Search Results (364880 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-42526 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42525 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42524 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42523 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42522 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a remote crash of a scanning engine via processing of an import struct in a PE file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42521 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42520 4 Apple, Linux, Microsoft and 1 more 10 Macos, Linux Kernel, Windows and 7 more 2024-11-21 7.5 High
Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data files. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, Linux Security 64 12.0 , Linux Protection 12.0, and WithSecure Atlant (formerly F-Secure Atlant) 1.0.35-1.
CVE-2023-42508 1 Jfrog 1 Artifactory 2024-11-21 6.5 Medium
JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body.
CVE-2023-42507 1 Jtekt 1 Onsinview2 2024-11-21 7.8 High
Stack-based buffer overflow vulnerability exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file.
CVE-2023-42506 1 Jtekt 1 Onsinview2 2024-11-21 7.8 High
Improper restriction of operations within the bounds of a memory buffer issue exists in OnSinView2 versions 2.0.1 and earlier. If this vulnerability is exploited, information may be disclosed or arbitrary code may be executed by having a user open a specially crafted OnSinView2 project file.
CVE-2023-42502 1 Apache 1 Superset 2024-11-21 4.8 Medium
An authenticated attacker with update datasets permission could change a dataset link to an untrusted site by spoofing the HTTP Host header, users could be redirected to this site when clicking on that specific dataset. This issue affects Apache Superset versions before 3.0.0.
CVE-2023-42497 1 Liferay 2 Digital Experience Platform, Liferay Portal 2024-11-21 9.6 Critical
Reflected cross-site scripting (XSS) vulnerability on the Export for Translation page in Liferay Portal 7.4.3.4 through 7.4.3.85, and Liferay DXP 7.4 before update 86 allows remote attackers to inject arbitrary web script or HTML via the `_com_liferay_translation_web_internal_portlet_TranslationPortlet_redirect` parameter.
CVE-2023-42495 1 Dasannetworks 1 W-web 2024-11-21 9.8 Critical
Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVE-2023-42494 1 Busbaer 1 Eisbaer Scada 2024-11-21 7.5 High
EisBaer Scada - CWE-749: Exposed Dangerous Method or Function
CVE-2023-42493 1 Busbaer 1 Eisbaer Scada 2024-11-21 7.1 High
EisBaer Scada - CWE-256: Plaintext Storage of a Password
CVE-2023-42492 1 Busbaer 1 Eisbaer Scada 2024-11-21 7.1 High
EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key
CVE-2023-42491 1 Busbaer 1 Eisbaer Scada 2024-11-21 8.8 High
EisBaer Scada - CWE-285: Improper Authorization
CVE-2023-42490 1 Busbaer 1 Eisbaer Scada 2024-11-21 7.5 High
EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CVE-2023-42489 1 Busbaer 1 Eisbaer Scada 2024-11-21 7.5 High
EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource
CVE-2023-42488 1 Busbaer 1 Eisbaer Scada 2024-11-21 7.5 High
EisBaer Scada - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')