CVEs from 2023
Total
6,189
critical
critical 221
high
high 1,481
medium
medium 1,384
low
low 30
% Critical
3.6%
% with KEV
2.6%
% with exploit
3.4%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- registrationmagic 6
- codeready_linux_builder_for_ibm_z_systems_eus 6
- cbot_panel 6
- codeready_linux_builder_eus 6
- openstack_platform 6
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-20963 | unknown | — | 1.5 | 3y ago | Android Framework contains an unspecified vulnerability that allows for privilege escalation after updating an app to a higher Target SDK with no additional execution privileges needed. | |||
| CVE-2023-28206 | unknown | — | 1.5 | 3y ago | Apple iOS, iPadOS, and macOS IOSurfaceAccelerator contain an out-of-bounds write vulnerability that allows an app to execute code with kernel privileges. | |||
| CVE-2023-26083 | unknown | — | 1.5 | 3y ago | Arm Mali GPU Kernel Driver contains an information disclosure vulnerability that allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. | |||
| CVE-2023-23397 | unknown | — | 1.5 | 3y ago | Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user. | |||
| CVE-2023-24880 | unknown | — | 1.5 | 3y ago | Microsoft Windows SmartScreen contains a security feature bypass vulnerability that could allow an attacker to evade Mark of the Web (MOTW) defenses via a specially crafted malicious file. | |||
| CVE-2023-21823 | unknown | — | 1.5 | 3y ago | Microsoft Windows Graphic Component contains an unspecified vulnerability that allows for privilege escalation. | |||
| CVE-2023-21715 | unknown | — | 1.5 | 3y ago | Microsoft Office Publisher contains a security feature bypass vulnerability that allows for a local, authenticated attack on a targeted system. | |||
| CVE-2023-23376 | unknown | — | 1.5 | 3y ago | Microsoft Windows Common Log File System (CLFS) driver contains an unspecified vulnerability that allows for privilege escalation. | |||
| CVE-2023-21674 | unknown | — | 1.5 | 3y ago | Microsoft Windows Advanced Local Procedure Call (ALPC) contains an unspecified vulnerability that allows for privilege escalation. | |||
| CVE-2023-2640 | unknown | — | 1.0 | — | On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on th… | |||
| CVE-2023-32629 | unknown | — | 1.0 | — | Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels | |||
| CVE-2023-27372 | unknown | — | 1.0 | — | SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1. | |||
| CVE-2023-50386 | unknown | — | 1.0 | 2y ago | Apache Solr: Backup/Restore APIs allow for deployment of executables in malicious ConfigSets | |||
| CVE-2023-48292 | unknown | — | 1.0 | 3y ago | Run Shell Command allows Cross-Site Request Forgery | |||
| CVE-2023-40315 | unknown | — | 1.0 | 3y ago | OpenNMS privilege escalation vulnerability | |||
| CVE-2023-0872 | unknown | — | 1.0 | 3y ago | OpenNMS privilege elevation vulnerability | |||
| CVE-2023-36812 | unknown | — | 1.0 | 3y ago | Remote Code Execution for 2.4.1 and earlier | |||
| CVE-2023-34468 | unknown | — | 1.0 | 3y ago | Apache NiFi vulnerable to Code Injection | |||
| CVE-2023-25826 | unknown | — | 1.0 | 3y ago | Command injection in OpenTSDB | |||
| CVE-2023-53022 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: enetc: avoid deadlock in enetc_tx_onestep_tstamp() This lockdep splat says it better than I could: ========================… | |||
| CVE-2023-52894 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() In Google internal bug 265639009 we've received an (as yet) unr… | |||
| CVE-2023-49355 | unknown | — | — | — | decToString in decNumber/decNumber.c in jq 88f01a7 has a one-byte out-of-bounds write via the " []-1.2e-1111111111" input. NOTE: this is not the same as CVE-2023-50246. The CVE-2023-50246 71c2ab5 ref… | |||
| CVE-2023-50246 | unknown | — | — | — | jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue. | |||
| CVE-2023-4154 | unknown | — | — | — | A design flaw was found in Samba's DirSync control implementation, which exposes passwords and secrets in Active Directory to privileged users and Read-Only Domain Controllers (RODCs). This flaw allo… | |||
| CVE-2023-5568 | unknown | — | — | — | A heap-based Buffer Overflow flaw was discovered in Samba. It could allow a remote, authenticated attacker to exploit this vulnerability to cause a denial of service. | |||
| CVE-2023-53455 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/vc4: drop all currently held locks if deadlock happens If vc4_hdmi_reset_link() returns -EDEADLK, it means that a deadlock ha… | |||
