CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2023-40687 IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 2... | 5.3 | MEDIUM | — | 0 |
| CVE-2023-32841 In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges... | 7.5 | HIGH | — | 0 |
| CVE-2023-32842 In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges... | 7.5 | HIGH | — | 0 |
| CVE-2023-32844 In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges... | 7.5 | HIGH | — | 0 |
| CVE-2023-32845 In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges... | 7.5 | HIGH | — | 0 |
| CVE-2023-32846 In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges... | 7.5 | HIGH | — | 0 |
| CVE-2023-32847 In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ne... | 7.8 | HIGH | — | 0 |
| CVE-2023-32848 In vdec, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32849 In cmdq, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exp... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32850 In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is nee... | 7.8 | HIGH | — | 0 |
| CVE-2023-32851 In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is ... | 7.8 | HIGH | — | 0 |
| CVE-2023-32852 In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is ... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-32853 In rpmb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32855 In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32856 In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not ne... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-32857 In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not ne... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-32858 In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed... | 4.4 | MEDIUM | — | 0 |
| CVE-2023-5767 A vulnerability exists in the webserver that affects the RTU500 series product versions listed below. A malicious actor could perform cross-site scripting on the webserver due to an RDT language f... | 6.0 | MEDIUM | — | 0 |
| CVE-2023-32859 In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not ne... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32860 In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32861 In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not n... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32862 In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not n... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32864 In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is ... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32865 In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is ... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32866 In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed... | 6.7 | MEDIUM | — | 0 |
| CVE-2023-32867 In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not... | 6.7 | MEDIUM | — | 0 |
| CVE-2025-57966 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Gallery Lightbox gallery-lightbox-slider allows Stored XSS.This issue affects Gallery Lig... | N/A | NONE | — | 0 |
| CVE-2023-49093 HtmlUnit is a GUI-less browser for Java programs. HtmlUnit is vulnerable to Remote Code Execution (RCE) via XSTL, when browsing the attacker’s webpage. This vulnerability has been patched in version 3... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-49108 Path traversal vulnerability exists in RakRak Document Plus Ver.3.2.0.0 to Ver.6.4.0.7 (excluding Ver.6.1.1.3a). If this vulnerability is exploited, arbitrary files on the server may be obtained or de... | 8.8 | HIGH | — | 0 |
| CVE-2023-49287 TinyDir is a lightweight C directory and file reader. Buffer overflows in the `tinydir_file_open()` function. This vulnerability has been patched in version 1.2.6. | 7.7 | HIGH | — | 0 |
| CVE-2023-5332 Patch in third party library Consul requires 'enable-script-checks' to be set to False. This was required to enable a patch by the vendor. Without this setting the patch could be bypassed. This only a... | 5.9 | MEDIUM | — | 0 |
| CVE-2023-44291 Dell DM5500 5.14.0.0 contains an OS command injection vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability, leading to the execution o... | 7.2 | HIGH | — | 0 |
| CVE-2023-44300 Dell DM5500 5.14.0.0, contain a Plain-text Password Storage Vulnerability in the appliance. A local attacker with privileges could potentially exploit this vulnerability, leading to the disclosure ... | 5.5 | MEDIUM | — | 0 |
| CVE-2023-44301 Dell DM5500 5.14.0.0 and prior contain a Reflected Cross-Site Scripting Vulnerability. A network attacker with low privileges could potentially exploit this vulnerability, leading to the execution ... | 5.4 | MEDIUM | — | 0 |
| CVE-2023-44302 Dell DM5500 5.14.0.0 and prior contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access of resources or function... | 8.1 | HIGH | — | 0 |
| CVE-2023-44304 Dell DM5500 contains a privilege escalation vulnerability in the appliance. A remote attacker with low privileges could potentially exploit this vulnerability to escape the restricted shell and gai... | 8.8 | HIGH | — | 0 |
| CVE-2023-44305 Dell DM5500 5.14.0.0, contains a Stack-based Buffer Overflow Vulnerability in the appliance. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execu... | 8.1 | HIGH | — | 0 |
| CVE-2023-5108 The Easy Newsletter Signups WordPress plugin through 1.0.4 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileg... | 7.2 | HIGH | — | 0 |
| CVE-2023-44306 Dell DM5500 contains a path traversal vulnerability in the appliance. A remote attacker with high privileges could potentially exploit this vulnerability to overwrite configuration files stored on ... | 6.5 | MEDIUM | — | 0 |
| CVE-2023-6481 A serialization vulnerability in logback receiver component part of logback version 1.4.13, 1.3.13 and 1.2.12 allows an attacker to mount a Denial-Of-Service attack by sending poisoned data. | 7.1 | HIGH | — | 0 |
| CVE-2023-32804 Out-of-bounds Write vulnerability in Arm Ltd Midgard GPU Userspace Driver, Arm Ltd Bifrost GPU Userspace Driver, Arm Ltd Valhall GPU Userspace Driver, Arm Ltd Arm 5th Gen GPU Architecture Userspace Dr... | 7.8 | HIGH | — | 0 |
| CVE-2023-48799 TOTOLINK-X6000R Firmware-V9.4.0cu.852_B20230719 is vulnerable to Command Execution. | 9.8 | CRITICAL | — | 0 |
| CVE-2023-48800 In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_417338 function obtains fields from the front-end, connects them through the snprintf function, and passes them to the CsteSyste... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-6460 A potential logging of the firestore key via logging within nodejs-firestore exists - Developers who were logging objects through this._settings would be logging the firestore key as well potentially ... | 4.0 | MEDIUM | — | 0 |
| CVE-2023-5768 A vulnerability exists in the HCI IEC 60870-5-104 that affects the RTU500 series product versions listed below. Incomplete or wrong received APDU frame layout may cause blocking on link layer. Error... | 5.9 | MEDIUM | — | 0 |
| CVE-2023-48965 An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file. | 8.8 | HIGH | — | 0 |
| CVE-2023-48966 An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file. | 8.8 | HIGH | — | 0 |
| CVE-2023-48910 Microcks up to 1.17.1 was discovered to contain a Server-Side Request Forgery (SSRF) via the component /jobs and /artifact/download. This vulnerability allows attackers to access network resources and... | 9.8 | CRITICAL | — | 0 |
| CVE-2023-48967 Ssolon <= 2.6.0 and <=2.5.12 is vulnerable to Deserialization of Untrusted Data. | 9.8 | CRITICAL | — | 0 |
| CVE-2023-47106 Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server... | 4.8 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.