Lucene search

K

Windows Kernel Security Vulnerabilities

cve
cve

CVE-2023-47705

IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to manipulate username data due to improper input validation. IBM X-Force ID: ...

4.3CVSS

4.2AI Score

0.0004EPSS

2023-12-20 02:15 AM
16
cve
cve

CVE-2023-47703

IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: ...

5.3CVSS

4.7AI Score

0.001EPSS

2023-12-20 02:15 AM
16
cve
cve

CVE-2023-47702

IBM Security Guardium Key Lifecycle Manager 4.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view modify files on the system. IBM X-Force ID: ...

9.1CVSS

8.5AI Score

0.001EPSS

2023-12-20 02:15 AM
18
cve
cve

CVE-2023-47706

IBM Security Guardium Key Lifecycle Manager 4.3 could allow an authenticated user to upload files of a dangerous file type. IBM X-Force ID: ...

8.8CVSS

8AI Score

0.0005EPSS

2023-12-20 01:15 AM
15
cve
cve

CVE-2023-47704

IBM Security Guardium Key Lifecycle Manager 4.3 contains plain text hard-coded credentials or other secrets in source code repository. IBM X-Force ID: ...

7.5CVSS

7.2AI Score

0.001EPSS

2023-12-20 01:15 AM
18
cve
cve

CVE-2023-35635

Windows Kernel Denial of Service...

5.5CVSS

6.2AI Score

0.001EPSS

2023-12-12 06:15 PM
17
cve
cve

CVE-2023-35633

Windows Kernel Elevation of Privilege...

7.8CVSS

8AI Score

0.0005EPSS

2023-12-12 06:15 PM
32
cve
cve

CVE-2023-40687

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: ...

7.5CVSS

7.3AI Score

0.001EPSS

2023-12-04 02:15 AM
31
cve
cve

CVE-2023-29258

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: ...

7.5CVSS

7.2AI Score

0.001EPSS

2023-12-04 02:15 AM
21
cve
cve

CVE-2023-38727

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: ...

7.5CVSS

7.4AI Score

0.001EPSS

2023-12-04 02:15 AM
30
cve
cve

CVE-2023-46167

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: ...

7.5CVSS

7.2AI Score

0.001EPSS

2023-12-04 01:15 AM
32
cve
cve

CVE-2023-47701

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: ...

7.5CVSS

7.2AI Score

0.001EPSS

2023-12-04 01:15 AM
31
cve
cve

CVE-2023-43021

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID:...

5.3CVSS

4.8AI Score

0.001EPSS

2023-12-01 09:15 PM
14
cve
cve

CVE-2023-42019

IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: ...

5.9CVSS

5.6AI Score

0.001EPSS

2023-12-01 09:15 PM
10
cve
cve

CVE-2023-42022

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID:...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-12-01 09:15 PM
14
cve
cve

CVE-2023-46174

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-12-01 09:15 PM
12
cve
cve

CVE-2023-42009

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-12-01 09:15 PM
12
cve
cve

CVE-2023-40699

IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: ...

7.5CVSS

7.2AI Score

0.001EPSS

2023-12-01 09:15 PM
17
cve
cve

CVE-2023-38268

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: ...

8.8CVSS

8.4AI Score

0.001EPSS

2023-12-01 08:15 PM
15
cve
cve

CVE-2023-43015

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: ...

5.4CVSS

5.2AI Score

0.0004EPSS

2023-12-01 08:15 PM
12
cve
cve

CVE-2023-49322

Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17...

7.5CVSS

7.4AI Score

0.0005EPSS

2023-11-27 12:15 AM
13
cve
cve

CVE-2023-49321

Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17...

5.3CVSS

5.2AI Score

0.0005EPSS

2023-11-27 12:15 AM
10
cve
cve

CVE-2023-40363

IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. IBM X-Force ID: ...

8.1CVSS

6.1AI Score

0.0004EPSS

2023-11-18 06:15 PM
44
cve
cve

CVE-2023-47263

Certain WithSecure products allow a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure....

7.5CVSS

7.4AI Score

0.0005EPSS

2023-11-16 03:15 AM
14
cve
cve

CVE-2023-47264

Certain WithSecure products have a buffer over-read whereby processing certain fuzz file types may cause a denial of service (DoS). This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and...

7.5CVSS

7.5AI Score

0.0005EPSS

2023-11-16 03:15 AM
8
cve
cve

CVE-2023-6105

An information disclosure vulnerability exists in multiple ManageEngine products that can result in encryption keys being exposed. A low-privileged OS user with access to the host where an affected ManageEngine product is installed can view and use the exposed key to decrypt product database...

