Total
10666 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-46289 | 1 Rockwellautomation | 1 Factorytalk View | 2023-11-07 | N/A | 7.5 HIGH |
| Rockwell Automation FactoryTalk View Site Edition insufficiently validates user input, which could potentially allow threat actors to send malicious data bringing the product offline. If exploited, the product would become unavailable and require a restart to recover resulting in a denial-of-service condition. | |||||
| CVE-2022-3429 | 1 Lenovo | 6 G263dns, G263dns Firmware, Gm265dn and 3 more | 2023-11-07 | N/A | 6.5 MEDIUM |
| A denial-of-service vulnerability was found in the firmware used in Lenovo printers, where users send illegal or malformed strings to an open port, triggering a denial of service that causes a display error and prevents the printer from functioning properly. | |||||
| CVE-2023-34152 | 3 Fedoraproject, Imagemagick, Redhat | 4 Extra Packages For Enterprise Linux, Fedora, Imagemagick and 1 more | 2023-11-07 | N/A | 9.8 CRITICAL |
| A vulnerability was found in ImageMagick. This security flaw cause a remote code execution vulnerability in OpenBlob with --enable-pipes configured. | |||||
| CVE-2023-34086 | 1 Intel | 142 Compute Element Stk2mv64cc, Compute Element Stk2mv64cc Firmware, Nuc Board Nuc7i3bnb and 139 more | 2023-11-07 | N/A | 6.7 MEDIUM |
| Improper input validation in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-32617 | 1 Intel | 46 Compute Stick Stk2mv64cc, Compute Stick Stk2mv64cc Firmware, Nuc 7 Enthusiast Nuc7i7bnhxg and 43 more | 2023-11-07 | N/A | 6.7 MEDIUM |
| Improper input validation in some Intel(R) NUC Rugged Kit, Intel(R) NUC Kit and Intel(R) Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-31047 | 2 Djangoproject, Fedoraproject | 2 Django, Fedora | 2023-11-07 | N/A | 9.8 CRITICAL |
| In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise. | |||||
| CVE-2023-30952 | 1 Palantir | 1 Foundry | 2023-11-07 | N/A | 4.3 MEDIUM |
| A security defect was discovered in Foundry Issues that enabled users to create convincing phishing links by editing the request sent when creating an Issue. This defect was resolved in Frontend release 6.228.0 . | |||||
| CVE-2023-30712 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation in Settings Suggestions prior to SMR Sep-2023 Release 1 allows attackers to launch arbitrary activity. | |||||
| CVE-2023-30690 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in Duo prior to SMR Oct-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30664 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30663 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in OemPersonalizationSetLock in libsec-ril prior to SMR Jul-2023 Release 1 allows local attackers to cause an Out-Of-Bounds write. | |||||
| CVE-2023-30659 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in Transaction prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30658 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in DataProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30657 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30656 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in LSOItemData prior to SMR Jul-2023 Release 1 allows attackers to launch certain activities. | |||||
| CVE-2023-30655 | 1 Samsung | 1 Android | 2023-11-07 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in SCEPProfile prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-29494 | 1 Intel | 48 Nuc 11 Pro Board Nuc11tnbi3, Nuc 11 Pro Board Nuc11tnbi30z, Nuc 11 Pro Board Nuc11tnbi30z Firmware and 45 more | 2023-11-07 | N/A | 6.7 MEDIUM |
| Improper input validation in BIOS firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-28733 | 1 Acymailing | 1 Acymailing | 2023-11-07 | N/A | 6.1 MEDIUM |
| AnyMailing Joomla Plugin is vulnerable to stored cross site scripting (XSS) in templates and emails of AcyMailing, exploitable without authentication when access is granted to the campaign's creation on front-office. This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0. | |||||
| CVE-2023-28732 | 1 Acymailing | 1 Acymailing | 2023-11-07 | N/A | 7.5 HIGH |
| Missing access control in AnyMailing Joomla Plugin allows to list and access files containing sensitive information from the plugin itself and access to system files via path traversal, when being granted access to the campaign's creation on front-office. This issue affects AnyMailing Joomla Plugin in versions below 8.3.0. | |||||
| CVE-2023-28731 | 1 Acymailing | 1 Acymailing | 2023-11-07 | N/A | 9.8 CRITICAL |
| AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected. This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0. | |||||