Total
226656 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-2722 | 3 Debian, Fedoraproject, Google | 4 Debian Linux, Fedora, Android and 1 more | 2023-09-30 | N/A | 8.8 HIGH |
Use after free in Autofill UI in Google Chrome on Android prior to 113.0.5672.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-1530 | 1 Google | 1 Chrome | 2023-09-30 | N/A | 8.8 HIGH |
Use after free in PDF in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-29354 | 1 Microsoft | 1 Edge Chromium | 2023-09-30 | N/A | 4.7 MEDIUM |
Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | |||||
CVE-2023-1813 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2023-09-30 | N/A | 6.5 MEDIUM |
Inappropriate implementation in Extensions in Google Chrome prior to 112.0.5615.49 allowed an attacker who convinced a user to install a malicious extension to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-2459 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 6.5 MEDIUM |
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to bypass permission restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||
CVE-2023-2135 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2023-09-30 | N/A | 7.5 HIGH |
Use after free in DevTools in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who convinced a user to enable specific preconditions to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2023-1531 | 1 Google | 1 Chrome | 2023-09-30 | N/A | 8.8 HIGH |
Use after free in ANGLE in Google Chrome prior to 111.0.5563.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
CVE-2021-30004 | 1 W1.fi | 2 Hostapd, Wpa Supplicant | 2023-09-30 | 5.0 MEDIUM | 5.3 MEDIUM |
In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. | |||||
CVE-2023-1579 | 1 Gnu | 1 Binutils | 2023-09-30 | N/A | 7.8 HIGH |
Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | |||||
CVE-2022-38533 | 2 Fedoraproject, Gnu | 2 Fedora, Binutils | 2023-09-30 | N/A | 5.5 MEDIUM |
In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | |||||
CVE-2023-5300 | 2023-09-30 | N/A | N/A | ||
A vulnerability classified as critical has been found in TTSPlanning up to 20230925. This affects an unknown part. The manipulation of the argument uid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-240939. | |||||
CVE-2022-4285 | 3 Fedoraproject, Gnu, Redhat | 3 Fedora, Binutils, Enterprise Linux | 2023-09-30 | N/A | 5.5 MEDIUM |
An illegal memory access flaw was found in the binutils package. Parsing an ELF file containing corrupt symbol version information may result in a denial of service. This issue is the result of an incomplete fix for CVE-2020-16599. | |||||
CVE-2023-1972 | 1 Gnu | 1 Binutils | 2023-09-30 | N/A | 6.5 MEDIUM |
A potential heap based buffer overflow was found in _bfd_elf_slurp_version_tables() in bfd/elf.c. This may lead to loss of availability. | |||||
CVE-2023-5207 | 2023-09-30 | N/A | N/A | ||
A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user. | |||||
CVE-2023-20588 | 2 Amd, Debian | 63 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 60 more | 2023-09-30 | N/A | 5.5 MEDIUM |
A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. | |||||
CVE-2023-41993 | 1 Apple | 3 Ipad Os, Iphone Os, Safari | 2023-09-30 | N/A | 9.8 CRITICAL |
The issue was addressed with improved checks. This issue is fixed in Safari 17, iOS 16.7 and iPadOS 16.7, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. | |||||
CVE-2023-5298 | 2023-09-30 | N/A | N/A | ||
A vulnerability was found in Tongda OA 2017. It has been rated as critical. Affected by this issue is some unknown functionality of the file general/hr/recruit/requirements/delete.php. The manipulation of the argument REQUIREMENTS_ID leads to sql injection. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. VDB-240938 is the identifier assigned to this vulnerability. | |||||
CVE-2023-39742 | 1 Giflib Project | 1 Giflib | 2023-09-30 | N/A | 5.5 MEDIUM |
giflib v5.2.1 was discovered to contain a segmentation fault via the component getarg.c. | |||||
CVE-2023-5186 | 1 Google | 1 Chrome | 2023-09-30 | N/A | 8.8 HIGH |
Use after free in Passwords in Google Chrome prior to 117.0.5938.132 allowed a remote attacker who convinced a user to engage in specific UI interaction to potentially exploit heap corruption via crafted UI interaction. (Chromium security severity: High) | |||||
CVE-2023-5187 | 1 Google | 1 Chrome | 2023-09-30 | N/A | 8.8 HIGH |
Use after free in Extensions in Google Chrome prior to 117.0.5938.132 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |