Total
1660 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-23407 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2024-08-02 | 7.1 High |
| Windows Point-to-Point Protocol over Ethernet (PPPoE) Remote Code Execution Vulnerability | ||||
| CVE-2023-23039 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.7 Medium |
| An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open(), aka a race condition between vcc_open() and vcc_remove(). | ||||
| CVE-2023-22499 | 1 Deno | 1 Deno | 2024-08-02 | 7.5 High |
| Deno is a runtime for JavaScript and TypeScript that uses V8 and is built in Rust. Multi-threaded programs were able to spoof interactive permission prompt by rewriting the prompt to suggest that program is waiting on user confirmation to unrelated action. A malicious program could clear the terminal screen after permission prompt was shown and write a generic message. This situation impacts users who use Web Worker API and relied on interactive permission prompt. The reproduction is very timing sensitive and can’t be reliably reproduced on every try. This problem can not be exploited on systems that do not attach an interactive prompt (for example headless servers). The problem has been fixed in Deno v1.29.3; it is recommended all users update to this version. Users are advised to upgrade. Users unable to upgrade may run with --no-prompt flag to disable interactive permission prompts. | ||||
| CVE-2023-22276 | 1 Intel | 6 Ethernet Network Controller E810-cam1, Ethernet Network Controller E810-cam1 Firmware, Ethernet Network Controller E810-cam2 and 3 more | 2024-08-02 | 6.5 Medium |
| Race condition in firmware for some Intel(R) Ethernet Controllers and Adapters E810 Series before version 1.7.2.4 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-21766 | 1 Microsoft | 13 Windows 10, Windows 10 1507, Windows 10 1607 and 10 more | 2024-08-02 | 4.7 Medium |
| Windows Overlay Filter Information Disclosure Vulnerability | ||||
| CVE-2023-21733 | 1 Microsoft | 11 Windows 10 20h2, Windows 10 20h2, Windows 10 21h2 and 8 more | 2024-08-02 | 7 High |
| Windows Bind Filter Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-21771 | 1 Microsoft | 8 Windows 10, Windows 10 20h2, Windows 10 21h2 and 5 more | 2024-08-02 | 7 High |
| Windows Local Session Manager (LSM) Elevation of Privilege Vulnerability | ||||
| CVE-2023-21725 | 1 Microsoft | 1 Windows Malicious Software Removal Tool | 2024-08-02 | 6.3 Medium |
| Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability | ||||
| CVE-2023-21712 | 1 Microsoft | 23 Windows 10, Windows 10 1507, Windows 10 1607 and 20 more | 2024-08-02 | 8.1 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2023-21679 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2024-08-02 | 8.1 High |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | ||||
| CVE-2023-21546 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2024-08-02 | 8.1 High |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability | ||||
| CVE-2023-21542 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 7 and 10 more | 2024-08-02 | 7 High |
| Windows Installer Elevation of Privilege Vulnerability | ||||
| CVE-2023-21536 | 1 Microsoft | 13 Windows 10 1809, Windows 10 20h2, Windows 10 20h2 and 10 more | 2024-08-02 | 4.7 Medium |
| Event Tracing for Windows Information Disclosure Vulnerability | ||||
| CVE-2023-21535 | 1 Microsoft | 22 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 19 more | 2024-08-02 | 8.1 High |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | ||||
| CVE-2023-21290 | 1 Google | 1 Android | 2024-08-02 | 5.5 Medium |
| In update of MmsProvider.java, there is a possible way to bypass file permission checks due to a race condition. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21262 | 1 Google | 1 Android | 2024-08-02 | 3.1 Low |
| In startInput of AudioPolicyInterfaceImpl.cpp, there is a possible way of erroneously displaying the microphone privacy indicator due to a race condition. This could lead to false user expectations. User interaction is needed for exploitation. | ||||
| CVE-2023-21095 | 1 Google | 1 Android | 2024-08-02 | 4.7 Medium |
| In canStartSystemGesture of RecentsAnimationDeviceState.java, there is a possible partial lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12L Android-13Android ID: A-242704576 | ||||
| CVE-2023-21178 | 1 Google | 1 Android | 2024-08-02 | 4.1 Medium |
| In installKey of KeyUtil.cpp, there is a possible failure of file encryption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-140762419 | ||||
| CVE-2023-21101 | 1 Google | 1 Android | 2024-08-02 | 7.0 High |
| In multiple functions of WVDrmPlugin.cpp, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-258189255 | ||||
| CVE-2023-21031 | 1 Google | 1 Android | 2024-08-02 | 4.7 Medium |
| In setPowerMode of HWC2.cpp, there is a possible out of bounds read due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-242688355 | ||||