Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-42826 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2023-03-07 | N/A | 8.8 HIGH |
| A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-32949 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2023-03-07 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-32902 | 1 Apple | 1 Macos | 2023-03-07 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to bypass Privacy preferences. | |||||
| CVE-2022-32844 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2023-03-07 | N/A | 6.3 MEDIUM |
| A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and write capability may be able to bypass Pointer Authentication. | |||||
| CVE-2023-0996 | 1 Struktur | 1 Libheif | 2023-03-07 | N/A | 7.8 HIGH |
| There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. | |||||
| CVE-2021-4105 | 1 Bg-tek | 16 Coslat Bx5s1d3, Coslat Bx5s1d3 Firmware, Coslat Bx5s1d4 and 13 more | 2023-03-07 | N/A | 9.8 CRITICAL |
| Improper Handling of Parameters vulnerability in BG-TEK COSLAT Firewall allows Remote Code Inclusion.This issue affects COSLAT Firewall: from 5.24.0.R.20180630 before 5.24.0.R.20210727. | |||||
| CVE-2022-32830 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2023-03-07 | N/A | 7.5 HIGH |
| An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information. | |||||
| CVE-2022-32836 | 1 Apple | 1 Music | 2023-03-07 | N/A | 7.5 HIGH |
| This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. | |||||
| CVE-2022-32784 | 1 Apple | 3 Ipados, Iphone Os, Safari | 2023-03-07 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data. | |||||
| CVE-2022-26760 | 1 Apple | 2 Ipados, Iphone Os | 2023-03-07 | N/A | 9.8 CRITICAL |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A malicious application may be able to elevate privileges. | |||||
| CVE-2022-22582 | 1 Apple | 2 Mac Os X, Macos | 2023-03-07 | N/A | 5.5 MEDIUM |
| A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur 11.6.5, macOS Monterey 12.3. A local user may be able to write arbitrary files. | |||||
| CVE-2023-23009 | 2 Debian, Libreswan | 2 Debian Linux, Libreswan | 2023-03-07 | N/A | 6.5 MEDIUM |
| Libreswan 4.9 allows remote attackers to cause a denial of service (assert failure and daemon restart) via crafted TS payload with an incorrect selector length. | |||||
| CVE-2023-26253 | 1 Gluster | 1 Glusterfs | 2023-03-07 | N/A | 7.5 HIGH |
| In Gluster GlusterFS 11.0, there is an xlators/mount/fuse/src/fuse-bridge.c notify stack-based buffer over-read. | |||||
| CVE-2022-47648 | 1 Bosch | 2 B420, B420 Firmware | 2023-03-07 | N/A | 8.8 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** Bosch Security Systems B420 firmware 02.02.0001 employs IP based authorization in its authentication mechanism, allowing attackers to access the device as long as they are on the same network as a legitimate user. | |||||
| CVE-2020-9846 | 1 Apple | 1 Macos | 2023-03-07 | N/A | 5.3 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs. | |||||
| CVE-2023-24253 | 1 Domoticalabs | 1 Ikon Server | 2023-03-07 | N/A | 9.8 CRITICAL |
| Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability. | |||||
| CVE-2023-24249 | 1 Laravel-admin | 1 Laravel-admin | 2023-03-07 | N/A | 7.2 HIGH |
| An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file. | |||||
| CVE-2022-48305 | 1 Huawei | 2 Simba-al00, Simba-al00 Firmware | 2023-03-07 | N/A | 5.5 MEDIUM |
| There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail. | |||||
| CVE-2023-1048 | 2 Microsoft, Techpowerup | 2 Windows, Dram Calculator For Ryzen | 2023-03-07 | N/A | 7.8 HIGH |
| A vulnerability, which was classified as critical, has been found in TechPowerUp Ryzen DRAM Calculator 1.2.0.5. This issue affects some unknown processing in the library WinRing0x64.sys. The manipulation leads to improper initialization. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221807. | |||||
| CVE-2019-25105 | 1 Dro.pm Project | 1 Dro.pm | 2023-03-07 | N/A | 6.1 MEDIUM |
| A vulnerability, which was classified as problematic, was found in dro.pm. This affects an unknown part of the file web/fileman.php. The manipulation of the argument secret/key leads to cross site scripting. It is possible to initiate the attack remotely. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The name of the patch is fa73c3a42bc5c246a1b8f815699ea241aef154bb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221763. | |||||