Skip to main content
CVE-2023-35359 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
11.0%
CVE-2023-20562 HIGH PATCH This Week

Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Amd Information Disclosure Amd Uprof
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-20555 HIGH This Week

Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow RCE Ryzen 3 3300 Firmware Ryzen 3 3300X Firmware +117
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-39549 HIGH PATCH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 2). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39419 HIGH PATCH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Buffer Overflow Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39188 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39187 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39186 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39185 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39184 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39183 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39182 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39181 HIGH This Week

A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 7). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Solid Edge
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-38683 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38682 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Teamcenter Visualization V13.2 (All versions < V13.2.0.14), Teamcenter Visualization V14.1 (All versions < V14.1.0.10),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Jt2Go Teamcenter Visualization
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38681 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-38680 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-38679 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-38641 HIGH PATCH This Week

A vulnerability has been identified in SICAM TOOLBOX II (All versions < V07.10). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Privilege Escalation Sicam Toolbox Ii
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-30796 HIGH This Week

A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Jt Open Toolkit Jt Utilities
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-30795 HIGH PATCH This Week

A vulnerability has been identified in JT Open (All versions < V11.4), JT Utilities (All versions < V13.4), Parasolid V34.0 (All versions < V34.0.253), Parasolid V34.1 (All versions < V34.1.243),. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Jt Open Jt Utilities Parasolid
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-28830 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.2.0.5), Solid Edge SE2022 (All versions < V222.0 Update 13), Solid Edge SE2023 (All versions < V223.0 Update 4), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Jt2Go Teamcenter Visualization +2
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-28577 HIGH PATCH This Week

In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Fastconnect 6800 Firmware Fastconnect 6900 Firmware +28
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28575 HIGH PATCH This Week

The cam_get_device_priv function does not check the type of handle being returned (device/session/link). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Memory Corruption Information Disclosure Aqt1000 Firmware C V2x 9150 Firmware Fastconnect 6200 Firmware +56
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28537 HIGH This Week

Memory corruption while allocating memory in COmxApeDec module in Audio. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow 315 5g Iot Modem Firmware Apq8017 Firmware Aqt1000 Firmware +180
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22666 HIGH This Week

Memory Corruption in Audio while playing amrwbplus clips with modified content. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Buffer Overflow Apq8009 Firmware Apq8017 Firmware Apq8096Au Firmware +169
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21651 HIGH This Week

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware Csra6620 Firmware +136
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21650 HIGH This Week

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Csrb31024 Firmware Qam8295p Firmware Qca6390 Firmware +47
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21649 HIGH PATCH This Week

Memory corruption in WLAN while running doDriverCmd for an unspecific command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Apq8096Au Firmware Aqt1000 Firmware Mdm9628 Firmware Mdm9650 Firmware +61
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21648 HIGH This Week

Memory corruption in RIL while trying to send apdu packet. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Qca6391 Firmware Qca6420 Firmware Qca6430 Firmware +30
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21643 HIGH This Week

Memory corruption due to untrusted pointer dereference in automotive during system call. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8064au Firmware Apq8096Au Firmware Msm8996au Firmware Qam8295p Firmware +20
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-21627 HIGH This Week

Memory corruption in Trusted Execution Environment while calling service API with invalid address. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Qca6390 Firmware Qca6391 Firmware Qca6420 Firmware +44
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-36923 HIGH This Week

SAP SQLA for PowerDesigner 17 bundled with SAP PowerDesigner 16.7 SP06 PL03, allows an attacker with local access to the system, to place a malicious library, that can be executed by the application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

SAP RCE Code Injection Powerdesigner
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-39086 HIGH This Week

ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Rt Ac66U B1 Firmware
NVD VulDB
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-38180 HIGH KEV PATCH THREAT This Week

.NET and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Asp Net Core Visual Studio 2022 Fedora
NVD
CVSS 3.1
7.5
EPSS
15.5%
CVE-2023-35391 HIGH PATCH This Week

ASP.NET Core SignalR and Visual Studio Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Net Asp Net Core Visual Studio 2022
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-3894 HIGH PATCH This Week

Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Jackson Dataformats Text
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-39217 HIGH This Week

Improper input validation in Zoom SDK’s before 5.14.10 may allow an unauthenticated user to enable a denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service XSS Meeting Software Development Kit Video Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-38184 HIGH PATCH This Week

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-38178 HIGH PATCH This Week

.NET Core and Visual Studio Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Net Visual Studio 2022
NVD
CVSS 3.1
7.5
EPSS
2.6%
CVE-2023-38172 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Buffer Overflow Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
1.8%
CVE-2023-36913 HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Use of Uninitialized Resource vulnerability could allow attackers to access uninitialized memory causing crashes or information disclosure.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2023-36912 HIGH PATCH This Week

Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-36907 HIGH PATCH This Week

Windows Cryptographic Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-36906 HIGH PATCH This Week

Windows Cryptographic Services Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Microsoft Windows 10 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
2.0%
CVE-2023-36905 HIGH PATCH This Week

Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.

Buffer Overflow Information Disclosure Microsoft Windows 10 Windows 10 1607 +7
NVD
CVSS 3.1
7.5
EPSS
1.6%
CVE-2023-36533 HIGH This Week

Uncontrolled resource consumption in Zoom SDKs before 5.14.7 may allow an unauthenticated user to enable a denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Meeting Software Development Kit Video Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2023-36532 HIGH This Week

Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Denial Of Service Heap Overflow Rooms Virtual Desktop Infrastructure +1
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2023-35383 HIGH PATCH This Week

Microsoft Message Queuing Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +10
NVD
CVSS 3.1
7.5
EPSS
2.7%
CVE-2023-38773 HIGH This Week

SQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp1 and volopp2 parameters within the /QueryView.php. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

PHP SQLi Churchcrm
NVD GitHub
CVSS 3.1
7.5
EPSS
0.7%
Prev Page 2 of 3 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy