Total
462 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6450 | 1 Lenovo | 1 App Store | 2024-11-21 | N/A | 5.5 MEDIUM |
| An incorrect permissions vulnerability was reported in the Lenovo App Store app that could allow an attacker to use system resources, resulting in a denial of service. | |||||
| CVE-2023-5462 | 1 Xinje | 2 Xd5e-30r-e, Xd5e-30r-e Firmware | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in XINJE XD5E-30R-E 3.5.3b. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Modbus Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-241585 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-5459 | 1 Deltaww | 14 Dvp32es200r, Dvp32es200r Firmware, Dvp32es200rc and 11 more | 2024-11-21 | 6.1 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been found in Delta Electronics DVP32ES2 PLC 1.48 and classified as critical. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. VDB-241582 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-5324 | 1 Eero | 1 Eeroos | 2024-11-21 | 3.3 LOW | 4.3 MEDIUM |
| A vulnerability has been found in eeroOS up to 6.16.4-11 and classified as critical. This vulnerability affects unknown code of the component Ethernet Interface. The manipulation leads to denial of service. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-241024. | |||||
| CVE-2023-5259 | 1 Foru Cms Project | 1 Foru Cms | 2024-11-21 | 3.3 LOW | 2.7 LOW |
| A vulnerability classified as problematic was found in ForU CMS. This vulnerability affects unknown code of the file /admin/cms_admin.php. The manipulation of the argument del leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-240868. | |||||
| CVE-2023-5255 | 1 Puppet | 2 Puppet, Puppet Server | 2024-11-21 | N/A | 4.4 MEDIUM |
| For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. | |||||
| CVE-2023-4882 | 1 Open5gs | 1 Open5gs | 2024-11-21 | N/A | 7.5 HIGH |
| DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. This action could trigger the args_assets() function defined in the arg-log.php file, which would then execute the args-abort.c file, causing the service to crash. | |||||
| CVE-2023-4463 | 1 Poly | 8 Ccx 400, Ccx 400 Firmware, Ccx 600 and 5 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as problematic was found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60. This vulnerability affects unknown code of the component HTTP Header Handler. The manipulation of the argument Cookie leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249256. | |||||
| CVE-2023-45802 | 3 Apache, Debian, Fedoraproject | 3 Http Server, Debian Linux, Fedora | 2024-11-21 | N/A | 5.9 MEDIUM |
| When a HTTP/2 stream was reset (RST frame) by a client, there was a time window were the request's memory resources were not reclaimed immediately. Instead, de-allocation was deferred to connection close. A client could send new requests and resets, keeping the connection busy and open and causing the memory footprint to keep on growing. On connection close, all resources were reclaimed, but the process might run out of memory before that. This was found by the reporter during testing of CVE-2023-44487 (HTTP/2 Rapid Reset Exploit) with their own test client. During "normal" HTTP/2 use, the probability to hit this bug is very low. The kept memory would not become noticeable before the connection closes or times out. Users are recommended to upgrade to version 2.4.58, which fixes the issue. | |||||
| CVE-2023-3760 | 1 Intergard | 1 Smartgard Silver With Matrix Keyboard | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability has been found in Intergard SGS 8.7.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Change Password Handler. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-234445 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-2870 | 1 Entechtaiwan | 1 Monitor Asset Manager | 2024-11-21 | 1.7 LOW | 3.3 LOW |
| A vulnerability was found in EnTech Monitor Asset Manager 2.9. It has been declared as problematic. Affected by this vulnerability is the function 0x80002014 of the component IoControlCode Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier VDB-229849 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-2789 | 1 Gnu | 1 Cflow | 2024-11-21 | 2.7 LOW | 3.5 LOW |
| A vulnerability was found in GNU cflow 1.7. It has been rated as problematic. This issue affects the function func_body/parse_variable_declaration of the file parser.c. The manipulation leads to denial of service. The exploit has been disclosed to the public and may be used. The identifier VDB-229373 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-2380 | 1 Netgear | 2 Srx5308, Srx5308 Firmware | 2024-11-21 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability, which was classified as problematic, was found in Netgear SRX5308 up to 4.3.5-3. Affected is an unknown function. The manipulation leads to denial of service. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-227658 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2023-2379 | 1 Ui | 4 Er-x, Er-x-sfp, Er-x-sfp Firmware and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability classified as critical has been found in Ubiquiti EdgeRouter X up to 2.0.9-hotfix.6. This affects an unknown part of the component Web Service. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227655. | |||||
| CVE-2023-1645 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in IObit Malware Fighter 9.4.0.776. It has been classified as problematic. This affects the function 0x8018E008 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224025 was assigned to this vulnerability. | |||||
| CVE-2023-1644 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this issue is the function 0x8018E010 in the library IMFCameraProtect.sys of the component IOCTL Handler. The manipulation leads to denial of service. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224024. | |||||
| CVE-2023-1643 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been found in IObit Malware Fighter 9.4.0.776 and classified as problematic. Affected by this vulnerability is the function 0x8001E000/0x8001E004/0x8001E018/0x8001E01C/0x8001E024/0x8001E040 in the library ImfHpRegFilter.sys of the component IOCTL Handler. The manipulation leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224023. | |||||
| CVE-2023-1642 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, was found in IObit Malware Fighter 9.4.0.776. Affected is the function 0x222034/0x222038/0x22203C/0x222040 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. VDB-224022 is the identifier assigned to this vulnerability. | |||||
| CVE-2023-1641 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in IObit Malware Fighter 9.4.0.776. This issue affects the function 0x222018 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier VDB-224021 was assigned to this vulnerability. | |||||
| CVE-2023-1640 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | 4.6 MEDIUM | 5.5 MEDIUM |
| A vulnerability classified as problematic was found in IObit Malware Fighter 9.4.0.776. This vulnerability affects the function 0x222010 in the library ObCallbackProcess.sys of the component IOCTL Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224020. | |||||