Total
10666 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20698 | 3 Canonical, Clamav, Debian | 3 Ubuntu Linux, Clamav, Debian Linux | 2023-10-01 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper checks that may result in an invalid pointer read. An attacker could exploit this vulnerability by sending a crafted OOXML file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to crash, resulting in a denial of service condition. | |||||
| CVE-2021-30004 | 1 W1.fi | 2 Hostapd, Wpa Supplicant | 2023-09-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c. | |||||
| CVE-2020-12351 | 1 Linux | 1 Linux Kernel | 2023-09-28 | 5.8 MEDIUM | 8.8 HIGH |
| Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2022-26047 | 1 Intel | 352 Converged Security And Manageability Engine, Core I3-1000g1 Firmware, Core I3-1000g4 Firmware and 349 more | 2023-09-27 | N/A | 6.5 MEDIUM |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-2315 | 1 Opencart | 1 Opencart | 2023-09-27 | N/A | 8.8 HIGH |
| Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server | |||||
| CVE-2022-3661 | 1 Google | 1 Chrome | 2023-09-27 | N/A | 4.3 MEDIUM |
| Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension. (Chromium security severity: Low) | |||||
| CVE-2022-48605 | 1 Huawei | 2 Emui, Harmonyos | 2023-09-26 | N/A | 9.8 CRITICAL |
| Input verification vulnerability in the fingerprint module. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability. | |||||
| CVE-2023-42798 | 1 Hollowaykeanho | 1 Automataci | 2023-09-26 | N/A | 9.1 CRITICAL |
| AutomataCI is a template git repository equipped with a native built-in semi-autonomous CI tools. An issue in versions 1.4.1 and below can let a release job reset the git root repository to the first commit. Version 1.5.0 has a patch for this issue. As a workaround, make sure the `PROJECT_PATH_RELEASE` (e.g. `releases/`) directory is manually and actually `git cloned` properly, making it a different git repostiory from the root git repository. | |||||
| CVE-2023-41303 | 1 Huawei | 2 Emui, Harmonyos | 2023-09-25 | N/A | 7.5 HIGH |
| Command injection vulnerability in the distributed file system module. Successful exploitation of this vulnerability may cause variables in the sock structure to be modified. | |||||
| CVE-2023-41300 | 1 Huawei | 2 Emui, Harmonyos | 2023-09-25 | N/A | 7.5 HIGH |
| Vulnerability of parameters not being strictly verified in the PMS module. Successful exploitation of this vulnerability may cause the system to restart. | |||||
| CVE-2023-42805 | 1 Quinn Project | 1 Quinn | 2023-09-25 | N/A | 7.5 HIGH |
| quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases. | |||||
| CVE-2023-25533 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 9.8 CRITICAL |
| NVIDIA DGX H100 BMC contains a vulnerability in the web UI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to information disclosure, code execution, and escalation of privileges. | |||||
| CVE-2023-25534 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 9.8 CRITICAL |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | |||||
| CVE-2023-25530 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 9.8 CRITICAL |
| NVIDIA DGX H100 BMC contains a vulnerability in the KVM service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | |||||
| CVE-2023-31008 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 7.8 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of services, escalation of privileges, and information disclosure. | |||||
| CVE-2023-31009 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 9.8 CRITICAL |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | |||||
| CVE-2023-31010 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 8.8 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of service. | |||||
| CVE-2023-31011 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 8.8 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||
| CVE-2023-31012 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 8.8 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||
| CVE-2023-31013 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2023-09-22 | N/A | 8.8 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||