Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-1000365 | 1 Linux | 1 Linux Kernel | 2023-01-17 | 7.2 HIGH | 7.8 HIGH |
| The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23. | |||||
| CVE-2017-1000370 | 1 Linux | 1 Linux Kernel | 2023-01-17 | 7.2 HIGH | 7.8 HIGH |
| The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems. | |||||
| CVE-2017-10662 | 1 Linux | 1 Linux Kernel | 2023-01-17 | 7.2 HIGH | 7.8 HIGH |
| The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors. | |||||
| CVE-2023-21681 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability. | |||||
| CVE-2023-21680 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability. | |||||
| CVE-2023-21525 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 5.3 MEDIUM |
| Remote Procedure Call Runtime Denial of Service Vulnerability. | |||||
| CVE-2023-21524 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 9 more | 2023-01-17 | N/A | 7.8 HIGH |
| Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability. | |||||
| CVE-2023-21527 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 7.5 HIGH |
| Windows iSCSI Service Denial of Service Vulnerability. | |||||
| CVE-2020-28975 | 1 Scikit-learn | 1 Scikit-learn | 2023-01-17 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced via pickle, json, or any other model permanence standard) with a large value in the _n_support array. NOTE: the scikit-learn vendor's position is that the behavior can only occur if the library's API is violated by an application that changes a private attribute. | |||||
| CVE-2023-21559 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2023-01-17 | N/A | 5.5 MEDIUM |
| Windows Cryptographic Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21540, CVE-2023-21550. | |||||
| CVE-2023-21550 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2023-01-17 | N/A | 5.5 MEDIUM |
| Windows Cryptographic Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21540, CVE-2023-21559. | |||||
| CVE-2023-21540 | 1 Microsoft | 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more | 2023-01-17 | N/A | 5.5 MEDIUM |
| Windows Cryptographic Information Disclosure Vulnerability. This CVE ID is unique from CVE-2023-21550, CVE-2023-21559. | |||||
| CVE-2023-21532 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 7.0 HIGH |
| Windows GDI Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2023-21552. | |||||
| CVE-2023-21555 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 8.1 HIGH |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21556, CVE-2023-21679. | |||||
| CVE-2023-21535 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 11 more | 2023-01-17 | N/A | 8.1 HIGH |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21548. | |||||
| CVE-2023-21556 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 8.1 HIGH |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21543, CVE-2023-21546, CVE-2023-21555, CVE-2023-21679. | |||||
| CVE-2023-21537 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 7.8 HIGH |
| Microsoft Message Queuing (MSMQ) Elevation of Privilege Vulnerability. | |||||
| CVE-2023-21543 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 8.1 HIGH |
| Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21546, CVE-2023-21555, CVE-2023-21556, CVE-2023-21679. | |||||
| CVE-2023-21548 | 1 Microsoft | 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more | 2023-01-17 | N/A | 8.1 HIGH |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2023-21535. | |||||
| CVE-2023-0131 | 1 Google | 1 Chrome | 2023-01-17 | N/A | 6.5 MEDIUM |
| Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium) | |||||