Total
10018 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20718 | 3 Google, Mediatek, Yoctoproject | 31 Android, Mt6768, Mt6769 and 28 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| In vcu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07645181; Issue ID: ALPS07645181. | |||||
| CVE-2023-25937 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-31047 | 2 Djangoproject, Fedoraproject | 2 Django, Fedora | 2024-02-04 | N/A | 9.8 CRITICAL |
| In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise. | |||||
| CVE-2022-25976 | 1 Intel | 1 Virtual Raid On Cpu | 2024-02-04 | N/A | 5.5 MEDIUM |
| Improper input validation in the Intel(R) VROC software before version 7.7.6.1003 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-25936 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2022-20542 | 1 Google | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| In parseParamsBlob of types.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238083570 | |||||
| CVE-2023-37241 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-04 | N/A | 7.5 HIGH |
| Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart. | |||||
| CVE-2023-28060 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-1789 | 2024-02-04 | N/A | 9.8 CRITICAL | ||
| Improper Input Validation in GitHub repository firefly-iii/firefly-iii prior to 6.0.0. | |||||
| CVE-2023-28058 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-25859 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-02-04 | N/A | 7.8 HIGH |
| Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-20710 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2024-02-04 | N/A | 4.4 MEDIUM |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07576935; Issue ID: ALPS07576935. | |||||
| CVE-2023-20708 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581655; Issue ID: ALPS07581655. | |||||
| CVE-2022-42477 | 1 Fortinet | 1 Fortianalyzer | 2024-02-04 | N/A | 5.5 MEDIUM |
| An improper input validation vulnerability [CWE-20] in FortiAnalyzer version 7.2.1 and below, version 7.0.6 and below, 6.4 all versions may allow an authenticated attacker to disclose file system information via custom dataset SQL queries. | |||||
| CVE-2022-47378 | 1 Codesys | 17 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 14 more | 2024-02-04 | N/A | 6.5 MEDIUM |
| Multiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition. | |||||
| CVE-2023-28052 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-20719 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6739 and 24 more | 2024-02-04 | N/A | 4.4 MEDIUM |
| In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583. | |||||
| CVE-2023-29780 | 1 3reality | 2 3rsb015bz, 3rsb015bz Firmware | 2024-02-04 | N/A | 7.5 HIGH |
| Third Reality Smart Blind 1.00.54 contains a denial-of-service vulnerability, which allows a remote attacker to send malicious Zigbee messages to a vulnerable device and cause crashes. | |||||
| CVE-2022-47392 | 1 Codesys | 17 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 14 more | 2024-02-04 | N/A | 6.5 MEDIUM |
| An authenticated, remote attacker may use a improper input validation vulnerability in the CmpApp/CmpAppBP/CmpAppForce Components of multiple CODESYS products in multiple versions to read from an invalid address which can lead to a denial-of-service condition. | |||||
| CVE-2023-25879 | 2024-02-04 | N/A | 7.8 HIGH | ||
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||