Total
11773 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32075 | 1 Pimcore | 1 Customer Management Framework | 2024-11-21 | N/A | 4.3 MEDIUM |
| The Customer Management Framework (CMF) for Pimcore adds functionality for customer data management. In `pimcore/customer-management-framework-bundle` prior to version 3.3.9, business logic errors are possible in the `Conditions` tab since the counter can be a negative number. This vulnerability is capable of the unlogic in the counter value in the Conditions tab. Users should update to version 3.3.9 to receive a patch or, as a workaround, or apply the patch manually. | |||||
| CVE-2023-32057 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability | |||||
| CVE-2023-32037 | 1 Microsoft | 7 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 4 more | 2024-11-21 | N/A | 6.5 MEDIUM |
| Windows Layer-2 Bridge Network Driver Information Disclosure Vulnerability | |||||
| CVE-2023-32032 | 1 Microsoft | 2 .net, Visual Studio 2022 | 2024-11-21 | N/A | 6.5 MEDIUM |
| .NET and Visual Studio Elevation of Privilege Vulnerability | |||||
| CVE-2023-31455 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | N/A | 7.5 HIGH |
| Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort. | |||||
| CVE-2023-31320 | 1 Amd | 113 Radeon Pro Vega 56, Radeon Pro Vega 56 Firmware, Radeon Pro Vega 64 and 110 more | 2024-11-21 | N/A | 7.5 HIGH |
| Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of service. | |||||
| CVE-2023-31289 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | N/A | 7.5 HIGH |
| Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort. | |||||
| CVE-2023-31203 | 1 Intel | 1 Openvino Model Server | 2024-11-21 | N/A | 4.3 MEDIUM |
| Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via network access. | |||||
| CVE-2023-31162 | 1 Selinc | 20 Sel-2241 Rtac Module, Sel-2241 Rtac Module Firmware, Sel-3350 and 17 more | 2024-11-21 | N/A | 4.8 MEDIUM |
| An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to arbitrarily alter the content of a configuration file. See SEL Service Bulletin dated 2022-11-15 for more details. | |||||
| CVE-2023-31161 | 1 Selinc | 10 Sel-3350, Sel-3350 Firmware, Sel-3532 and 7 more | 2024-11-21 | N/A | 5.9 MEDIUM |
| An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow an authenticated remote attacker to use internal resources, allowing a variety of potential effects. See SEL Service Bulletin dated 2022-11-15 for more details. | |||||
| CVE-2023-31149 | 1 Selinc | 20 Sel-2241 Rtac Module, Sel-2241 Rtac Module Firmware, Sel-3350 and 17 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. | |||||
| CVE-2023-31148 | 1 Selinc | 20 Sel-2241 Rtac Module, Sel-2241 Rtac Module Firmware, Sel-3350 and 17 more | 2024-11-21 | N/A | 9.1 CRITICAL |
| An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. | |||||
| CVE-2023-31039 | 1 Apache | 1 Brpc | 2024-11-21 | N/A | 9.8 CRITICAL |
| Security vulnerability in Apache bRPC <1.5.0 on all platforms allows attackers to execute arbitrary code via ServerOptions::pid_file. An attacker that can influence the ServerOptions pid_file parameter with which the bRPC server is started can execute arbitrary code with the permissions of the bRPC process. Solution: 1. upgrade to bRPC >= 1.5.0, download link: https://dist.apache.org/repos/dist/release/brpc/1.5.0/ https://dist.apache.org/repos/dist/release/brpc/1.5.0/ 2. If you are using an old version of bRPC and hard to upgrade, you can apply this patch: https://github.com/apache/brpc/pull/2218 https://github.com/apache/brpc/pull/2218 | |||||
| CVE-2023-31035 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| NVIDIA DGX A100 SBIOS contains a vulnerability where an attacker may cause an SMI callout vulnerability that could be used to execute arbitrary code at the SMM level. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | |||||
| CVE-2023-31028 | 2024-11-21 | N/A | 2.8 LOW | ||
| NVIDIA nvJPEG2000 Library for Windows and Linux contains a vulnerability where improper input validation might enable an attacker to use a specially crafted input file. A successful exploit of this vulnerability might lead to a partial denial of service. | |||||
| CVE-2023-31013 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 6.1 MEDIUM |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||
| CVE-2023-31012 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 6.1 MEDIUM |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||
| CVE-2023-31011 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 5.2 MEDIUM |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges and information disclosure. | |||||
| CVE-2023-31010 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 6.8 MEDIUM |
| NVIDIA DGX H100 BMC contains a vulnerability in IPMI, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to escalation of privileges, information disclosure, and denial of service. | |||||
| CVE-2023-31009 | 1 Nvidia | 2 Dgx H100, Dgx H100 Firmware | 2024-11-21 | N/A | 8.3 HIGH |
| NVIDIA DGX H100 BMC contains a vulnerability in the REST service, where an attacker may cause improper input validation. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, and information disclosure. | |||||