| CVE-2023-53506 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: udf: Do not bother merging very long extents When merging very long extents we try to push as much length as possible to the firs… | |||
| CVE-2023-53497 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: vsp1: Replace vb2_is_streaming() with vb2_start_streaming_called() The vsp1 driver uses the vb2_is_streaming() function in… | |||
| CVE-2023-53630 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommufd: Fix unpinning of pages when an access is present syzkaller found that the calculation of batch_last_index should use 'st… | |||
| CVE-2023-1032 | unknown | — | — | — | The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551ba… | |||
| CVE-2023-53659 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iavf: Fix out-of-bounds when setting channels on remove If we set channels greater during iavf_remove(), and waiting reset done w… | |||
| CVE-2023-34237 | unknown | — | — | — | SABnzbd is an open source automated Usenet download tool. A design flaw was discovered in SABnzbd that could allow remote code execution. Manipulating the Parameters setting in the Notification Scrip… | |||
| CVE-2023-46303 | unknown | — | — | — | link_to_local_path in ebooks/conversion/plugins/html_input.py in calibre before 6.19.0 can, by default, add resources outside of the document root. | |||
| CVE-2023-1295 | unknown | — | — | — | A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privile… | |||
| CVE-2023-53214 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential memory corruption in __update_iostat_latency() Add iotype sanity check to avoid potential memory cor… | |||
| CVE-2023-53216 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: arm64: efi: Make efi_rt_lock a raw_spinlock Running a rt-kernel base on 6.2.0-rc3-rt1 on an Ampere Altra outputs the following: … | |||
| CVE-2023-53217 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nubus: Partially revert proc_create_single_data() conversion The conversion to proc_create_single_data() introduced a regression … | |||
| CVE-2023-53219 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: netup_unidvb: fix use-after-free at del_timer() When Universal DVB card is detaching, netup_unidvb_dma_fini() uses del_tim… | |||
| CVE-2023-53223 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Add missing check for alloc_ordered_workqueue Add check for the return value of alloc_ordered_workqueue as it may re… | |||
| CVE-2023-53222 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: jfs: jfs_dmap: Validate db_l2nbperpage while mounting In jfs_dmap.c at line 381, BLKTODMAP is used to get a logical block number … | |||
| CVE-2023-53234 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix kmemleak in watchdog_cdev_register kmemleak reports memory leaks in watchdog_dev_register, as follows: unreferenced… | |||
| CVE-2023-53225 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: spi: imx: Don't skip cleanup in remove's error path Returning early in a platform driver's remove callback is wrong. In this case… | |||
| CVE-2023-53238 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe() The size of array 'priv->ports[]' is INNO_PHY_PORT_NUM. In t… | |||
| CVE-2023-53239 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Add check for kzalloc As kzalloc may fail and return NULL pointer, it should be better to check the return value in… | |||
| CVE-2023-53243 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile Callers of `btrfs_reduce_alloc_profile` expect it to return ex… | |||
| CVE-2023-53242 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/hisi: Drop second sensor hi3660 The commit 74c8e6bffbe1 ("driver core: Add __alloc_size hint to devm allocators")… | |||
| CVE-2023-53244 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish When the driver calls tw68_risc_buffer() to prepare the buffer… | |||
| CVE-2023-53247 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand While trying to get the subpage blocksize tests running, I hi… | |||
| CVE-2023-53267 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: driver: soc: xilinx: fix memory leak in xlnx_add_cb_for_notify_event() The kfree() should be called when memory fails to be alloc… | |||
| CVE-2023-53269 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: block: ublk: make sure that block size is set correctly block size is one very key setting for block layer, and bad block size co… | |||
