Total
4128 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-25071 | 2 Intel, Microsoft | 3 Arc A Graphics, Iris Xe Graphics, Windows | 2024-11-21 | N/A | 5.6 MEDIUM |
| NULL pointer dereference in some Intel(R) Arc(TM) & Iris(R) Xe Graphics - WHQL - Windows Drviers before version 31.0.101.4255 may allow authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-24940 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability | |||||
| CVE-2023-24910 | 1 Microsoft | 15 365, Office, Office Long Term Servicing Channel and 12 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2023-24859 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | |||||
| CVE-2023-24825 | 1 Riot-os | 1 Riot | 2024-11-21 | N/A | 7.5 HIGH |
| RIOT-OS, an operating system for Internet of Things (IoT) devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2023.04, an attacker can send a crafted frame to the device to trigger a NULL pointer dereference leading to denial of service. This issue is fixed in version 2023.04. There are no known workarounds. | |||||
| CVE-2023-24822 | 1 Riot-os | 1 Riot | 2024-11-21 | N/A | 7.5 HIGH |
| RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference while encoding a 6LoWPAN IPHC header. The NULL pointer dereference causes a hard fault exception, leading to denial of service. Version 2022.10 fixes this issue. As a workaround, apply the patches manually. | |||||
| CVE-2023-24818 | 1 Riot-os | 1 Riot | 2024-11-21 | N/A | 7.5 HIGH |
| RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in a NULL pointer dereference. During forwarding of a fragment an uninitialized entry in the reassembly buffer is used. The NULL pointer dereference triggers a hard fault exception resulting in denial of service. Version 2022.10 fixes this issue. As a workaround, disable support for fragmented IP datagrams or apply the patches manually. | |||||
| CVE-2023-24752 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | N/A | 5.5 MEDIUM |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the ff_hevc_put_hevc_epel_pixels_8_sse function at sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | |||||
| CVE-2023-24751 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | N/A | 6.5 MEDIUM |
| libde265 v1.0.10 was discovered to contain a NULL pointer dereference in the mc_chroma function at motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input file. | |||||
| CVE-2023-24465 | 1 Openatom | 1 Openharmony | 2024-11-21 | N/A | 5.5 MEDIUM |
| Communication Wi-Fi subsystem within OpenHarmony-v3.1.4 and prior versions, OpenHarmony-v3.0.7 and prior versions has a null pointer reference vulnerability which local attackers can exploit this vulnerability to cause the current application to crash. | |||||
| CVE-2023-23108 | 1 Crasm Project | 1 Crasm | 2024-11-21 | N/A | 7.5 HIGH |
| In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a NULL pointer dereference in the function Xasc. | |||||
| CVE-2023-22839 | 1 F5 | 66 Big-ip 10000s, Big-ip 10000s Firmware, Big-ip 10200v and 63 more | 2024-11-21 | N/A | 7.5 HIGH |
| On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2023-22341 | 1 F5 | 1 Big-ip Access Policy Manager | 2024-11-21 | N/A | 7.5 HIGH |
| On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate: * An OAuth Server that references an OAuth Provider * An OAuth profile with the Authorization Endpoint set to '/' * An access profile that references the above OAuth profile and is associated with an HTTPS virtual server Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2023-22340 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2024-11-21 | N/A | 7.5 HIGH |
| On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2023-21758 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | |||||
| CVE-2023-21757 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability | |||||
| CVE-2023-21700 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows iSCSI Discovery Service Denial of Service Vulnerability | |||||
| CVE-2023-21683 | 1 Microsoft | 13 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 10 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability | |||||
| CVE-2023-21593 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | N/A | 5.5 MEDIUM |
| Adobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-21547 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2024-11-21 | N/A | 7.5 HIGH |
| Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | |||||