Vulnerabilities (CVE)

Filtered by CWE-20
Total 11597 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31011 1 Nvidia 2 Dgx H100, Dgx H100 Firmware 2026-06-17 N/A 5.2 MEDIUM
NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure.
CVE-2023-31010 1 Nvidia 2 Dgx H100, Dgx H100 Firmware 2026-06-17 N/A 6.8 MEDIUM
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of service.
CVE-2023-31009 1 Nvidia 2 Dgx H100, Dgx H100 Firmware 2026-06-17 N/A 8.3 HIGH
NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure.
CVE-2023-31008 1 Nvidia 2 Dgx H100, Dgx H100 Firmware 2026-06-17 N/A 7.3 HIGH
NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of services, escalation of privileges, and information disclosure.
CVE-2023-30712 1 Samsung 1 Android 2026-06-17 N/A 6.8 MEDIUM
Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity.
CVE-2023-30690 1 Samsung 1 Android 2026-06-17 N/A 8.5 HIGH
Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities.
CVE-2023-30664 1 Samsung 1 Android 2026-06-17 N/A 8.5 HIGH
Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVE-2023-30663 1 Samsung 1 Android 2026-06-17 N/A 5.3 MEDIUM
Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write.
CVE-2023-30659 1 Samsung 1 Android 2026-06-17 N/A 6.2 MEDIUM
Improper input validation vulnerability in Transaction prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVE-2023-30658 1 Samsung 1 Android 2026-06-17 N/A 8.5 HIGH
Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVE-2023-30657 1 Samsung 1 Android 2026-06-17 N/A 6.2 MEDIUM
Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVE-2023-30656 1 Samsung 1 Android 2026-06-17 N/A 8.5 HIGH
Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities.
CVE-2023-30655 1 Samsung 1 Android 2026-06-17 N/A 8.5 HIGH
Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities.
CVE-2023-30631 3 Apache, Debian, Fedoraproject 3 Traffic Server, Debian Linux, Fedora 2026-06-17 N/A 7.5 HIGH
Improper Input Validation vulnerability in Apache Software Foundation Apache Traffic Server.  The configuration option proxy.config.http.push_method_enabled didn't function.  However, by default the PUSH method is blocked in the ip_allow configuration file.This issue affects Apache Traffic Server: from 8.0.0 through 9.2.0. 8.x users should upgrade to 8.1.7 or later versions 9.x users should upgrade to 9.2.1 or later versions
CVE-2023-30450 1 Redpanda 1 Redpanda 2026-06-17 N/A 4.3 MEDIUM
rpk in Redpanda before 23.1.2 mishandles the redpanda.rpc_server_tls field, leading to (for example) situations in which there is a data type mismatch that cannot be automatically fixed by rpk, and instead a user must reconfigure (while a cluster is turned off) in order to have TLS on broker RPC ports. NOTE: the fix was also backported to the 22.2 and 22.3 branches.
CVE-2023-30440 1 Ibm 1 Powervm Hypervisor 2026-06-17 N/A 6.7 MEDIUM
IBM PowerVM Hypervisor FW860.00 through FW860.B3, FW950.00 through FW950.70, FW1010.00 through FW1010.50, FW1020.00 through FW1020.30, and FW1030.00 through FW1030.10 could allow a local attacker with control a partition that has been assigned SRIOV virtual function (VF) to cause a denial of service to a peer partition or arbitrary data corruption. IBM X-Force ID: 253175.
CVE-2023-30434 1 Ibm 2 Elastic Storage System, Spectrum Scale 2026-06-17 N/A 6.2 MEDIUM
IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187.
CVE-2023-30269 1 Cltphp 1 Cltphp 2026-06-17 N/A 8.1 HIGH
CLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php.
CVE-2023-2942 1 Open-emr 1 Openemr 2026-06-17 N/A 8.1 HIGH
Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1.
CVE-2023-29780 1 3reality 2 3rsb015bz, 3rsb015bz Firmware 2026-06-17 N/A 7.5 HIGH
Third Reality Smart Blind 1.00.54 contains a denial-of-service vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes.