Export limit exceeded: 35128 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35128 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26433 | 1 Open-xchange | 1 Open-xchange Appsuite Backend | 2024-11-21 | 4.3 Medium |
| When adding an external mail account, processing of IMAP "capabilities" responses are not limited to plausible sizes. Attacker with access to a rogue IMAP service could trigger requests that lead to excessive resource usage and eventually service unavailability. We now limit accepted IMAP server response to reasonable length/size. No publicly available exploits are known. | ||||
| CVE-2023-26364 | 2 Adobe, Redhat | 4 Css-tools, Migration Toolkit Applications, Migration Toolkit Runtimes and 1 more | 2024-11-21 | 5.3 Medium |
| @adobe/css-tools version 4.3.0 and earlier are affected by an Improper Input Validation vulnerability that could result in a minor denial of service while attempting to parse CSS. Exploitation of this issue does not require user interaction or privileges. | ||||
| CVE-2023-26311 | 1 Oppo | 1 Oppo Store | 2024-11-21 | 7.4 High |
| A remote code execution vulnerability in the webview component of OPPO Store app. | ||||
| CVE-2023-26309 | 1 Oneplus | 1 Store | 2024-11-21 | 7.4 High |
| A remote code execution vulnerability in the webview component of OnePlus Store app. | ||||
| CVE-2023-26300 | 1 Hp | 178 200 G4 22 All-in-one Pc \(rom Family Ssid 86f0\), 200 G4 22 All-in-one Pc \(rom Family Ssid 86f0\) Firmware, 200 G4 22 All-in-one Pc \(rom Family Ssid 86f2\) and 175 more | 2024-11-21 | 7.8 High |
| A potential security vulnerability has been identified in the system BIOS for certain HP PC products which might allow escalation of privilege. HP is releasing firmware updates to mitigate the potential vulnerability. | ||||
| CVE-2023-26286 | 1 Ibm | 2 Aix, Vios | 2024-11-21 | 8.4 High |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX runtime services library to execute arbitrary commands. IBM X-Force ID: 248421. | ||||
| CVE-2023-26268 | 2 Apache, Ibm | 2 Couchdb, Cloudant | 2024-11-21 | 4.4 Medium |
| Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate_doc_update * list * filter * filter views (using view functions as filters) * rewrite * update This doesn't affect map/reduce or search (Dreyfus) index functions. Users are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3). Workaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment. | ||||
| CVE-2023-26238 | 1 Watchguard | 8 Edr, Edr Firmware, Epdr and 5 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in WatchGuard EPDR 8.0.21.0002. It is possible to enable or disable defensive capabilities by sending a crafted message to a named pipe. | ||||
| CVE-2023-26236 | 1 Watchguard | 8 Edr, Edr Firmware, Epdr and 5 more | 2024-11-21 | 7.8 High |
| An issue was discovered in WatchGuard EPDR 8.0.21.0002. Due to a weak implementation of message handling between WatchGuard EPDR processes, it is possible to perform a Local Privilege Escalation on Windows by sending a crafted message to a named pipe. | ||||
| CVE-2023-26119 | 1 Htmlunit | 1 Htmlunit | 2024-11-21 | 9.8 Critical |
| Versions of the package net.sourceforge.htmlunit:htmlunit from 0 and before 3.0.0 are vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. | ||||
| CVE-2023-26095 | 1 Stormshield | 1 Stormshield Network Security | 2024-11-21 | 7.5 High |
| ASQ in Stormshield Network Security (SNS) 4.3.15 before 4.3.16 and 4.6.x before 4.6.3 allows a crash when analysing a crafted SIP packet. | ||||
| CVE-2023-25951 | 1 Intel | 7 Killer, Killer Wi-fi 6e Ax1675, Killer Wi-fi 6e Ax1690 and 4 more | 2024-11-21 | 6 Medium |
| Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-25945 | 1 Intel | 1 One Boot Flash Update | 2024-11-21 | 6.7 Medium |
| Protection mechanism failure in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-25777 | 1 Intel | 1 Thunderbolt Dch Driver | 2024-11-21 | 7.9 High |
| Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-25774 | 1 Softether | 1 Vpn | 2024-11-21 | 7.5 High |
| A denial-of-service vulnerability exists in the vpnserver ConnectionAccept() functionality of SoftEther VPN 5.02. A set of specially crafted network connections can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability. | ||||
| CVE-2023-25773 | 1 Intel | 1 Unite | 2024-11-21 | 7.5 High |
| Improper access control in the Intel(R) Unite(R) Hub software installer for Windows before version 4.2.34962 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-25769 | 1 Intel | 1 Thunderbolt Dch Driver | 2024-11-21 | 5.5 Medium |
| Uncontrolled resource consumption in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-25757 | 1 Intel | 1 Unison | 2024-11-21 | 7.3 High |
| Improper access control in some Intel(R) Unison(TM) software before version 10.12 may allow a privileged user to potentially enable escalation of privilege via network access. | ||||
| CVE-2023-25535 | 1 Dell | 1 Supportassist For Home Pcs | 2024-11-21 | 7.2 High |
| Dell SupportAssist for Home PCs Installer Executable file version prior to 3.13.2.19 used for initial installation has a high vulnerability that can result in local privilege escalation (LPE). This vulnerability only affects first-time installations done prior to 8th March 2023 | ||||
| CVE-2023-25534 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | 5.7 Medium |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||