Export limit exceeded: 35239 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35239 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33561 | 1 Phpjabbers | 1 Time Slots Booking Calendar | 2024-11-21 | 9.8 Critical |
| Improper input validation of password parameter in PHP Jabbers Time Slots Booking Calendar v 3.3 results in insecure passwords. | ||||
| CVE-2023-33558 | 1 Ocomon Project | 1 Ocomon | 2024-11-21 | 7.5 High |
| An information disclosure vulnerability in the component users-grid-data.php of Ocomon before v4.0.1 allows attackers to obtain sensitive information such as e-mails and usernames. | ||||
| CVE-2023-33412 | 1 Supermicro | 724 B12dpe-6, B12dpe-6 Firmware, B12dpt-6 and 721 more | 2024-11-21 | 8.8 High |
| The web interface in the Intelligent Platform Management Interface (IPMI) baseboard management controller (BMC) implementation on Supermicro X11 and M11 based devices, with firmware versions before 3.17.02, allows remote authenticated users to execute arbitrary commands via a crafted request targeting vulnerable cgi endpoints. | ||||
| CVE-2023-33379 | 1 Connectedio | 3 Connected Io, Er2000t-vz-cat1, Er2000t-vz-cat1 Firmware | 2024-11-21 | 9.8 Critical |
| Connected IO v2.1.0 and prior has a misconfiguration in their MQTT broker used for management and device communication, which allows devices to connect to the broker and issue commands to other device, impersonating Connected IO management platform and sending commands to all of Connected IO's devices. | ||||
| CVE-2023-33217 | 1 Idemia | 16 Morphowave Compact, Morphowave Compact Firmware, Morphowave Sp and 13 more | 2024-11-21 | 4.9 Medium |
| By abusing a design flaw in the firmware upgrade mechanism of the impacted terminal it's possible to cause a permanent denial of service for the terminal. the only way to recover the terminal is by sending back the terminal to the manufacturer | ||||
| CVE-2023-33020 | 1 Qualcomm | 164 205, 205 Firmware, 215 and 161 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN Host when an invalid channel (like channel out of range) is received in STA during CSA IE. | ||||
| CVE-2023-33019 | 1 Qualcomm | 193 205, 205 Firmware, 215 and 190 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN Host while doing channel switch announcement (CSA), when a mobile station receives invalid channel in CSA IE. | ||||
| CVE-2023-32858 | 2 Google, Mediatek | 11 Android, Mt6761, Mt6765 and 8 more | 2024-11-21 | 4.4 Medium |
| In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008. | ||||
| CVE-2023-32852 | 2 Google, Mediatek | 2 Android, Mt6779 | 2024-11-21 | 4.4 Medium |
| In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971. | ||||
| CVE-2023-32819 | 2 Google, Mediatek | 15 Android, Mt6765, Mt6768 and 12 more | 2024-11-21 | 4.4 Medium |
| In display, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS08014138. | ||||
| CVE-2023-32764 | 2 Fabasoft, Microsoft | 4 Cloud, Cloud Enterprise Client, Folio \/ Egov-suite and 1 more | 2024-11-21 | 7.8 High |
| Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator. | ||||
| CVE-2023-32762 | 1 Qt | 1 Qt | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Qt before 5.15.14, 6.x before 6.2.9, and 6.3.x through 6.5.x before 6.5.1. Qt Network incorrectly parses the strict-transport-security (HSTS) header, allowing unencrypted connections to be established, even when explicitly prohibited by the server. This happens if the case used for this header does not exactly match. | ||||
| CVE-2023-32734 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-32647 | 1 Intel | 1 Extreme Tuning Utility | 2024-11-21 | 6.8 Medium |
| Improper access control in some Intel(R) XTU software before version 7.12.0.29 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-32644 | 1 Intel | 10 Killer, Killer Wi-fi 6 Ax1650, Killer Wi-fi 6e Ax1675 and 7 more | 2024-11-21 | 4.3 Medium |
| Protection mechanism failure for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2023-32642 | 1 Intel | 10 Killer, Killer Wi-fi 6 Ax1650, Killer Wi-fi 6e Ax1675 and 7 more | 2024-11-21 | 4.3 Medium |
| Insufficient adherence to expected conventions for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2023-32641 | 1 Intel | 1 Quickassist Technology | 2024-11-21 | 7.3 High |
| Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. | ||||
| CVE-2023-32617 | 1 Intel | 46 Compute Stick Stk2mv64cc, Compute Stick Stk2mv64cc Firmware, Nuc 7 Enthusiast Nuc7i7bnhxg and 43 more | 2024-11-21 | 8.2 High |
| Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-32609 | 1 Intel | 1 Unite | 2024-11-21 | 5 Medium |
| Improper access control in the Intel Unite(R) android application before version 4.2.3504 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2023-32572 | 1 Purestorage | 1 Purity\/\/fa | 2024-11-21 | 6.5 Medium |
| A flaw exists in FlashArray Purity wherein under limited circumstances, an array administrator can alter the retention lock of a pgroup and disable pgroup SafeMode protection. | ||||