Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-45477 | 1 Yordam | 1 Library Automation System | 2023-03-09 | N/A | 6.5 MEDIUM |
| Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2. | |||||
| CVE-2021-45478 | 1 Yordam | 1 Library Automation System | 2023-03-09 | N/A | 6.5 MEDIUM |
| Improper Handling of Parameters vulnerability in Bordam Information Technologies Library Automation System allows Collect Data as Provided by Users.This issue affects Library Automation System: before 19.2. | |||||
| CVE-2022-45608 | 1 Thingsboard | 1 Thingsboard | 2023-03-08 | N/A | 8.8 HIGH |
| An issue was discovered in ThingsBoard 3.4.1, allows low privileged attackers (CUSTOMER_USER) to gain escalated privileges (vertically) and become an Administrator (TENANT_ADMIN) or (SYS_ADMIN) on the web application. It is important to note that in order to accomplish this, the attacker must know the corresponding API's parameter (authority : value). | |||||
| CVE-2022-3294 | 1 Kubernetes | 1 Kubernetes | 2023-03-08 | N/A | 8.8 HIGH |
| Users may have access to secure endpoints in the control plane network. Kubernetes clusters are only affected if an untrusted user can modify Node objects and send proxy requests to them. Kubernetes supports node proxying, which allows clients of kube-apiserver to access endpoints of a Kubelet to establish connections to Pods, retrieve container logs, and more. While Kubernetes already validates the proxying address for Nodes, a bug in kube-apiserver made it possible to bypass this validation. Bypassing this validation could allow authenticated requests destined for Nodes to to the API server's private network. | |||||
| CVE-2022-46704 | 1 Apple | 1 Macos | 2023-03-08 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to modify protected parts of the file system. | |||||
| CVE-2023-23497 | 1 Apple | 1 Macos | 2023-03-08 | N/A | 7.8 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, macOS Big Sur 11.7.3. An app may be able to gain root privileges. | |||||
| CVE-2023-23496 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-03-08 | N/A | 8.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2023-23498 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-03-08 | N/A | 3.3 LOW |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, iOS 16.3 and iPadOS 16.3. The quoted original message may be selected from the wrong email when forwarding an email from an Exchange account. | |||||
| CVE-2023-23499 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-03-08 | N/A | 5.5 MEDIUM |
| This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. An app may be able to access user-sensitive data. | |||||
| CVE-2023-23503 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-03-08 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to bypass Privacy preferences. | |||||
| CVE-2023-23502 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-03-08 | N/A | 5.5 MEDIUM |
| An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to determine kernel memory layout. | |||||
| CVE-2023-23504 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-03-08 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-23500 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-03-08 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3. An app may be able to leak sensitive kernel state. | |||||
| CVE-2022-46723 | 1 Apple | 1 Macos | 2023-03-08 | N/A | 9.8 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A remote user may be able to write arbitrary files. | |||||
| CVE-2023-22995 | 1 Linux | 1 Linux Kernel | 2023-03-08 | N/A | 7.8 HIGH |
| In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls. | |||||
| CVE-2023-23530 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-03-08 | N/A | 8.6 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | |||||
| CVE-2023-23531 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-03-08 | N/A | 9.9 CRITICAL |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privileges. | |||||
| CVE-2023-23522 | 1 Apple | 1 Macos | 2023-03-08 | N/A | 5.5 MEDIUM |
| A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data.. | |||||
| CVE-2023-23510 | 1 Apple | 1 Macos | 2023-03-08 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user’s Safari history. | |||||
| CVE-2023-23506 | 1 Apple | 1 Macos | 2023-03-08 | N/A | 5.5 MEDIUM |
| A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data. | |||||