Total
10018 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-28699 | 1 Intel | 38 Nuc7cjyh, Nuc7cjyh Firmware, Nuc7cjyhn and 35 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Improper input validation for some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2023-20721 | 3 Google, Mediatek, Yoctoproject | 8 Android, Mt6879, Mt6895 and 5 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155. | |||||
| CVE-2022-42500 | 1 Google | 1 Android | 2024-02-04 | N/A | 6.7 MEDIUM |
| In OEM_OnRequest of sced.cpp, there is a possible shell command execution due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239701389References: N/A | |||||
| CVE-2023-32480 | 1 Dell | 62 Alienware M15 R7, Alienware M15 R7 Firmware, G15 5510 and 59 more | 2024-02-04 | N/A | 6.8 MEDIUM |
| Dell BIOS contains an Improper Input Validation vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability to perform arbitrary code execution. | |||||
| CVE-2023-25865 | 2024-02-04 | N/A | 7.8 HIGH | ||
| Adobe Substance 3D Stager versions 2.0.0 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-30657 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in EnhancedAttestationResult prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-30664 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in RegisteredMSISDN prior to SMR Jul-2023 Release 1 allows local attackers to launch privileged activities. | |||||
| CVE-2023-28044 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-34421 | 1 Lenovo | 1 Xclarity Administrator | 2024-02-04 | N/A | 6.5 MEDIUM |
| A valid, authenticated LXCA user with elevated privileges may be able to replace filesystem data through a specifically crafted web API call due to insufficient input validation. | |||||
| CVE-2023-2942 | 1 Open-emr | 1 Openemr | 2024-02-04 | N/A | 8.1 HIGH |
| Improper Input Validation in GitHub repository openemr/openemr prior to 7.0.1. | |||||
| CVE-2023-25901 | 2024-02-04 | N/A | 7.8 HIGH | ||
| Adobe Dimension versions 3.4.7 (and earlier) is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-28026 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||
| CVE-2023-31148 | 1 Selinc | 20 Sel-2241 Rtac Module, Sel-2241 Rtac Module Firmware, Sel-3350 and 17 more | 2024-02-04 | N/A | 8.8 HIGH |
| An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller (SEL RTAC) Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details. | |||||
| CVE-2023-28029 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable | |||||
| CVE-2023-20705 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2024-02-04 | N/A | 5.5 MEDIUM |
| In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767870; Issue ID: ALPS07767870. | |||||
| CVE-2023-26068 | 1 Lexmark | 152 B2236, B2338, B2442 and 149 more | 2024-02-04 | N/A | 9.8 CRITICAL |
| Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4). | |||||
| CVE-2023-21501 | 1 Samsung | 1 Android | 2024-02-04 | N/A | 7.8 HIGH |
| Improper input validation vulnerability in mPOS fiserve trustlet prior to SMR May-2023 Release 1 allows local attackers to execute arbitrary code. | |||||
| CVE-2023-26021 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-02-04 | N/A | 7.5 HIGH |
| IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to a denial of service as the server may crash when compiling a specially crafted SQL query using a LIMIT clause. IBM X-Force ID: 247864. | |||||
| CVE-2023-34448 | 2024-02-04 | N/A | 7.2 HIGH | ||
| Grav is a flat-file content management system. Prior to version 1.7.42, the patch for CVE-2022-2073, a server-side template injection vulnerability in Grav leveraging the default `filter()` function, did not block other built-in functions exposed by Twig's Core Extension that could be used to invoke arbitrary unsafe functions, thereby allowing for remote code execution. A patch in version 1.74.2 overrides the built-in Twig `map()` and `reduce()` filter functions in `system/src/Grav/Common/Twig/Extension/GravExtension.php` to validate the argument passed to the filter in `$arrow`. | |||||
| CVE-2023-28059 | 1 Dell | 868 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 865 more | 2024-02-04 | N/A | 6.7 MEDIUM |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable. | |||||