| CVE-2023-53281 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8723bs: Fix locking in _rtw_join_timeout_handler() Commit 041879b12ddb ("drivers: staging: rtl8192bs: Fix de… | |||
| CVE-2023-53284 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for null return of devm_kzalloc() in dpu_writeback_init() Because of the possilble failure of devm_kzalloc(), … | |||
| CVE-2023-53274 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: mt8183: Add back SSPM related clocks This reverts commit 860690a93ef23b567f781c1b631623e27190f101. On the MT8183,… | |||
| CVE-2023-53276 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubifs: Free memory for tmpfile name When opening a ubifs tmpfile on an encrypted directory, function fscrypt_setup_filename alloc… | |||
| CVE-2023-53278 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in ubifs_sysfs_init() When insmod ubifs.ko, a kmemleak reported as below: unreferenced object 0xffff8881… | |||
| CVE-2023-53277 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: iwl3945: Add missing check for create_singlethread_workqueue Add the check for the return value of the create_singlethread_… | |||
| CVE-2023-53279 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: misc: vmw_balloon: fix memory leak with using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called o… | |||
| CVE-2023-53282 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware write During the sysfs firmware write process, a use-after-… | |||
| CVE-2023-53289 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: bdisp: Add missing check for create_workqueue Add the check for the return value of the create_workqueue in order to avoid… | |||
| CVE-2023-53314 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev/ep93xx-fb: Do not assign to struct fb_info.dev Do not assing the Linux device to struct fb_info.dev. The call to register_f… | |||
| CVE-2023-53315 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Fix SKB corruption in REO destination ring While running traffics for a long time, randomly an RX descriptor filled… | |||
| CVE-2023-53316 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: Free resources after unregistering them The DP component's unbind operation walks through the submodules to unregiste… | |||
| CVE-2023-53318 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: recordmcount: Fix memory leaks in the uwrite function Common realloc mistake: 'file_append' nulled but not freed upon failure | |||
| CVE-2023-53329 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: workqueue: fix data race with the pwq->stats[] increment KCSAN has discovered a data race in kernel/workqueue.c:2598: [ 1863.554… | |||
| CVE-2023-53324 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Don't leak some plane state Apparently no one noticed that mdp5 plane states leak like a sieve ever since we introd… | |||
| CVE-2023-53325 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: dp: Change logging to dev for mtk_dp_aux_transfer() Change logging from drm_{err,info}() to dev_{err,info}() in fun… | |||
| CVE-2023-53327 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Catch overflow of uptr and length syzkaller hits a WARN_ON when trying to have a uptr close to UINTPTR_MAX: … | |||
| CVE-2023-53330 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: caif: fix memory leak in cfctrl_linkup_request() When linktype is unknown or kzalloc failed in cfctrl_linkup_request(), pkt is no… | |||
| CVE-2023-53332 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: genirq/ipi: Fix NULL pointer deref in irq_data_get_affinity_mask() If ipi_send_{mask|single}() is called with an invalid interrup… | |||
| CVE-2023-53348 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when aborting transaction during relocation with scrub Before relocating a block group we pause scrub, then d… | |||
| CVE-2023-53336 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings When ipu_bridge_parse_rotation() and ipu_bridge_parse_orie… | |||
| CVE-2023-53337 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, mark_buffer_dirty() called from nil… | |||
| CVE-2023-53347 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Handle pairing of E-switch via uplink un/load APIs In case user switch a device from switchdev mode to legacy mode, mlx… | |||
| CVE-2023-53339 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix BUG_ON condition in btrfs_cancel_balance Pausing and canceling balance can race to interrupt balance lead to BUG_ON pa… | |||
| CVE-2023-53340 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Collect command failures data only for known commands DEVX can issue a general command, which is not used by mlx5 drive… | |||
| CVE-2023-53364 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: better fix null deref with partial DT Two versions of the original patch were sent but V1 was merged instead o… | |||
| CVE-2023-53368 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rb_end_commit() at code: if (RB_WARN_ON(cpu_buffer… | |||
| CVE-2023-53369 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCB_ATTR_BCN The dcbnl_bcn_setcfg uses erroneous policy to parse tb[DCB_ATTR_BCN], which… | |||
| CVE-2023-53378 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/i915/dpt: Treat the DPT BO as a framebuffer Currently i915_gem_object_is_framebuffer() doesn't treat the BO containing the fr… | |||
| CVE-2023-53396 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in do_rename If renaming a file in an encrypted directory, function fscrypt_setup_filename allocates memor… | |||
| CVE-2023-53374 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: fail SCO/ISO via hci_conn_failed if ACL gone early Not calling hci_(dis)connect_cfm before deleting conn ref… | |||
| CVE-2023-53375 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurr… | |||
| CVE-2023-53377 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2_compound_op we have a possible use-after-free which can cause har… | |||
| CVE-2023-53379 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe() Smatch reports: drivers/usb/phy/phy-tahvo.c: tahvo_usb_probe() warn: mi… | |||
| CVE-2023-53385 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: media: mdp3: Fix resource leaks in of_find_device_by_node Use put_device to release the object get through of_find_device_by_node… | |||
| CVE-2023-53388 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtk_drm_bind() can fail, in which case drm_dev_put() is called, destroyin… | |||
| CVE-2023-53435 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of cas_init_one() cas_saturn_firmware_init() allocates some memory using vm… | |||
| CVE-2023-53436 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: scsi: snic: Fix possible memory leak if device_add() fails If device_add() returns error, the name allocated by dev_set_name() ne… | |||
| CVE-2023-53439 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: skb_partial_csum_set() fix against transport header magic value skb->transport_header uses the special 0xFFFF value to mark … | |||
| CVE-2023-53438 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: x86/MCE: Always save CS register on AMD Zen IF Poison errors The Instruction Fetch (IF) units on current AMD Zen-based systems do… | |||
| CVE-2023-53440 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and deletion of sysf… | |||
| CVE-2023-53447 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fs_remount() syzbot reports a bug as below: general protection fault, probably f… | |||
| CVE-2023-53445 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtr_recvmsg() Syzbot reported a bug as following: refcount_t: addition on 0; use-after-free. .… | |||
| CVE-2023-53446 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcie_link_state->downstream is a pointer to the pci… | |||
| CVE-2023-53448 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: fbdev: imxfb: Removed unneeded release_mem_region Remove unnecessary release_mem_region from the error path to prevent mem region… | |||
| CVE-2023-53449 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: s390/dasd: Fix potential memleak in dasd_eckd_init() `dasd_reserve_req` is allocated before `dasd_vol_info_req`, and it also need… | |||
| CVE-2023-53450 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: ext4: remove a BUG_ON in ext4_mb_release_group_pa() If a malicious fuzzer overwrites the ext4 superblock while it is mounted such… | |||
| CVE-2023-53460 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: fix memory leak in rtw_usb_probe() drivers/net/wireless/realtek/rtw88/usb.c:876 rtw_usb_probe() warn: 'hw' from ieee… | |||
| CVE-2023-53482 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: iommu: Fix error unwind in iommu_group_alloc() If either iommu_group_grate_file() fails then the iommu_group is leaked. Destroy … | |||
| CVE-2023-53484 | unknown | — | — | — | In the Linux kernel, the following vulnerability has been resolved: lib: cpu_rmap: Avoid use after free on rmap->obj array entries When calling irq_set_affinity_notifier() with NULL at the notify a… |