Lucene search

K

Windows Kernel Security Vulnerabilities

cve
cve

CVE-2023-38142

Windows Kernel Elevation of Privilege...

7.8CVSS

8.4AI Score

0.0005EPSS

2023-09-12 05:15 PM
633
cve
cve

CVE-2023-38139

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.001EPSS

2023-09-12 05:15 PM
407
cve
cve

CVE-2023-38141

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.0005EPSS

2023-09-12 05:15 PM
397
cve
cve

CVE-2023-38140

Windows Kernel Information Disclosure...

5.5CVSS

5.9AI Score

0.0005EPSS

2023-09-12 05:15 PM
394
cve
cve

CVE-2023-36803

Windows Kernel Information Disclosure...

5.5CVSS

5.9AI Score

0.0005EPSS

2023-09-12 05:15 PM
623
cve
cve

CVE-2023-4688

Sensitive information leak through log files. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build...

5.5CVSS

4.7AI Score

0.0004EPSS

2023-08-31 09:15 PM
23
cve
cve

CVE-2023-41750

Sensitive information disclosure due to missing authorization. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build...

5.5CVSS

4AI Score

0.0004EPSS

2023-08-31 09:15 PM
11
cve
cve

CVE-2023-41745

Sensitive information disclosure due to excessive collection of system information. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30991, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build...

5.5CVSS

6AI Score

0.0004EPSS

2023-08-31 06:15 PM
24
cve
cve

CVE-2023-41742

Excessive attack surface due to binding to an unrestricted IP address. The following products are affected: Acronis Agent (Linux, macOS, Windows) before build 30430, Acronis Cyber Protect 15 (Linux, macOS, Windows) before build...

7.5CVSS

4.7AI Score

0.001EPSS

2023-08-31 03:15 PM
17
cve
cve

CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

7.5CVSS

7.4AI Score

0.001EPSS

2023-08-31 10:15 AM
322
cve
cve

CVE-2023-1995

Insufficient Logging vulnerability in Hitachi HiRDB Server, HiRDB Server With Addtional Function, HiRDB Structured Data Access Facility.This issue affects HiRDB Server: before 09-60-39, before 09-65-23, before 09-66-17, before 10-01-10, before 10-03-12, before 10-04-06, before 10-05-06, before...

7.5CVSS

7.5AI Score

0.0005EPSS

2023-08-29 02:15 AM
16
cve
cve

CVE-2023-33850

IBM GSKit-Crypto could allow a remote attacker to obtain sensitive information, caused by a timing-based side channel in the RSA Decryption implementation. By sending an overly large number of trial messages for decryption, an attacker could exploit this vulnerability to obtain sensitive...

7.5CVSS

7.1AI Score

0.001EPSS

2023-08-22 09:15 PM
72
cve
cve

CVE-2023-2971

Improper path handling in Typora before 1.7.0-dev on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/typemark/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from....

6.5CVSS

6.3AI Score

0.001EPSS

2023-08-19 06:15 AM
22
cve
cve

CVE-2023-2318

DOM-based XSS in src/muya/lib/contentState/pasteCtrl.js in MarkText 0.17.1 and before on Windows, Linux and macOS allows arbitrary JavaScript code to run in the context of MarkText main window. This vulnerability can be exploited if a user copies text from a malicious webpage and paste it into...

9.6CVSS

8.5AI Score

0.001EPSS

2023-08-19 06:15 AM
33
cve
cve

CVE-2023-2316

Improper path handling in Typora before 1.6.7 on Windows and Linux allows a crafted webpage to access local files and exfiltrate them to remote web servers via "typora://app/". This vulnerability can be exploited if a user opens a malicious markdown file in Typora, or copies text from a malicious.....

7.4CVSS

7.3AI Score

0.001EPSS

2023-08-19 06:15 AM
19
cve
cve

CVE-2023-2317

DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in tag. This vulnerability can be exploited if a user opens a.....

9.6CVSS

8.6AI Score

0.001EPSS

2023-08-19 06:15 AM
21
cve
cve

CVE-2023-2110

Improper path handling in Obsidian desktop before 1.2.8 on Windows, Linux and macOS allows a crafted webpage to access local files and exfiltrate them to remote web servers via "app://local/". This vulnerability can be exploited if a user opens a malicious markdown file in Obsidian, or copies text....

8.2CVSS

6.6AI Score

0.001EPSS

2023-08-19 06:15 AM
27
cve
cve

CVE-2023-20564

Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD Ryzen™ Master may permit a privileged attacker to perform memory reads/writes potentially leading to a loss of confidentiality or arbitrary kernel...

6.7CVSS

6.4AI Score

0.0004EPSS

2023-08-15 10:15 PM
23
cve
cve

CVE-2023-38741

IBM TXSeries for Multiplatforms 8.1, 8.2, and 9.1 is vulnerable to a denial of service, caused by improper enforcement of the timeout on individual read operations. By conducting a slowloris-type attacks, a remote attacker could exploit this vulnerability to cause a denial of service. IBM X-Force.....

7.5CVSS

7.3AI Score

0.001EPSS

2023-08-14 06:15 PM
23
cve
cve

CVE-2023-23208

Genesys Administrator Extension (GAX) before 9.0.105.15 is vulnerable to Cross Site Scripting (XSS) via the Business Structure page of the iWD plugin, aka...

6.1CVSS

6AI Score

0.0005EPSS

2023-08-13 09:15 PM
14
cve
cve

CVE-2023-38154

Windows Kernel Elevation of Privilege...

7.8CVSS

8.1AI Score

0.0005EPSS

2023-08-08 06:15 PM
71
cve
cve

CVE-2023-35382

Windows Kernel Elevation of Privilege...

7.8CVSS

8.5AI Score

0.001EPSS

2023-08-08 06:15 PM
86
cve
cve

CVE-2023-35386

Windows Kernel Elevation of Privilege...

7.8CVSS

8.5AI Score

0.0005EPSS

2023-08-08 06:15 PM
91
cve
cve

CVE-2023-35359

Windows Kernel Elevation of Privilege...

7.8CVSS

8AI Score

0.001EPSS

2023-08-08 06:15 PM
134
cve
cve

CVE-2023-35380

Windows Kernel Elevation of Privilege...

7.8CVSS

8.5AI Score

0.001EPSS

2023-08-08 06:15 PM
86
cve
cve

CVE-2023-20562

Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel...

7.8CVSS

7.4AI Score

0.0004EPSS

2023-08-08 06:15 PM
17
cve
cve

CVE-2023-20556

Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary buffer potentially resulting in a Windows crash leading to denial of...

5.5CVSS

5.8AI Score

0.0004EPSS

2023-08-08 06:15 PM
17
cve
cve

CVE-2023-20561

Insufficient validation of the IOCTL (Input Output Control) input buffer in AMD μProf may allow an authenticated user to send an arbitrary address potentially resulting in a Windows crash leading to denial of...

5.5CVSS

5.7AI Score

0.0004EPSS

2023-08-08 06:15 PM
13
cve
cve

CVE-2023-4136

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CrafterCMS Engine on Windows, MacOS, Linux, x86, ARM, 64 bit allows Reflected XSS.This issue affects CrafterCMS: from 4.0.0 through 4.0.2, from 3.1.0 through...

7.4CVSS

6.2AI Score

0.001EPSS

2023-08-03 03:15 PM
18
cve
cve

CVE-2023-25841

There is a stored Cross-site Scripting vulnerability in Esri ArcGIS Server versions 10.8.1 – 11.0 on Windows and Linux platforms that may allow a remote, unauthenticated attacker to create crafted content which when clicked could potentially execute arbitrary JavaScript code in the victim’s...

6.1CVSS

6.3AI Score

0.001EPSS

2023-07-21 07:15 PM
24
cve
cve

CVE-2023-25840

There is a Cross-site Scripting vulnerability in ArcGIS Server in versions 10.8.1 – 11.1 that may allow a remote, authenticated attacker to create a crafted link which onmouseover wont execute but could potentially render an image in the victims browser. The privileges required to execute this...

3.4CVSS

4.1AI Score

0.0005EPSS

2023-07-21 07:15 PM
20
cve
cve

CVE-2023-28513

IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.3 CD and IBM MQ Appliance 9.2 LTS, 9.3 LTS, 9.2 CD, and 9.2 LTS, under certain configurations, is vulnerable to a denial of service attack caused by an error processing messages. IBM X-Force ID: ...

7.5CVSS

7.1AI Score

0.001EPSS

2023-07-19 02:15 AM
121
cve
cve

CVE-2023-29259

IBM Sterling Connect:Express for UNIX 1.5 browser UI is vulnerable to attacks that rely on the use of cookies without the SameSite attribute. IBM X-Force ID: ...

5.3CVSS

5.1AI Score

0.0004EPSS

2023-07-19 02:15 AM
22
cve
cve

CVE-2023-29260

IBM Sterling Connect:Express for UNIX 1.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: ...

6.5CVSS

5.3AI Score

0.0004EPSS

2023-07-19 02:15 AM
27
cve
cve

CVE-2023-35898

IBM InfoSphere Information Server 11.7 could allow an authenticated user to obtain sensitive information due to an insecure security configuration in InfoSphere Data Flow Designer. IBM X-Force ID: ...

6.5CVSS

5.9AI Score

0.0005EPSS

2023-07-19 01:15 AM
28
cve
cve

CVE-2023-34142

Cleartext Transmission of Sensitive Information vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Interception.This issue affects Hitachi Device Manager: before...

9CVSS

7.5AI Score

0.001EPSS

2023-07-18 03:15 AM
29
cve
cve

CVE-2022-4146

Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before...

9.8CVSS

9.6AI Score

0.002EPSS

2023-07-18 03:15 AM
23
cve
cve

CVE-2023-34143

Improper Validation of Certificate with Host Mismatch vulnerability in Hitachi Device Manager on Windows, Linux (Device Manager Server, Device Manager Agent, Host Data Collector components) allows Man in the Middle Attack.This issue affects Hitachi Device Manager: before...

8.1CVSS

8AI Score

0.001EPSS

2023-07-18 03:15 AM
24
cve
cve

CVE-2023-26512

CWE-502 Deserialization of Untrusted Data at the rabbitmq-connector plugin module in Apache EventMesh (incubating) V1.7.0\V1.8.0 on windows\linux\mac os e.g. platforms allows attackers to send controlled message and remote code execute via rabbitmq messages. Users can use the code under the...

9.8CVSS

9.4AI Score

0.007EPSS

2023-07-17 08:15 AM
43
cve
cve

CVE-2023-35012

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 with a Federated configuration is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user with SYSADM privileges could overflow the buffer and execute arbitrary code on the system. IBM...

6.7CVSS

6.8AI Score

0.0004EPSS

2023-07-17 01:15 AM
49
cve
cve

CVE-2023-33857

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain system information using a specially crafted query that could aid in further attacks against the system. IBM X-Force ID: ...

5.3CVSS

4.9AI Score

0.001EPSS

2023-07-17 12:15 AM
35
cve
cve

CVE-2023-35357

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.0005EPSS

2023-07-11 06:15 PM
45
cve
cve

CVE-2023-35360

Windows Kernel Elevation of Privilege...

7CVSS

7.2AI Score

0.0004EPSS

2023-07-11 06:15 PM
51
cve
cve

CVE-2023-35363

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.001EPSS

2023-07-11 06:15 PM
46
cve
cve

CVE-2023-35356

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.0004EPSS

2023-07-11 06:15 PM
42
cve
cve

CVE-2023-35358

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.0005EPSS

2023-07-11 06:15 PM
40
cve
cve

CVE-2023-35364

Windows Kernel Elevation of Privilege...

8.8CVSS

8.8AI Score

0.001EPSS

2023-07-11 06:15 PM
43
cve
cve

CVE-2023-35361

Windows Kernel Elevation of Privilege...

7CVSS

7.2AI Score

0.0004EPSS

2023-07-11 06:15 PM
41
cve
cve

CVE-2023-35304

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.001EPSS

2023-07-11 06:15 PM
41
cve
cve

CVE-2023-35305

Windows Kernel Elevation of Privilege...

7.8CVSS

7.9AI Score

0.001EPSS

2023-07-11 06:15 PM
40
Total number of security vulnerabilities2875