Total
1069 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32027 | 1 Microsoft | 2 Odbc Driver For Sql Server, Sql Server | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-32026 | 1 Microsoft | 2 Odbc Driver For Sql Server, Sql Server | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-32025 | 1 Microsoft | 2 Odbc Driver For Sql Server, Sql Server | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-31031 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | N/A | 4.2 MEDIUM |
| NVIDIA DGX A100 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering. | |||||
| CVE-2023-2763 | 1 3ds | 1 3dexperience Solidworks | 2024-11-21 | N/A | 7.8 HIGH |
| Use-After-Free, Out-of-bounds Write and Heap-based Buffer Overflow vulnerabilities exist in the DWG and DXF file reading procedure in SOLIDWORKS Desktop from Release SOLIDWORKS 2021 through Release SOLIDWORKS 2023. These vulnerabilities could allow an attacker to execute arbitrary code while opening a specially crafted DWG or DXF file. | |||||
| CVE-2023-29344 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2023-29341 | 1 Microsoft | 1 Av1 Video Extension | 2024-11-21 | N/A | 7.8 HIGH |
| AV1 Video Extension Remote Code Execution Vulnerability | |||||
| CVE-2023-28798 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| An out-of-bounds write to heap in the pacparser library on Zscaler Client Connector on Mac may lead to arbitrary code execution. | |||||
| CVE-2023-28311 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft Word Remote Code Execution Vulnerability | |||||
| CVE-2023-28292 | 1 Microsoft | 5 Raw Image Extension, Windows 10 20h2, Windows 10 21h2 and 2 more | 2024-11-21 | N/A | 7.8 HIGH |
| Raw Image Extension Remote Code Execution Vulnerability | |||||
| CVE-2023-28275 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-28269 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 6.2 MEDIUM |
| Windows Boot Manager Security Feature Bypass Vulnerability | |||||
| CVE-2023-28262 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio 2022 | 2024-11-21 | N/A | 7.8 HIGH |
| Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2023-28254 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 7.2 HIGH |
| Windows DNS Server Remote Code Execution Vulnerability | |||||
| CVE-2023-28240 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 8.8 HIGH |
| Windows Network Load Balancing Remote Code Execution Vulnerability | |||||
| CVE-2023-28231 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 8.8 HIGH |
| DHCP Server Service Remote Code Execution Vulnerability | |||||
| CVE-2023-28227 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.5 HIGH |
| Windows Bluetooth Driver Remote Code Execution Vulnerability | |||||
| CVE-2023-28225 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2024-11-21 | N/A | 7.8 HIGH |
| Windows NTLM Elevation of Privilege Vulnerability | |||||
| CVE-2023-28218 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2024-11-21 | N/A | 7.0 HIGH |
| Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | |||||
| CVE-2023-27585 | 1 Teluu | 1 Pjsip | 2024-11-21 | N/A | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. | |||||