Skip to main content
CVE-2023-38141 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2023-38139 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
1.0%
CVE-2023-36804 HIGH PATCH This Week

Windows GDI Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1507 +11
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2023-36802 HIGH KEV PATCH THREAT This Week

Microsoft Streaming Service Proxy Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Information Disclosure Memory Corruption Microsoft Windows 10 1809 +6
NVD
CVSS 3.1
7.8
EPSS
26.1%
CVE-2023-36796 HIGH PATCH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow RCE Net Framework Net Visual Studio 2017 +2
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2023-36794 HIGH PATCH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Integer Overflow RCE Net Framework Net Visual Studio 2017 +2
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2023-36793 HIGH PATCH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow Net Framework Net +3
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2023-36792 HIGH PATCH This Week

Visual Studio Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Integer Overflow vulnerability could allow attackers to cause unexpected behavior through arithmetic overflow.

Integer Overflow RCE Net Framework Net Visual Studio 2017 +2
NVD
CVSS 3.1
7.8
EPSS
1.4%
CVE-2023-36788 HIGH PATCH This Week

.NET Framework Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Net Framework
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2023-36773 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36772 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36771 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36770 HIGH PATCH This Week

3D Builder Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Builder
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2023-36760 HIGH PATCH This Week

3D Viewer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free RCE Memory Corruption 3D Viewer
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-36742 HIGH PATCH This Week

Visual Studio Code Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

RCE Visual Studio Code
NVD
CVSS 3.1
7.8
EPSS
1.2%
CVE-2023-36740 HIGH PATCH This Week

3D Viewer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Viewer
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-36739 HIGH PATCH This Week

3D Viewer Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Buffer Overflow RCE Heap Overflow 3D Viewer
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2023-35355 HIGH PATCH This Week

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Stack Overflow Buffer Overflow Microsoft Windows 10 1809 Windows 10 21h2 +5
NVD
CVSS 3.1
7.8
EPSS
0.7%
CVE-2023-34470 HIGH This Week

AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper access control via the local network. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Aptio V
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41846 HIGH This Week

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Tecnomatix
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41033 HIGH This Week

A vulnerability has been identified in Parasolid V35.0 (All versions < V35.0.260), Parasolid V35.1 (All versions < V35.1.246), Parasolid V36.0 (All versions < V36.0.156), Simcenter Femap V2301 (All. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Parasolid Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41032 HIGH This Week

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.253), Parasolid V35.1 (All versions < V35.1.184), Parasolid V36.0 (All. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Parasolid Simcenter Femap
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-40728 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Qms Automotive
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-40727 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Jwt Attack Qms Automotive
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-38076 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38075 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Use After Free Information Disclosure Memory Corruption Jt2Go Teamcenter Visualization +1
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38074 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38073 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38072 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38071 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-38070 HIGH This Week

A vulnerability has been identified in JT2Go (All versions < V14.3.0.1), Teamcenter Visualization V13.3 (All versions < V13.3.0.12), Teamcenter Visualization V14.0 (All versions), Teamcenter. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Stack Overflow Buffer Overflow Jt2Go Teamcenter Visualization Tecnomatix Plant Simulation
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2023-3039 HIGH This Week

SD ROM Utility, versions prior to 1.0.2.0 contain an Improper Access Control vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Authentication Bypass Sd Rom Utility
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-25519 HIGH This Week

NVIDIA ConnectX Host Firmware for the BlueField Data Processing Unit contains a vulnerability where a restricted host may cause an incorrect user management error. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Nvidia Privilege Escalation Bluefield 1 Firmware Bluefield 2 Lts Firmware Bluefield 2 Ga Firmware +1
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-41990 HIGH KEV THREAT This Week

The issue was addressed with improved handling of caches. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Apple Ipados Iphone Os macOS +2
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2023-39208 HIGH This Week

Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service XSS Zoom
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-38162 HIGH PATCH This Week

DHCP Server Service Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Integer Overflow Denial Of Service Windows Server 2012 Windows Server 2016 Windows Server 2019 +1
NVD
CVSS 3.1
7.5
EPSS
10.3%
CVE-2023-38149 HIGH PATCH This Week

Windows TCP/IP Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Uncontrolled Resource Consumption vulnerability could allow attackers to cause denial of service by exhausting system resources.

Denial Of Service Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +9
NVD
CVSS 3.1
7.5
EPSS
4.3%
CVE-2023-36763 HIGH PATCH This Week

Microsoft Outlook Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft 365 Apps Office Office Long Term Servicing Channel +1
NVD
CVSS 3.1
7.5
EPSS
1.9%
CVE-2023-37879 HIGH This Week

Insecure storage of sensitive information in Wing FTP Server (User Web Client) allows information elicitation.2.0. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Wing Ftp Server
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-40308 HIGH This Week

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow SAP Commoncryptolib Content Server +7
NVD
CVSS 3.1
7.5
EPSS
0.6%
CVE-2023-40440 HIGH This Week

This issue was addressed with improved state management of S/MIME encrypted emails. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Apple macOS
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-40729 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Qms Automotive
NVD
CVSS 3.1
7.4
EPSS
0.2%
CVE-2023-36762 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity.

RCE Microsoft 365 Apps Office Office Long Term Servicing Channel +2
NVD
CVSS 3.1
7.3
EPSS
1.0%
CVE-2023-40724 HIGH This Week

A vulnerability has been identified in QMS Automotive (All versions < V12.39). Rated high severity (CVSS 7.3), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Qms Automotive
NVD
CVSS 3.1
7.3
EPSS
0.1%
CVE-2023-42472 HIGH This Week

Due to insufficient file type validation, SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) - version 420, allows a report creator to upload files from local system. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP File Upload Information Disclosure Businessobjects Business Intelligence Platform
NVD
CVSS 3.1
7.3
EPSS
0.5%
CVE-2023-21521 HIGH This Week

An SQL Injection vulnerability in the Management Console (Operator Audit Trail) of BlackBerry AtHoc version 7.15 could allow an attacker to potentially read sensitive data from the database, modify. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure SQLi Athoc
NVD
CVSS 3.1
7.2
EPSS
0.5%
CVE-2023-38156 HIGH PATCH This Week

Azure HDInsight Apache Ambari JDBC Injection Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

Apache Code Injection Microsoft Azure Hdinsight
NVD
CVSS 3.1
7.2
EPSS
1.9%
CVE-2023-40623 HIGH This Week

SAP BusinessObjects Suite Installer - version 420, 430, allows an attacker within the network to create a directory under temporary directory and link it to a directory with operating system files. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

SAP Information Disclosure Businessobjects
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2023-36805 HIGH PATCH This Week

Windows MSHTML Platform Security Feature Bypass Vulnerability. Rated high severity (CVSS 7.0), this vulnerability is no authentication required. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

Command Injection Microsoft Windows 10 1507 Windows 10 1607 Windows 10 1809 +8
NVD
CVSS 3.1
7.0
EPSS
2.3%
CVE-2023-39201 MEDIUM This Month

Untrusted search path in CleanZoom before file date 07/24/2023 may allow a privileged user to conduct an escalation of privilege via local access. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Cleanzoom
NVD
CVSS 3.1
6.7
EPSS
0.2%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy