Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-27506 | 1 Intel | 1 Optimization For Tensorflow | 2024-11-21 | 5.5 Medium |
| Improper buffer restrictions in the Intel(R) Optimization for Tensorflow software before version 2.12 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-25527 | 1 Nvidia | 3 Dgx H100, Dgx H100 Bmc, Dgx H100 Firmware | 2024-11-21 | 7.8 High |
| NVIDIA DGX H100 BMC contains a vulnerability in the host KVM daemon, where an authenticated local attacker may cause corruption of kernel memory. A successful exploit of this vulnerability may lead to arbitrary kernel code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2023-24585 | 2 Silabs, Weston-embedded | 3 Gecko Software Development Kit, Cesium Net, Uc-http | 2024-11-21 | 7.7 High |
| An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2023-24056 | 1 Pkgconf | 1 Pkgconf | 2024-11-21 | 5.5 Medium |
| In pkgconf through 1.9.3, variable duplication can cause unbounded string expansion due to incorrect checks in libpkgconf/tuple.c:pkgconf_tuple_parse. For example, a .pc file containing a few hundred bytes can expand to one billion bytes. | ||||
| CVE-2023-23567 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.1 High |
| A heap-based buffer overflow vulnerability exists in the CreateDIBfromPict functionality of Accusoft ImageGear 20.1. A specially crafted file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2023-23457 | 2 Fedoraproject, Upx Project | 2 Fedora, Upx | 2024-11-21 | 5.3 Medium |
| A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of service. | ||||
| CVE-2023-22313 | 1 Intel | 5 Qat Driver, Qat Driver Firmware, Quickassist Technology Driver and 2 more | 2024-11-21 | 2.3 Low |
| Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2023-22025 | 3 Netapp, Oracle, Redhat | 11 Cloud Insights Acquisition Unit, Cloud Insights Storage Workload Security Agent, Graalvm For Jdk and 8 more | 2024-11-21 | 3.7 Low |
| Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 21.3.7 and 22.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition,. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). | ||||
| CVE-2023-21663 | 1 Qualcomm | 76 Aqt1000, Aqt1000 Firmware, Qca6420 and 73 more | 2024-11-21 | 6.7 Medium |
| Memory Corruption while accessing metadata in Display. | ||||
| CVE-2023-21654 | 1 Qualcomm | 112 Apq8096au, Apq8096au Firmware, Aqt1000 and 109 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Audio during playback session with audio effects enabled. | ||||
| CVE-2023-21637 | 1 Qualcomm | 110 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 107 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Linux while calling system configuration APIs. | ||||
| CVE-2023-21634 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 99 more | 2024-11-21 | 6.7 Medium |
| Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM. | ||||
| CVE-2023-21633 | 1 Qualcomm | 194 Apq8064au, Apq8064au Firmware, Aqt1000 and 191 more | 2024-11-21 | 6.7 Medium |
| Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. | ||||
| CVE-2023-21628 | 1 Qualcomm | 566 Apq8017, Apq8017 Firmware, Apq8064au and 563 more | 2024-11-21 | 8.4 High |
| Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command. | ||||
| CVE-2023-21264 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In multiple functions of mem_protect.c, there is a possible way to access hypervisor memory due to a memory access check in the wrong place. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-20531 | 1 Amd | 100 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 97 more | 2024-11-21 | 7.5 High |
| Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service. | ||||
| CVE-2023-20529 | 1 Amd | 100 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 97 more | 2024-11-21 | 7.5 High |
| Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service. | ||||
| CVE-2023-20251 | 1 Cisco | 2 Aireos, Mobility Express Software | 2024-11-21 | 6.1 Medium |
| A vulnerability in the memory buffer of Cisco Wireless LAN Controller (WLC) AireOS Software could allow an unauthenticated, adjacent attacker to cause memory leaks that could eventually lead to a device reboot. This vulnerability is due to memory leaks caused by multiple clients connecting under specific conditions. An attacker could exploit this vulnerability by causing multiple wireless clients to attempt to connect to an access point (AP) on an affected device. A successful exploit could allow the attacker to cause the affected device to reboot after a significant amount of time, resulting in a denial of service (DoS) condition. | ||||
| CVE-2023-20049 | 1 Cisco | 13 Asr 9000v-v2, Asr 9001, Asr 9006 and 10 more | 2024-11-21 | 8.6 High |
| A vulnerability in the bidirectional forwarding detection (BFD) hardware offload feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauthenticated, remote attacker to cause a line card to reset, resulting in a denial of service (DoS) condition. This vulnerability is due to the incorrect handling of malformed BFD packets that are received on line cards where the BFD hardware offload feature is enabled. An attacker could exploit this vulnerability by sending a crafted IPv4 BFD packet to an affected device. A successful exploit could allow the attacker to cause line card exceptions or a hard reset, resulting in loss of traffic over that line card while the line card reloads. | ||||
| CVE-2023-1679 | 1 Drivergenius | 1 Drivergenius | 2024-11-21 | 5.3 Medium |
| A vulnerability classified as critical was found in DriverGenius 9.70.0.346. This vulnerability affects the function 0x9C406104/0x9C40A108 in the library mydrivers64.sys of the component IOCTL Handler. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224236. | ||||