SMS container of non-standard size received in DL NAS transport in NR. | |||||
| CVE-2023-33057 | 1 Qualcomm | 202 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 199 more | 2026-06-17 | N/A | 7.5 HIGH |
| Transient DOS in Multi-Mode Call Processor while processing UE policy container. | |||||
| CVE-2023-33042 | 1 Qualcomm | 148 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 145 more | 2026-06-17 | N/A | 7.5 HIGH |
| Transient DOS in Modem after RRC Setup message is received. | |||||
| CVE-2023-33014 | 1 Qualcomm | 74 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 71 more | 2026-06-17 | N/A | 7.6 HIGH |
| Information disclosure in Core services while processing a Diag command. | |||||
| CVE-2023-32890 | 1 Mediatek | 45 Lr13, Mt2735, Mt6779 and 42 more | 2026-06-17 | N/A | 7.5 HIGH |
| In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). | |||||
| CVE-2023-32827 | 2 Google, Mediatek | 35 Android, Mt6879, Mt6886 and 32 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993539. | |||||
| CVE-2023-32826 | 2 Google, Mediatek | 35 Android, Mt6879, Mt6886 and 32 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In camera middleware, there is a possible out of bounds write due to a missing input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993539; Issue ID: ALPS07993544. | |||||
| CVE-2023-32820 | 4 Google, Linux, Linuxfoundation and 1 more | 43 Android, Linux Kernel, Yocto and 40 more | 2026-06-17 | N/A | 7.5 HIGH |
| In wlan firmware, there is a possible firmware assertion due to improper input handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07932637; Issue ID: ALPS07932637. | |||||
| CVE-2023-32811 | 3 Google, Linuxfoundation, Mediatek | 21 Android, Yocto, Iot Yocto and 18 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In connectivity system driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929848; Issue ID: ALPS07929848. | |||||
| CVE-2023-32727 | 1 Zabbix | 1 Zabbix Server | 2026-06-17 | N/A | 6.8 MEDIUM |
| An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server. | |||||
| CVE-2023-32688 | 1 Parseplatform | 1 Parse Server Push Adapter | 2026-06-17 | N/A | 4.9 MEDIUM |
| parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3. | |||||
| CVE-2023-32649 | 1 Nozominetworks | 2 Cmc, Guardian | 2026-06-17 | N/A | 7.5 HIGH |
| A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in certain fields used in the Asset Intelligence functionality of our IDS, allows an unauthenticated attacker to crash the IDS module by sending specially crafted malformed network packets. During the (limited) time window before the IDS module is automatically restarted, network traffic may not be analyzed. | |||||
| CVE-2023-32560 | 1 Ivanti | 1 Avalanche | 2026-06-17 | N/A | 9.8 CRITICAL |
| An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1. | |||||
| CVE-2023-32485 | 1 Dell | 1 Smartfabric Storage Software | 2026-06-17 | N/A | 9.8 CRITICAL |
| Dell SmartFabric Storage Software version 1.3 and lower contain an improper input validation vulnerability. A remote unauthenticated attacker may exploit this vulnerability and escalate privileges up to the highest administration level. This is a critical severity vulnerability affecting user authentication. Dell recommends customers to upgrade at the earliest opportunity. | |||||
| CVE-2023-32484 | 1 Dell | 1 Enterprise Sonic Distribution | 2026-06-17 | N/A | 9.8 CRITICAL |
| Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below contains an improper input validation vulnerability. A remote unauthenticated malicious user may exploit this vulnerability and escalate privileges up to the highest administrative level. This is a Critical vulnerability affecting certain protocols, Dell recommends customers to upgrade at the earliest opportunity. | |||||
| CVE-2023-32480 | 1 Dell | 62 Alienware M15 R7, Alienware M15 R7 Firmware, G15 5510 and 59 more | 2026-06-17 | N/A | 6.8 MEDIUM |
| Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution. | |||||
| CVE-2023-32469 | 1 Dell | 6 Precision 5820, Precision 5820 Firmware, Precision 7820 and 3 more | 2026-06-17 | N/A | 7.5 HIGH |
| Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution. | |||||
| CVE-2023-32462 | 1 Dell | 1 Smartfabric Os10 | 2026-06-17 | N/A | 9.8 CRITICAL |
| Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection vulnerability when using remote user authentication. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands and possible system takeover. This is a critical vulnerability as it allows an attacker to cause severe damage. Dell recommends customers to upgrade at the earliest opportunity. | |||||
| CVE-2023-32323 | 1 Matrix | 1 Synapse | 2026-06-17 | N/A | 5.0 MEDIUM |
| Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. A malicious user on a Synapse homeserver X with permission to create certain state events can disable outbound federation from X to an arbitrary homeserver Y. Synapse instances with federation disabled are not affected. In versions of Synapse up to and including 1.73, Synapse did not limit the size of `invite_room_state`, meaning that it was possible to create an arbitrarily large invite event. Synapse 1.74 refuses to create oversized `invite_room_state` fields. Server operators should upgrade to Synapse 1.74 or newer urgently. | |||||
