Export limit exceeded: 45940 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 363337 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363337 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-46382 1 Loytec 6 Linx-212, Linx-212 Firmware, Liob-586 and 3 more 2025-11-04 7.5 High
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) use cleartext HTTP for login.
CVE-2023-46381 1 Loytec 6 Linx-212, Linx-212 Firmware, Liob-586 and 3 more 2025-11-04 8.2 High
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) lack authentication for the preinstalled version of LWEB-802 via an lweb802_pre/ URI. An unauthenticated attacker can edit any project (or create a new project) and control its GUI.
CVE-2023-46380 1 Loytec 10 L-inx Configurator, Linx-151, Linx-212 and 7 more 2025-11-04 7.5 High
LOYTEC LINX-151, LINX-212, LVIS-3ME12-A1, LIOB-586, LIOB-580 V2, LIOB-588, L-INX Configurator devices (all versions) send password-change requests via cleartext HTTP.
CVE-2023-45866 7 Apple, Bluproducts, Canonical and 4 more 17 Ipados, Iphone Os, Iphone Se and 14 more 2025-11-04 6.3 Medium
Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.
CVE-2023-45842 1 Buildroot 1 Buildroot 2025-11-04 8.1 High
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `mxsldr` package.
CVE-2023-45841 1 Buildroot 1 Buildroot 2025-11-04 8.1 High
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `versal-firmware` package.
CVE-2023-45840 1 Buildroot 1 Buildroot 2025-11-04 8.1 High
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `riscv64-elf-toolchain` package.
CVE-2023-45839 1 Buildroot 1 Buildroot 2025-11-04 8.1 High
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `aufs-util` package.
CVE-2023-45838 1 Buildroot 1 Buildroot 2025-11-04 8.1 High
Multiple data integrity vulnerabilities exist in the package hash checking functionality of Buildroot 2023.08.1 and Buildroot dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.This vulnerability is related to the `aufs` package.
CVE-2023-44444 2 Gimp, Redhat 7 Gimp, Enterprise Linux, Rhel Aus and 4 more 2025-11-04 7.8 High
GIMP PSP File Parsing Off-By-One Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. Crafted data in a PSP file can trigger an off-by-one error when calculating a location to write within a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22097.
CVE-2023-44442 2 Gimp, Redhat 7 Gimp, Enterprise Linux, Rhel Aus and 4 more 2025-11-04 7.8 High
GIMP PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute arbitrary code in the context of the current process. Was ZDI-CAN-22094.
CVE-2023-44441 2 Gimp, Redhat 3 Gimp, Enterprise Linux, Rhel Eus 2025-11-04 7.8 High
GIMP DDS File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DDS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. . Was ZDI-CAN-22093.
CVE-2023-43628 1 Gpsd Project 1 Gpsd 2025-11-04 5.9 Medium
An integer underflow vulnerability exists in the NTRIP Stream Parsing functionality of GPSd 3.25.1~dev. A specially crafted network packet can lead to memory corruption. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2023-43608 1 Buildroot 1 Buildroot 2025-11-04 8.1 High
A data integrity vulnerability exists in the BR_NO_CHECK_HASH_FOR functionality of Buildroot 2023.08.1 and dev commit 622698d7847. A specially crafted man-in-the-middle attack can lead to arbitrary command execution in the builder.
CVE-2023-43040 2 Ibm, Redhat 3 Spectrum Fusion Hci, Storage Fusion Hci, Ceph Storage 2025-11-04 6.5 Medium
IBM Spectrum Fusion HCI 2.5.2 through 2.7.2 could allow an attacker to perform unauthorized actions in RGW for Ceph due to improper bucket access. IBM X-Force ID: 266807.
CVE-2023-42974 1 Apple 4 Ipad Os, Ipados, Iphone Os and 1 more 2025-11-04 7.0 High
A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 12.7.2, macOS Ventura 13.6.3, iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3, macOS Sonoma 14.2. An app may be able to execute arbitrary code with kernel privileges.
CVE-2023-42962 1 Apple 2 Ipados, Iphone Os 2025-11-04 7.5 High
This issue was addressed with improved checks This issue is fixed in iOS 17.2 and iPadOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. A remote attacker may be able to cause a denial-of-service.
CVE-2023-42953 1 Apple 5 Ipad Os, Iphone Os, Macos and 2 more 2025-11-04 5.5 Medium
A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1, watchOS 10.1, macOS Sonoma 14.1, iOS 17.1 and iPadOS 17.1. An app may be able to access sensitive user data.
CVE-2023-42952 1 Apple 3 Ipad Os, Iphone Os, Macos 2025-11-04 4.4 Medium
The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.3, macOS Sonoma 14.1, macOS Monterey 12.7.1. An app with root privileges may be able to access private information.
CVE-2023-42951 1 Apple 2 Ipad Os, Iphone Os 2025-11-04 4.3 Medium
The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS 17.1. A user may be unable to delete browsing history items.