Total
29603 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28378 | 2 Intel, Microsoft | 4 Quickassist Technology, Quickassist Technology Firmware, Quickassist Technology Library and 1 more | 2024-11-21 | 6.7 Medium |
| Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-27995 | 1 Fortinet | 1 Fortisoar | 2024-11-21 | 7.2 High |
| A improper neutralization of special elements used in a template engine vulnerability in Fortinet FortiSOAR 7.3.0 through 7.3.1 allows an authenticated, remote attacker to execute arbitrary code via a crafted payload. | ||||
| CVE-2023-27879 | 1 Intel | 8 Optane Memory H20 With Solid State Storage, Optane Memory H20 With Solid State Storage Firmware, Optane Ssd 905p and 5 more | 2024-11-21 | 6.8 Medium |
| Improper access control in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access. | ||||
| CVE-2023-27509 | 1 Intel | 1 Ispc Software Installer | 2024-11-21 | 6.6 Medium |
| Improper access control in some Intel(R) ISPC software installers before version 1.19.0 may allow an authenticated user to potentially enable escalation of privileges via local access. | ||||
| CVE-2023-27383 | 1 Intel | 5 Advisor, Inspector, Mpi Library and 2 more | 2024-11-21 | 6.8 Medium |
| Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may allow a privileged user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2023-27318 | 1 Netapp | 1 Storagegrid | 2024-11-21 | 6.5 Medium |
| StorageGRID (formerly StorageGRID Webscale) versions 11.6.0 through 11.6.0.13 are susceptible to a Denial of Service (DoS) vulnerability. A successful exploit could lead to a crash of the Local Distribution Router (LDR) service. | ||||
| CVE-2023-27279 | 1 Ibm | 1 Aspera Faspex | 2024-11-21 | 6.5 Medium |
| IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a user to cause a denial of service due to missing API rate limiting. IBM X-Force ID: 248533. | ||||
| CVE-2023-26586 | 1 Intel | 7 Killer, Killer Wi-fi 6e Ax1675, Killer Wi-fi 6e Ax1690 and 4 more | 2024-11-21 | 4.3 Medium |
| Uncaught exception for some Intel(R) PROSet/Wireless and Intel(R) Killer(TM) Wi-Fi software before version 22.240 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2023-26077 | 2 Atera, Microsoft | 2 Atera, Windows | 2024-11-21 | 7.8 High |
| Atera Agent through 1.8.3.6 on Windows Creates a Temporary File in a Directory with Insecure Permissions. | ||||
| CVE-2023-25632 | 1 Naver | 1 Whale Browser | 2024-11-21 | 5.5 Medium |
| The Android Mobile Whale browser app before 3.0.1.2 allows the attacker to bypass its browser unlock function via 'Open in Whale' feature. | ||||
| CVE-2023-25608 | 1 Fortinet | 4 Fortiap, Fortiap-c, Fortiap-u and 1 more | 2024-11-21 | 5.2 Medium |
| An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments. | ||||
| CVE-2023-25605 | 1 Fortinet | 1 Fortisoar | 2024-11-21 | 7.5 High |
| A improper access control vulnerability in Fortinet FortiSOAR 7.3.0 - 7.3.1 allows an attacker authenticated on the administrative interface to perform unauthorized actions via crafted HTTP requests. | ||||
| CVE-2023-25519 | 1 Nvidia | 8 Bluefield 1, Bluefield 1 Firmware, Bluefield 2 Ga and 5 more | 2024-11-21 | 7.8 High |
| NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. A successful exploit of this vulnerability may lead to escalation of privileges. | ||||
| CVE-2023-25399 | 1 Scipy | 1 Scipy | 2024-11-21 | 5.5 Medium |
| A refcounting issue which leads to potential memory leak was discovered in scipy commit 8627df31ab in Py_FindObjects() function. Note: This is disputed as a bug and not a vulnerability. SciPy is not designed to be exposed to untrusted users or data directly. | ||||
| CVE-2023-25074 | 1 Gallagher | 1 Command Centre | 2024-11-21 | 7.1 High |
| Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Competencies. This issue affects Command Centre: vEL8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior. | ||||
| CVE-2023-24490 | 1 Citrix | 2 Linux Virtual Delivery Agent, Virtual Apps And Desktops | 2024-11-21 | 6.3 Medium |
| Users with only access to launch VDA applications can launch an unauthorized desktop | ||||
| CVE-2023-24486 | 1 Citrix | 1 Workspace | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in Citrix Workspace app for Linux that, if exploited, may result in a malicious local user being able to gain access to the Citrix Virtual Apps and Desktops session of another user who is using the same computer from which the ICA session is launched. | ||||
| CVE-2023-23576 | 1 Gallagher | 1 Command Centre | 2024-11-21 | 4.3 Medium |
| Incorrect behavior order in the Command Centre Server could allow privileged users to gain physical access to the site for longer than intended after a network outage when competencies are used in the access decision. This issue affects: Gallagher Command Centre: 8.90 prior to vEL8.90.1620 (MR2), 8.80 prior to vEL8.80.1369 (MR3), 8.70 prior to vEL8.70.2375 (MR5), 8.60 prior to vEL8.60.2550 (MR7), all versions of 8.50 and prior. | ||||
| CVE-2023-23568 | 1 Gallagher | 1 Command Centre | 2024-11-21 | 4.3 Medium |
| Improper privilege validation in Command Centre Server allows authenticated unprivileged operators to modify and view Personal Data Fields. This issue affects Command Centre: vEL 8.90 prior to vEL8.90.1318 (MR1), vEL8.80 prior to vEL8.80.1192 (MR2), vEL8.70 prior to vEL8.70.2185 (MR4), vEL8.60 prior to vEL8.60.2347 (MR6), vEL8.50 prior to vEL8.50.2831 (MR8), all versions vEL8.40 and prior | ||||
| CVE-2023-23565 | 1 Geomatika | 1 Isigeo Web | 2024-11-21 | 4.9 Medium |
| An issue was discovered in Geomatika IsiGeo Web 6.0. It allows remote authenticated users to retrieve PHP files from the server via Local File Inclusion. | ||||