Export limit exceeded: 35164 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35164 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32641 | 1 Intel | 1 Quickassist Technology | 2024-11-21 | 7.3 High |
| Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. | ||||
| CVE-2023-32617 | 1 Intel | 46 Compute Stick Stk2mv64cc, Compute Stick Stk2mv64cc Firmware, Nuc 7 Enthusiast Nuc7i7bnhxg and 43 more | 2024-11-21 | 8.2 High |
| Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-32609 | 1 Intel | 1 Unite | 2024-11-21 | 5 Medium |
| Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-32572 | 1 Purestorage | 1 Purity\/\/fa | 2024-11-21 | 6.5 Medium |
| A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection. | ||||
| CVE-2023-32566 | 1 Ivanti | 1 Avalanche | 2024-11-21 | 9.1 Critical |
| An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1. | ||||
| CVE-2023-32565 | 1 Ivanti | 1 Avalanche | 2024-11-21 | 9.1 Critical |
| An attacker can send a specially crafted request which could lead to leakage of sensitive data or potentially a resource-based DoS attack. Fixed in version 6.4.1. | ||||
| CVE-2023-32463 | 1 Dell | 90 Vxrail D560, Vxrail D560 Firmware, Vxrail D560f and 87 more | 2024-11-21 | 3.4 Low |
| Dell VxRail, version(s) 8.0.100 and earlier contain a denial-of-service vulnerability in the upgrade functionality. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to degraded performance and system malfunction. | ||||
| CVE-2023-32442 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventura 13.5, macOS Monterey 12.6.8. A shortcut may be able to modify sensitive Shortcuts app settings. | ||||
| CVE-2023-32441 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2024-11-21 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-32427 | 1 Apple | 1 Music | 2024-11-21 | 5.9 Medium |
| This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 4.2.0 for Android. An attacker in a privileged network position may be able to intercept network traffic. | ||||
| CVE-2023-32418 | 1 Apple | 1 Macos | 2024-11-21 | 7.8 High |
| The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.8, macOS Ventura 13.5, macOS Big Sur 11.7.9. Processing a file may lead to unexpected app termination or arbitrary code execution. | ||||
| CVE-2023-32416 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2024-11-21 | 5.5 Medium |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to read sensitive location information. | ||||
| CVE-2023-32267 | 1 Microfocus | 1 Arcsight Management Center | 2024-11-21 | 6.4 Medium |
| A potential vulnerability has been identified in OpenText / Micro Focus ArcSight Management Center. The vulnerability could be remotely exploited. | ||||
| CVE-2023-32265 | 1 Microfocus | 5 Cobol Server, Enterprise Developer, Enterprise Server and 2 more | 2024-11-21 | 7.1 High |
| A potential security vulnerability has been identified in the Enterprise Server Common Web Administration (ESCWA) component used in Enterprise Server, Enterprise Test Server, Enterprise Developer, Visual COBOL, and COBOL Server. An attacker would need to be authenticated into ESCWA to attempt to exploit this vulnerability. As described in the hardening guide in the product documentation, other mitigations including restricting network access to ESCWA and restricting users’ permissions in the Micro Focus Directory Server also reduce the exposure to this issue. Given the right conditions this vulnerability could be exploited to expose a service account password. The account corresponding to the exposed credentials usually has limited privileges and, in many cases would only be useful for extracting details of other user accounts and similar information. | ||||
| CVE-2023-32263 | 1 Microfocus | 1 Dimensions Cm | 2024-11-21 | 2.6 Low |
| A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability could be exploited to retrieve a login certificate if an authenticated user is duped into using an attacker-controlled Dimensions CM server. This vulnerability only applies when the Jenkins plugin is configured to use login certificate credentials. https://www.jenkins.io/security/advisory/2023-06-14/ | ||||
| CVE-2023-32262 | 1 Microfocus | 1 Dimensions Cm | 2024-11-21 | 4.3 Medium |
| A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Item/Configure permission to access and capture credentials they are not entitled to. See the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/ | ||||
| CVE-2023-32261 | 1 Microfocus | 1 Dimensions Cm | 2024-11-21 | 4.2 Medium |
| A potential vulnerability has been identified in the Micro Focus Dimensions CM Plugin for Jenkins. The vulnerability allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. See the following Jenkins security advisory for details: * https://www.jenkins.io/security/advisory/2023-06-14/ https://www.jenkins.io/security/advisory/2023-06-14/ | ||||
| CVE-2023-32232 | 1 Vasion | 1 Printerlogic Client | 2024-11-21 | 9.9 Critical |
| An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.836. During client installation and repair, a PrinterLogic binary is called by the installer to configure the device. This window is not hidden, and is running with elevated privileges. A standard user can break out of this window, obtaining a full SYSTEM command prompt window. This results in complete compromise via arbitrary SYSTEM code execution (elevation of privileges). | ||||
| CVE-2023-32231 | 1 Vasion | 1 Printerlogic Client | 2024-11-21 | 9.9 Critical |
| An issue was discovered in Vasion PrinterLogic Client for Windows before 25.0.0.818. During installation, binaries gets executed out of a subfolder in C:\Windows\Temp. A standard user can create the folder and path file ahead of time and obtain elevated code execution. | ||||
| CVE-2023-31824 | 1 Dericia | 1 Delicia | 2024-11-21 | 7.5 High |
| An issue found in DERICIA Co. Ltd, DELICIA v.13.6.1 allows a remote attacker to gain access to sensitive information via the channel access token in the miniapp DELICIA function. | ||||