Total
11823 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26067 | 1 Lexmark | 163 B2236, B2338, B2442 and 160 more | 2024-08-02 | 8.1 High |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 1 of 4). | ||||
| CVE-2023-26022 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-08-02 | 5.9 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of service as the server may crash when an Out of Memory occurs using the DBMS_OUTPUT module. IBM X-Force ID: 247868. | ||||
| CVE-2023-25930 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-08-02 | 5.9 Medium |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.1, 11.1, and 11.5 is vulnerable to a denial of service. Under rare conditions, setting a special register may cause the Db2 server to terminate abnormally. IBM X-Force ID: 247862. | ||||
| CVE-2023-25927 | 1 Ibm | 1 Security Verify Access | 2024-08-02 | 6.5 Medium |
| IBM Security Verify Access 10.0.0, 10.0.1, 10.0.2, 10.0.3, 10.0.4, and 10.0.5 could allow an attacker to crash the webseald process using specially crafted HTTP requests resulting in loss of access to the system. IBM X-Force ID: 247635. | ||||
| CVE-2023-25879 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-08-02 | 7.8 High |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25867 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-08-02 | 7.8 High |
| Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25901 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-08-02 | 7.8 High |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25772 | 1 Intel | 1 Retail Edge Program | 2024-08-02 | 5 Medium |
| Improper input validation in the Intel(R) Retail Edge Mobile Android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-25881 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-08-02 | 7.8 High |
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25865 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-08-02 | 7.8 High |
| Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-25776 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2024-08-02 | 6.3 Medium |
| Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | ||||
| CVE-2023-25661 | 1 Google | 1 Tensorflow | 2024-08-02 | 6.5 Medium |
| TensorFlow is an Open Source Machine Learning Framework. In versions prior to 2.11.1 a malicious invalid input crashes a tensorflow model (Check Failed) and can be used to trigger a denial of service attack. A proof of concept can be constructed with the `Convolution3DTranspose` function. This Convolution3DTranspose layer is a very common API in modern neural networks. The ML models containing such vulnerable components could be deployed in ML applications or as cloud services. This failure could be potentially used to trigger a denial of service attack on ML cloud services. An attacker must have privilege to provide input to a `Convolution3DTranspose` call. This issue has been patched and users are advised to upgrade to version 2.11.1. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-25692 | 1 Apache | 1 Apache-airflow-providers-google | 2024-08-02 | 7.5 High |
| Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. | ||||
| CVE-2023-25691 | 1 Apache | 1 Apache-airflow-providers-google | 2024-08-02 | 9.8 Critical |
| Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0. | ||||
| CVE-2023-25650 | 1 Zte | 2 Zxcloud Irai, Zxcloud Irai Firmware | 2024-08-02 | 6.5 Medium |
| There is an arbitrary file download vulnerability in ZXCLOUD iRAI. Since the backend does not escape special strings or restrict paths, an attacker with user permission could access the download interface by modifying the request parameter, causing arbitrary file downloads. | ||||
| CVE-2023-25693 | 1 Apache | 1 Apache-airflow-providers-apache-sqoop | 2024-08-02 | 9.8 Critical |
| Improper Input Validation vulnerability in the Apache Airflow Sqoop Provider. This issue affects Apache Airflow Sqoop Provider versions before 3.1.1. | ||||
| CVE-2023-25651 | 1 Zte | 4 Mf286r, Mf286r Firmware, Mf833u1 and 1 more | 2024-08-02 | 4.3 Medium |
| There is a SQL injection vulnerability in some ZTE mobile internet products. Due to insufficient input validation of SMS interface parameter, an authenticated attacker could use the vulnerability to execute SQL injection and cause information leak. | ||||
| CVE-2023-25522 | 1 Nvidia | 4 Dgx A100, Dgx A100 Firmware, Dgx A800 and 1 more | 2024-08-02 | 7.5 High |
| NVIDIA DGX A100/A800 contains a vulnerability in SBIOS where an attacker may cause improper input validation by providing configuration information in an unexpected format. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering. | ||||
| CVE-2023-25175 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2024-08-02 | 6.1 Medium |
| Improper input validation in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable information disclosure via local access. | ||||
| CVE-2023-24950 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2024-08-02 | 6.5 Medium |
| Microsoft SharePoint Server Spoofing Vulnerability | ||||