Export limit exceeded: 10075 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10075 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40194 | 1 Foxitsoftware | 1 Foxit Reader | 2025-11-04 | 8.8 High |
| An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | ||||
| CVE-2023-39542 | 1 Foxitsoftware | 1 Foxit Reader | 2025-11-04 | 8.8 High |
| A code execution vulnerability exists in the Javascript saveAs API of Foxit Reader 12.1.3.15356. A specially crafted malformed file can create arbitrary files, which can lead to remote code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially crafted, malicious site if the browser plugin extension is enabled. | ||||
| CVE-2023-39171 | 1 Enbw | 2 Senec Storage Box, Senec Storage Box Firmware | 2025-11-04 | 7.2 High |
| SENEC Storage Box V1,V2 and V3 accidentially expose a management UI accessible with publicly known admin credentials. | ||||
| CVE-2023-35985 | 1 Foxitsoftware | 1 Foxit Reader | 2025-11-04 | 8.8 High |
| An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to a failure to properly validate a dangerous extension. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. Exploitation is also possible if a user visits a specially-crafted malicious site if the browser plugin extension is enabled. | ||||
| CVE-2023-34326 | 1 Xen | 1 Xen | 2025-11-04 | 7.8 High |
| The caching invalidation guidelines from the AMD-Vi specification (48882—Rev 3.07-PUB—Oct 2022) is incorrect on some hardware, as devices will malfunction (see stale DMA mappings) if some fields of the DTE are updated but the IOMMU TLB is not flushed. Such stale DMA mappings can point to memory ranges not owned by the guest, thus allowing access to unindented memory regions. | ||||
| CVE-2023-34320 | 2 Arm, Xen | 3 Cortex-a77, Cortex-a77 Firmware, Xen | 2025-11-04 | 5.5 Medium |
| Cortex-A77 cores (r0p0 and r1p0) are affected by erratum 1508412 where software, under certain circumstances, could deadlock a core due to the execution of either a load to device or non-cacheable memory, and either a store exclusive or register read of the Physical Address Register (PAR_EL1) in close proximity. | ||||
| CVE-2023-32275 | 1 Softether | 1 Vpn | 2025-11-04 | 5.5 Medium |
| An information disclosure vulnerability exists in the CtEnumCa() functionality of SoftEther VPN 4.41-9782-beta and 5.01.9674. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability. | ||||
| CVE-2023-27934 | 1 Apple | 1 Macos | 2025-11-04 | 8.8 High |
| A memory initialization issue was addressed. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4. A remote attacker may be able to cause unexpected app termination or arbitrary code execution. | ||||
| CVE-2024-30924 | 1 Derbynet | 1 Derbynet | 2025-11-04 | 4.6 Medium |
| Cross Site Scripting vulnerability in DerbyNet v9.0 and below allows attackers to execute arbitrary code via the checkin.php component. | ||||
| CVE-2024-28219 | 3 Debian, Python, Redhat | 6 Debian Linux, Pillow, Ansible Automation Platform and 3 more | 2025-11-04 | 6.7 Medium |
| In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. | ||||
| CVE-2024-28084 | 2 Fedoraproject, Intel | 2 Fedora, Inet Wireless Daemon | 2025-11-04 | 7.5 High |
| p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails. | ||||
| CVE-2024-25445 | 1 Hugin Project | 1 Hugin | 2025-11-04 | 7.8 High |
| Improper handling of values in HuginBase::PTools::Transform::transform of Hugin 2022.0.0 leads to an assertion failure. | ||||
| CVE-2024-23850 | 1 Linux | 1 Linux Kernel | 2025-11-04 | 5.5 Medium |
| In btrfs_get_root_ref in fs/btrfs/disk-io.c in the Linux kernel through 6.7.1, there can be an assertion failure and crash because a subvolume can be read out too soon after its root item is inserted upon subvolume creation. | ||||
| CVE-2024-23285 | 1 Apple | 1 Macos | 2025-11-04 | 5.5 Medium |
| This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.4. An app may be able to create symlinks to protected regions of the disk. | ||||
| CVE-2024-23284 | 5 Apple, Fedoraproject, Redhat and 2 more | 12 Ipados, Iphone Os, Macos and 9 more | 2025-11-04 | 6.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from being enforced. | ||||
| CVE-2024-20923 | 1 Oracle | 3 Graalvm, Jdk, Jre | 2025-11-04 | 3.1 Low |
| Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaFX). Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). | ||||
| CVE-2023-50172 | 1 Wwbn | 1 Avideo | 2025-11-04 | 5.3 Medium |
| A recovery notification bypass vulnerability exists in the userRecoverPass.php captcha validation functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to the silent creation of a recovery pass code for any user. | ||||
| CVE-2023-49994 | 1 Espeak-ng | 1 Espeak-ng | 2025-11-04 | 5.5 Medium |
| Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception via the function PeaksToHarmspect at wavegen.c. | ||||
| CVE-2023-49935 | 1 Schedmd | 1 Slurm | 2025-11-04 | 8.8 High |
| An issue was discovered in SchedMD Slurm 23.02.x and 23.11.x. There is Incorrect Access Control because of a slurmd Message Integrity Bypass. An attacker can reuse root-level authentication tokens during interaction with the slurmd process. This bypasses the RPC message hashes that protect against undesired MUNGE credential reuse. The fixed versions are 23.02.7 and 23.11.1. | ||||
| CVE-2023-49864 | 1 Wwbn | 1 Avideo | 2025-11-04 | 6.5 Medium |
| An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image upload functionality of WWBN AVideo dev master commit 15fed957fb. A specially crafted HTTP request can lead to arbitrary file read.This vulnerability is triggered by the `downloadURL_image` parameter. | ||||