Total
10490 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-29495 | 1 Intel | 4 Nuc 8 Mainstream-g Kit Nuc8i5inh, Nuc 8 Mainstream-g Kit Nuc8i5inh Firmware, Nuc 8 Mainstream-g Kit Nuc8i7inh and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
| Improper input validation for some Intel NUC BIOS firmware before version IN0048 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-29446 | 1 Ptc | 3 Kepware Kepserverex, Thingworx Industrial Connectivity, Thingworx Kepware Server | 2024-11-21 | N/A | 4.7 MEDIUM |
| An improper input validation vulnerability has been discovered that could allow an adversary to inject a UNC path via a malicious project file. This allows an adversary to capture NLTMv2 hashes and potentially crack them offline. | |||||
| CVE-2023-29410 | 1 Schneider-electric | 6 Conext Gateway, Conext Gateway Firmware, Insightfacility and 3 more | 2024-11-21 | N/A | 7.2 HIGH |
| A CWE-20: Improper Input Validation vulnerability exists that could allow an authenticated attacker to gain the same privilege as the application on the server when a malicious payload is provided over HTTP for the server to execute. | |||||
| CVE-2023-29353 | 1 Microsoft | 2 Sysinternals, Sysinternals Process Monitor | 2024-11-21 | N/A | 5.5 MEDIUM |
| Sysinternals Process Monitor for Windows Denial of Service Vulnerability | |||||
| CVE-2023-29335 | 1 Microsoft | 15 365 Apps, Office, Windows 10 1507 and 12 more | 2024-11-21 | N/A | 7.5 HIGH |
| Microsoft Word Security Feature Bypass Vulnerability | |||||
| CVE-2023-29332 | 1 Microsoft | 1 Azure Kubernetes Service | 2024-11-21 | N/A | 7.5 HIGH |
| Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability | |||||
| CVE-2023-29293 | 1 Adobe | 2 Commerce, Magento | 2024-11-21 | N/A | 2.7 LOW |
| Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier) are affected by an Improper Input Validation vulnerability that could result in a Security feature bypass. An admin privileged attacker could leverage this vulnerability to impact the availability of a user's minor feature. Exploitation of this issue does not require user interaction. | |||||
| CVE-2023-29255 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-11-21 | N/A | 7.5 HIGH |
| IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a denial of service as it may trap when compiling a variation of an anonymous block. IBM X-Force ID: 251991. | |||||
| CVE-2023-29246 | 1 Apache | 1 Openmeetings | 2024-11-21 | N/A | 7.2 HIGH |
| An attacker who has gained access to an admin account can perform RCE via null-byte injection Vendor: The Apache Software Foundation Versions Affected: Apache OpenMeetings from 2.0.0 before 7.1.0 | |||||
| CVE-2023-29134 | 2024-11-21 | N/A | 8.6 HIGH | ||
| An issue was discovered in the Cargo extension for MediaWiki through 1.39.3. There is mishandling of backticks to smartSplit. | |||||
| CVE-2023-28981 | 1 Juniper | 2 Junos, Junos Os Evolved | 2024-11-21 | N/A | 6.5 MEDIUM |
| An Improper Input Validation vulnerability in the kernel of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If the receipt of router advertisements is enabled on an interface and a specifically malformed RA packet is received, memory corruption will happen which leads to an rpd crash. This issue affects: Juniper Networks Junos OS 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S3; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3; 21.3 versions prior to 21.3R3; 21.4 versions prior to 21.4R2; 22.1 versions prior to 22.1R2. Juniper Networks Junos OS Evolved 20.3-EVO version 20.3R1-EVO and later versions; 20.4-EVO versions prior to 20.4R3-S6-EVO; 21.3-EVO versions prior to 21.3R3-EVO; 21.4-EVO versions prior to 21.4R2-EVO; 22.1-EVO versions prior to 22.1R2-EVO. | |||||
| CVE-2023-28743 | 1 Intel | 8 Nuc 9 Pro Compute Element Nuc9v7qnb, Nuc 9 Pro Compute Element Nuc9v7qnb Firmware, Nuc 9 Pro Compute Element Nuc9v7qnx and 5 more | 2024-11-21 | N/A | 7.5 HIGH |
| Improper input validation for some Intel NUC BIOS firmware before version QN0073 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28738 | 1 Intel | 12 Nuc 7 Essential Nuc7cjysamn, Nuc 7 Essential Nuc7cjysamn Firmware, Nuc Kit Nuc7cjyh and 9 more | 2024-11-21 | N/A | 7.5 HIGH |
| Improper input validation for some Intel NUC BIOS firmware before version JY0070 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28710 | 1 Apache | 1 Apache-airflow-providers-apache-spark | 2024-11-21 | N/A | 7.5 HIGH |
| Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Spark Provider.This issue affects Apache Airflow Spark Provider: before 4.0.1. | |||||
| CVE-2023-28574 | 1 Qualcomm | 156 Ar8035, Ar8035 Firmware, Qam8255p and 153 more | 2024-11-21 | N/A | 9.0 CRITICAL |
| Memory corruption in core services when Diag handler receives a command to configure event listeners. | |||||
| CVE-2023-28402 | 2024-11-21 | N/A | 7.2 HIGH | ||
| Improper input validation in some Intel(R) BIOS Guard firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28374 | 1 Intel | 7 Killer, Killer Wi-fi 6e Ax1675, Killer Wi-fi 6e Ax1690 and 4 more | 2024-11-21 | N/A | 6.1 MEDIUM |
| Improper input validation for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2023-28324 | 1 Ivanti | 1 Endpoint Manager | 2024-11-21 | N/A | 9.8 CRITICAL |
| A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution. | |||||
| CVE-2023-28304 | 1 Microsoft | 2 Odbc, Ole Db | 2024-11-21 | N/A | 7.8 HIGH |
| Microsoft ODBC and OLE DB Remote Code Execution Vulnerability | |||||
| CVE-2023-28291 | 1 Microsoft | 5 Raw Image Extension, Windows 10 20h2, Windows 10 21h2 and 2 more | 2024-11-21 | N/A | 8.4 HIGH |
| Raw Image Extension Remote Code Execution Vulnerability | |||||