Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-23517 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-03-08 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2023-23518 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2023-03-08 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3, tvOS 16.3, Safari 16.3, watchOS 9.3, iOS 16.3 and iPadOS 16.3, macOS Big Sur 11.7.3. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-22668 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2023-03-08 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive user information. | |||||
| CVE-2022-32855 | 1 Apple | 2 Ipados, Iphone Os | 2023-03-08 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the lock screen. | |||||
| CVE-2022-32824 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2023-03-08 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel memory. | |||||
| CVE-2022-32846 | 1 Apple | 1 Music | 2023-03-08 | N/A | 7.5 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. | |||||
| CVE-2022-32900 | 1 Apple | 1 Macos | 2023-03-08 | N/A | 7.8 HIGH |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges. | |||||
| CVE-2019-15237 | 2 Fedoraproject, Roundcube | 2 Fedora, Webmail | 2023-03-07 | 4.3 MEDIUM | 7.4 HIGH |
| Roundcube Webmail through 1.3.9 mishandles Punycode xn-- domain names, leading to homograph attacks. | |||||
| CVE-2023-25266 | 1 Docmosis | 1 Tornado | 2023-03-07 | N/A | 8.8 HIGH |
| An issue was discovered in Docmosis Tornado prior to version 2.9.5. An authenticated attacker can change the Office directory setting pointing to an arbitrary remote network path. This triggers the execution of the soffice binary under the attackers control leading to arbitrary remote code execution (RCE). | |||||
| CVE-2023-26609 | 1 Abus | 2 Tvip 20000-21150, Tvip 20000-21150 Firmware | 2023-03-07 | N/A | 7.2 HIGH |
| ABUS TVIP 20000-21150 devices allows remote attackers to execute arbitrary code via shell metacharacters in the /cgi-bin/mft/wireless_mft ap field. | |||||
| CVE-2022-1289 | 1 Tildearrow | 1 Furnace | 2023-03-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| A denial of service vulnerability was found in tildearrow Furnace. It has been classified as problematic. This is due to an incomplete fix of CVE-2022-1211. It is possible to initiate the attack remotely but it requires user interaction. The issue got fixed with the patch 0eb02422d5161767e9983bdaa5c429762d3477ce. | |||||
| CVE-2023-25812 | 1 Minio | 1 Minio | 2023-03-07 | N/A | 8.8 HIGH |
| Minio is a Multi-Cloud Object Storage framework. Affected versions do not correctly honor a `Deny` policy on ByPassGoverance. Ideally, minio should return "Access Denied" to all users attempting to DELETE a versionId with the special header `X-Amz-Bypass-Governance-Retention: true`. However, this was not honored instead the request will be honored and an object under governance would be incorrectly deleted. All users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2022-32949 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2023-03-07 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32902 | 1 Apple | 1 Macos | 2023-03-07 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences. | |||||
| CVE-2022-32844 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2023-03-07 | N/A | 6.3 MEDIUM |
| A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication. | |||||
| CVE-2022-32836 | 1 Apple | 1 Music | 2023-03-07 | N/A | 7.5 HIGH |
| This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. | |||||
| CVE-2022-32784 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2023-03-07 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data. | |||||
| CVE-2020-9846 | 1 Apple | 1 Macos | 2023-03-07 | N/A | 5.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs. | |||||
| CVE-2002-1716 | 1 Microsoft | 1 Office | 2023-03-07 | 5.0 MEDIUM | N/A |
| The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability. | |||||
| CVE-2016-15024 | 1 Doomsider Shadow Project | 1 Doomsider Shadow | 2023-03-07 | N/A | 5.5 MEDIUM |
| A vulnerability was found in doomsider shadow. It has been classified as problematic. Affected is an unknown function. The manipulation leads to denial of service. Attacking locally is a requirement. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is 3332c5ba9ec3014ddc74e2147190a050eee97bc0. It is recommended to apply a patch to fix this issue. VDB-221478 is the identifier assigned to this vulnerability. | |||||