5.5CVSS

5.2AI Score

0.0004EPSS

2023-11-15 09:15 PM
21
cve
cve

CVE-2023-38043

A vulnerability exists on all versions of the Ivanti Secure Access Client below 22.6R1.1, which could allow a locally authenticated attacker to exploit a vulnerable configuration, potentially leading to a denial of service (DoS) condition on the user machine and, in some cases, resulting in a full....

7.8CVSS

8.2AI Score

0.0004EPSS

2023-11-15 12:15 AM
7
cve
cve

CVE-2023-28723

Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable information disclosure via local...

5.5CVSS

5AI Score

0.0004EPSS

2023-11-14 07:15 PM
14
cve
cve

CVE-2023-28737

Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable escalation of privilege via local...

8.8CVSS

7.7AI Score

0.0004EPSS

2023-11-14 07:15 PM
12
cve
cve

CVE-2023-28397

Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local...

7.8CVSS

7.6AI Score

0.0004EPSS

2023-11-14 07:15 PM
13
cve
cve

CVE-2023-26589

Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated user to potentially enable denial of service via local...

6.5CVSS

5.6AI Score

0.0004EPSS

2023-11-14 07:15 PM
22
cve
cve

CVE-2023-25949

Uncontrolled resource consumption in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local...

5.5CVSS

5.2AI Score

0.0004EPSS

2023-11-14 07:15 PM
12
cve
cve

CVE-2023-22310

Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local...

6.5CVSS

4.6AI Score

0.0004EPSS

2023-11-14 07:15 PM
12
cve
cve

CVE-2023-22305

Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local...

6.5CVSS

5.4AI Score

0.0004EPSS

2023-11-14 07:15 PM
13
cve
cve

CVE-2022-36396

Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privileged user to potentially enable escalation of privilege via local...

8.2CVSS

6.6AI Score

0.0004EPSS

2023-11-14 07:15 PM
14
cve
cve

CVE-2022-36374

Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privileged user to potentially enable escalation of privilege via local...

7.5CVSS

6.6AI Score

0.0004EPSS

2023-11-14 07:15 PM
13
cve
cve

CVE-2023-36405

Windows Kernel Elevation of Privilege...

7CVSS

7.2AI Score

0.0005EPSS

2023-11-14 06:15 PM
189
cve
cve

CVE-2023-36404

Windows Kernel Information Disclosure...

5.5CVSS

5.9AI Score

0.0005EPSS

2023-11-14 06:15 PM
111
cve
cve

CVE-2023-36403

Windows Kernel Elevation of Privilege...

7CVSS

7.2AI Score

0.001EPSS

2023-11-14 06:15 PM
110
cve
cve

CVE-2023-35896

IBM Content Navigator 3.0.13 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: ...

5.4CVSS

5.3AI Score

0.0004EPSS

2023-11-03 03:15 AM
39
cve
cve

CVE-2023-42029

IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials...

5.4CVSS

5.2AI Score

0.001EPSS

2023-11-03 12:15 AM
32
cve
cve

CVE-2023-42027

IBM CICS TX Standard 11.1, Advanced 10.1, 11.1, and TXSeries for Multiplatforms 8.1, 8.2, 9.1 are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: ...

8.8CVSS

8.3AI Score

0.001EPSS

2023-11-03 12:15 AM
56
cve
cve

CVE-2023-31020

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause improper access control, which may lead to denial of service or data...

7.1CVSS

6.8AI Score

0.0004EPSS

2023-11-02 07:15 PM
40
cve
cve

CVE-2023-31022

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where a NULL-pointer dereference may lead to denial of...

5.5CVSS

5.2AI Score

0.0004EPSS

2023-11-02 07:15 PM
52
cve
cve

CVE-2023-31018

NVIDIA GPU Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a NULL-pointer dereference, which may lead to denial of...

6.5CVSS

5.7AI Score

0.0004EPSS

2023-11-02 07:15 PM
33
cve
cve

CVE-2023-5847

Under certain conditions, a low privileged attacker could load a specially crafted file during installation or upgrade to escalate privileges on Windows and Linux...

7.3CVSS

7.1AI Score

0.001EPSS

2023-11-01 04:15 PM
94
cve
cve

CVE-2023-40372

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. IBM X-Force ID: ...

7.5CVSS

7.4AI Score

0.001EPSS

2023-10-17 12:15 AM
41
cve
cve

CVE-2023-38719

IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: ...

5.1CVSS

4.4AI Score

0.0004EPSS

2023-10-17 12:15 AM
47
cve
cve

CVE-2023-40373

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-10-17 12:15 AM
51
cve
cve

CVE-2023-30991

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-10-16 11:15 PM
69
Total number of security vulnerabilities2875