Export limit exceeded: 29894 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29894 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0965 | 1 Silabs | 1 Gecko Software Development Kit | 2025-01-22 | 3.1 Low |
| Compiler removal of buffer clearing in sli_cryptoacc_transparent_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | ||||
| CVE-2023-1132 | 1 Silabs | 1 Gecko Software Development Kit | 2025-01-22 | 5.3 Medium |
| Compiler removal of buffer clearing in sli_se_driver_key_agreement in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | ||||
| CVE-2024-23666 | 1 Fortinet | 3 Fortianalyzer, Fortianalyzer Big Data, Fortimanager | 2025-01-21 | 7.1 High |
| A client-side enforcement of server-side security in Fortinet FortiAnalyzer-BigData at least version 7.4.0 and 7.2.0 through 7.2.6 and 7.0.1 through 7.0.6 and 6.4.5 through 6.4.7 and 6.2.5, FortiManager version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.1 and 7.2.0 through 7.2.4 and 7.0.0 through 7.0.11 and 6.4.0 through 6.4.14 allows attacker to improper access control via crafted requests. | ||||
| CVE-2023-44255 | 1 Fortinet | 3 Fortianalyzer, Fortianalyzer Big Data, Fortimanager | 2025-01-21 | 3.9 Low |
| An exposure of sensitive information to an unauthorized actor [CWE-200] in Fortinet FortiManager before 7.4.2, FortiAnalyzer before 7.4.2 and FortiAnalyzer-BigData before 7.2.5 may allow a privileged attacker with administrative read permissions to read event logs of another adom via crafted HTTP or HTTPs requests. | ||||
| CVE-2023-2481 | 1 Silabs | 1 Gecko Software Development Kit | 2025-01-21 | 5.3 Medium |
| Compiler removal of buffer clearing in sli_se_opaque_import_key in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | ||||
| CVE-2023-32096 | 1 Silabs | 1 Gecko Software Development Kit | 2025-01-21 | 3.1 Low |
| Compiler removal of buffer clearing in sli_crypto_transparent_aead_encrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | ||||
| CVE-2023-32097 | 1 Silabs | 1 Gecko Software Development Kit | 2025-01-21 | 3.1 Low |
| Compiler removal of buffer clearing in sli_crypto_transparent_aead_decrypt_tag in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | ||||
| CVE-2023-32098 | 1 Silabs | 1 Gecko Software Development Kit | 2025-01-21 | 5.3 Medium |
| Compiler removal of buffer clearing in sli_se_sign_message in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | ||||
| CVE-2023-32099 | 1 Silabs | 1 Gecko Software Development Kit | 2025-01-21 | 5.3 Medium |
| Compiler removal of buffer clearing in sli_se_sign_hash in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | ||||
| CVE-2023-32100 | 1 Silabs | 1 Gecko Software Development Kit | 2025-01-21 | 5.3 Medium |
| Compiler removal of buffer clearing in sli_se_driver_mac_compute in Silicon Labs Gecko Platform SDK v4.2.1 and earlier results in key material duplication to RAM. | ||||
| CVE-2022-40633 | 1 Rittal | 2 Cmc Iii, Cmc Iii Firmware | 2025-01-17 | 4.6 Medium |
| A malicious actor can clone access cards used to open control cabinets secured with Rittal CMC III locks. | ||||
| CVE-2024-33510 | 1 Fortinet | 2 Fortios, Fortiproxy | 2025-01-17 | 3.6 Low |
| An improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability [CWE-74] in FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.16 and below; FortiProxy version 7.4.3 and below, version 7.2.9 and below, version 7.0.16 and below; FortiSASE version 24.2.b SSL-VPN web user interface may allow a remote unauthenticated attacker to perform phishing attempts via crafted requests. | ||||
| CVE-2024-47906 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2025-01-17 | 7.8 High |
| Excessive binary privileges in Ivanti Connect Secure before version 22.7R2.3 (Not Applicable to 9.1Rx) and Ivanti Policy Secure before version 22.7R1.2 (Not Applicable to 9.1Rx) allows a local authenticated attacker to escalate privileges. | ||||
| CVE-2024-8539 | 4 Apple, Ivanti, Linux and 1 more | 4 Macos, Secure Access Client, Linux Kernel and 1 more | 2025-01-17 | 7.1 High |
| Improper authorization in Ivanti Secure Access Client before version 22.7R3 allows a local authenticated attacker to modify sensitive configuration files. | ||||
| CVE-2024-9842 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2025-01-17 | 7.3 High |
| Incorrect permissions in Ivanti Secure Access Client before version 22.7R4 allows a local authenticated attacker to create arbitrary folders. | ||||
| CVE-2024-7571 | 2 Ivanti, Microsoft | 2 Secure Access Client, Windows | 2025-01-17 | 7.8 High |
| Incorrect permissions in Ivanti Secure Access Client before 22.7R4 allows a local authenticated attacker to escalate their privileges. | ||||
| CVE-2024-9844 | 1 Ivanti | 1 Connect Secure | 2025-01-17 | 7.1 High |
| Insufficient server-side controls in Secure Application Manager of Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker to bypass restrictions. | ||||
| CVE-2023-31814 | 1 Dlink | 2 Dir-300, Dir-300 Firmware | 2025-01-17 | 9.8 Critical |
| D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model/__lang_msg.php. | ||||
| CVE-2023-27384 | 1 Cybozu | 1 Garoon | 2025-01-17 | 4.3 Medium |
| Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport. | ||||
| CVE-2023-27304 | 1 Cybozu | 1 Garoon | 2025-01-17 | 4.3 Medium |
| Operation restriction bypass vulnerability in Message and Bulletin of Cybozu Garoon 4.6.0 to 5.9.2 allows a remote authenticated attacker to alter the data of Message and/or Bulletin. | ||||