Total
29058 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32097 | 1 Silabs | 1 Gecko Software Development Kit | 2024-11-21 | N/A | 3.1 LOW |
| Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||
| CVE-2023-32096 | 1 Silabs | 1 Gecko Software Development Kit | 2024-11-21 | N/A | 3.1 LOW |
| Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | |||||
| CVE-2023-31814 | 1 Dlink | 2 Dir-300, Dir-300 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php. | |||||
| CVE-2023-31726 | 1 Alist Project | 1 Alist | 2024-11-21 | N/A | 7.5 HIGH |
| AList 3.15.1 is vulnerable to Incorrect Access Control, which can be exploited by attackers to obtain sensitive information. | |||||
| CVE-2023-31718 | 1 Frangoteam | 1 Fuxa | 2024-11-21 | N/A | 7.5 HIGH |
| FUXA <= 1.1.12 is vulnerable to Local via Inclusion via /api/download. | |||||
| CVE-2023-31716 | 1 Frangoteam | 1 Fuxa | 2024-11-21 | N/A | 7.5 HIGH |
| FUXA <= 1.1.12 has a Local File Inclusion vulnerability via file=fuxa.log | |||||
| CVE-2023-31704 | 1 Oretnom23 | 1 Online Computer And Laptop Store | 2024-11-21 | N/A | 9.8 CRITICAL |
| Sourcecodester Online Computer and Laptop Store 1.0 is vulnerable to Incorrect Access Control, which allows remote attackers to elevate privileges to the administrator's role. | |||||
| CVE-2023-31497 | 1 Seqrite | 1 End Point Security | 2024-11-21 | N/A | 7.8 HIGH |
| Incorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system. | |||||
| CVE-2023-31424 | 1 Broadcom | 1 Brocade Sannav | 2024-11-21 | N/A | 8.1 HIGH |
| Brocade SANnav Web interface before Brocade SANnav v2.3.0 and v2.2.2a allows remote unauthenticated users to bypass web authentication and authorization. | |||||
| CVE-2023-31293 | 1 Sesami | 1 Cash Point \& Transport Optimizer | 2024-11-21 | N/A | 4.3 MEDIUM |
| An issue was discovered in Sesami Cash Point & Transport Optimizer (CPTO) 6.3.8.6 (#718), allows remote attackers to obtain sensitive information and bypass profile restriction via improper access control in the Reader system user's web browser, allowing the journal to be displayed, despite the option being disabled. | |||||
| CVE-2023-31199 | 1 Intel | 1 Solid State Drive Toolbox | 2024-11-21 | N/A | 7.7 HIGH |
| Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-31172 | 1 Selinc | 1 Sel-5030 Acselerator Quickset | 2024-11-21 | N/A | 5.9 MEDIUM |
| An Incomplete Filtering of Special Elements vulnerability in the Schweitzer Engineering Laboratories SEL-5030 acSELerator QuickSet Software could allow an attacker to embed instructions that could be executed by an authorized device operator. See Instruction Manual Appendix A and Appendix E dated 20230615 for more details. This issue affects SEL-5030 acSELerator QuickSet Software: through 7.1.3.0. | |||||
| CVE-2023-31100 | 1 Phoenix | 1 Securecore Technology | 2024-11-21 | N/A | 8.4 HIGH |
| Improper Access Control in SMI handler vulnerability in Phoenix SecureCore™ Technology™ 4 allows SPI flash modification. This issue affects SecureCore™ Technology™ 4: * from 4.3.0.0 before 4.3.0.203 * from 4.3.1.0 before 4.3.1.163 * from 4.4.0.0 before 4.4.0.217 * from 4.5.0.0 before 4.5.0.138 | |||||
| CVE-2023-31023 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2024-11-21 | N/A | 5.5 MEDIUM |
| NVIDIA Display Driver for Windows contains a vulnerability where an attacker may cause a pointer dereference of an untrusted value, which may lead to denial of service. | |||||
| CVE-2023-31020 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2024-11-21 | N/A | 6.1 MEDIUM |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data tampering. | |||||
| CVE-2023-31019 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2024-11-21 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context. | |||||
| CVE-2023-30998 | 1 Ibm | 1 Security Access Manager | 2024-11-21 | N/A | 7.8 HIGH |
| IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254649. | |||||
| CVE-2023-30997 | 1 Ibm | 1 Security Access Manager | 2024-11-21 | N/A | 7.8 HIGH |
| IBM Security Access Manager Docker 10.0.0.0 through 10.0.7.1 could allow a local user to obtain root access due to improper access controls. IBM X-Force ID: 254638. | |||||
| CVE-2023-30952 | 1 Palantir | 1 Foundry | 2024-11-21 | N/A | 5.0 MEDIUM |
| A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue. This defect was resolved in Frontend release 6.228.0 . | |||||
| CVE-2023-30946 | 1 Palantir | 1 Foundry Issues | 2024-11-21 | N/A | 3.5 LOW |
| A security defect was identified in Foundry Issues. If a user was added to an issue on a resource that they did not have access to and consequently could not see, they could query Foundry's Notification API and receive metadata about the issue including the RID of the issue, severity, internal UUID of the author, and the user-defined title of the issue. | |||||