Export limit exceeded: 43829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43829 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39408 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| DoS vulnerability in the PMS module. Successful exploitation of this vulnerability may cause the system to restart. | ||||
| CVE-2023-39396 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Deserialization vulnerability in the input module. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-39395 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Mismatch vulnerability in the serialization process in the communication system. Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-39392 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of insecure signatures in the OsuLogin module. Successful exploitation of this vulnerability may cause OsuLogin to be maliciously modified and overwritten. | ||||
| CVE-2023-39390 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart. | ||||
| CVE-2023-39389 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability. | ||||
| CVE-2023-39388 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability. | ||||
| CVE-2023-39386 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart. | ||||
| CVE-2023-39385 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.1 Critical |
| Vulnerability of configuration defects in the media module of certain products.. Successful exploitation of this vulnerability may cause unauthorized access. | ||||
| CVE-2023-39382 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart. | ||||
| CVE-2023-39381 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart. | ||||
| CVE-2023-39342 | 1 Freedom | 1 Dangerzone | 2024-11-21 | 3.6 Low |
| Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzone CLI (`dangerzone-cli` command) logs output from the container where the file sanitization takes place, to the user's terminal. Prior to version 0.4.2, if the container is compromised and can return attacker-controlled strings, then the attacker may be able to spoof messages in the user's terminal or change the window title. Besides logging output from containers, it also logs the names of the files it sanitizes. If these files contain ANSI escape sequences, then the same issue applies. Dangerzone is predominantly a GUI application, so this issue should leave most of our users unaffected. Nevertheless, we always suggest updating to the newest version. This issue is fixed in Dangerzone 0.4.2. | ||||
| CVE-2023-39281 | 3 Amd, Insyde, Intel | 280 Athlon Gold 7220u, Athlon Silver 7120u, Ryzen3 5300u and 277 more | 2024-11-21 | 5.7 Medium |
| A stack buffer overflow vulnerability discovered in AsfSecureBootDxe in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to run arbitrary code execution during the DXE phase. | ||||
| CVE-2023-39280 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-11-21 | 6.5 Medium |
| SonicOS p ost-authentication Stack-Based Buffer Overflow vulnerability in the ssoStats-s.xml, ssoStats-s.wri URL endpoints leads to a firewall crash. | ||||
| CVE-2023-39279 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-11-21 | 6.5 Medium |
| SonicOS post-authentication Stack-Based Buffer Overflow vulnerability in the getPacketReplayData.json URL endpoint leads to a firewall crash. | ||||
| CVE-2023-39278 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-11-21 | 6.5 Medium |
| SonicOS post-authentication user assertion failure leads to Stack-Based Buffer Overflow vulnerability via main.cgi leads to a firewall crash. | ||||
| CVE-2023-39277 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-11-21 | 6.5 Medium |
| SonicOS post-authentication stack-based buffer overflow vulnerability in the sonicflow.csv and appflowsessions.csv URL endpoints leads to a firewall crash. | ||||
| CVE-2023-39276 | 1 Sonicwall | 61 Nsa2700, Nsa3700, Nsa4700 and 58 more | 2024-11-21 | 6.5 Medium |
| SonicOS post-authentication stack-based buffer overflow vulnerability in the getBookmarkList.json URL endpoint leads to a firewall crash. | ||||
| CVE-2023-39240 | 1 Asus | 6 Rt-ac86u, Rt-ac86u Firmware, Rt-ax55 and 3 more | 2024-11-21 | 7.2 High |
| It is identified a format string vulnerability in ASUS RT-AX56U V2’s iperf client function API. This vulnerability is caused by lacking validation for a specific value within its set_iperf3_cli.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service. | ||||
| CVE-2023-39239 | 1 Asus | 6 Rt-ac86u, Rt-ac86u Firmware, Rt-ax55 and 3 more | 2024-11-21 | 7.2 High |
| It is identified a format string vulnerability in ASUS RT-AX56U V2’s General function API. This vulnerability is caused by lacking validation for a specific value within its apply.cgi module. A remote attacker with administrator privilege can exploit this vulnerability to perform remote arbitrary code execution, arbitrary system operation or disrupt service. | ||||