| CVE-2023-41974 | | 0.12 | — | 0.00 | KEV | Jan 10, 2024 | A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 and iPadOS 17, iOS 15.8.7 and iPadOS 15.8.7. An app may be able to execute arbitrary code with kernel privileges. |
| CVE-2022-48618 | | 0.12 | — | 0.00 | KEV | Jan 9, 2024 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2, iOS 16.2 and iPadOS 16.2, tvOS 16.2. An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1. |
| CVE-2022-2586 | | 0.12 | — | 0.03 | KEV | Jan 8, 2024 | It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. |
| CVE-2023-7024 | | 0.12 | — | 0.03 | KEV | Dec 21, 2023 | Heap buffer overflow in WebRTC in Google Chrome prior to 120.0.6099.129 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2023-33107 | | 0.12 | — | 0.00 | KEV | Dec 5, 2023 | Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. |
| CVE-2023-33106 | | 0.12 | — | 0.00 | KEV | Dec 5, 2023 | Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. |
| CVE-2023-33063 | | 0.12 | — | 0.00 | KEV | Dec 5, 2023 | Memory corruption in DSP Services during a remote call from HLOS to DSP. |
| CVE-2023-42917 | | 0.12 | — | 0.00 | KEV | Nov 30, 2023 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. |
| CVE-2023-42916 | | 0.12 | — | 0.00 | KEV | Nov 30, 2023 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1. |
| CVE-2023-6345 | | 0.12 | — | 0.02 | KEV | Nov 29, 2023 | Integer overflow in Skia in Google Chrome prior to 119.0.6045.199 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a malicious file. (Chromium security severity: High) |
| CVE-2023-36033 | | 0.12 | — | 0.01 | KEV | Nov 14, 2023 | Windows DWM Core Library Elevation of Privilege Vulnerability |
| CVE-2023-36036 | | 0.12 | — | 0.02 | KEV | Nov 14, 2023 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2023-46748 | | 0.12 | — | 0.04 | KEV | Oct 26, 2023 | An authenticated SQL injection vulnerability exists in the BIG-IP Configuration utility which
may allow an authenticated attacker with network access to the Configuration utility through the BIG-IP management port and/or self IP addresses to execute arbitrary system commands.
Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated |
| CVE-2023-36563 | | 0.12 | — | 0.02 | KEV | Oct 10, 2023 | Microsoft WordPad Information Disclosure Vulnerability |
| CVE-2023-42824 | | 0.12 | — | 0.01 | KEV | Oct 4, 2023 | The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.6. |
| CVE-2023-4211 | | 0.12 | — | 0.00 | KEV | Oct 1, 2023 | A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. |
| CVE-2023-20109 | | 0.12 | — | 0.01 | KEV | Sep 27, 2023 | A vulnerability in the Cisco Group Encrypted Transport VPN (GET VPN) feature of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker who has administrative control of either a group member or a key server to execute arbitrary code on an affected device or cause the device to crash.
This vulnerability is due to insufficient validation of attributes in the Group Domain of Interpretation (GDOI) and G-IKEv2 protocols of the GET VPN feature. An attacker could exploit this vulnerability by either compromising an installed key server or modifying the configuration of a group member to point to a key server that is controlled by the attacker. A successful exploit could allow the attacker to execute arbitrary code and gain full control of the affected system or cause the affected system to reload, resulting in a denial of service (DoS) condition. For more information, see the Details ["#details"] section of this advisory. |
| CVE-2023-41992 | | 0.12 | — | 0.01 | KEV | Sep 21, 2023 | The issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.7, iOS 16.7 and iPadOS 16.7, macOS Ventura 13.6. A local attacker may be able to elevate their privileges. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. |
| CVE-2023-41991 | | 0.12 | — | 0.04 | KEV | Sep 21, 2023 | A certificate validation issue was addressed. This issue is fixed in macOS Ventura 13.6, iOS 16.7 and iPadOS 16.7. A malicious app may be able to bypass signature validation. Apple is aware of a report that this issue may have been actively exploited against versions of iOS before iOS 16.7. |
| CVE-2023-41179 | | 0.12 | — | 0.03 | KEV | Sep 19, 2023 | A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.
Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability. |
| CVE-2023-26369 | | 0.12 | — | 0.01 | KEV | Sep 13, 2023 | Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
| CVE-2023-36761 | | 0.12 | — | 0.06 | KEV | Sep 12, 2023 | Microsoft Word Information Disclosure Vulnerability |
| CVE-2023-4863 | | 0.12 | — | 0.94 | KEV | Sep 12, 2023 | Heap buffer overflow in libwebp in Google Chrome prior to 116.0.5845.187 and libwebp 1.3.2 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical) |
| CVE-2023-41990 | | 0.12 | — | 0.03 | KEV | Sep 11, 2023 | The issue was addressed with improved handling of caches. This issue is fixed in tvOS 16.3, iOS 16.3 and iPadOS 16.3, macOS Monterey 12.6.8, macOS Big Sur 11.7.9, iOS 15.7.8 and iPadOS 15.7.8, macOS Ventura 13.2, watchOS 9.3. Processing a font file may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. |
| CVE-2023-35674 | | 0.12 | — | 0.00 | KEV | Sep 11, 2023 | In onCreate of WindowState.java, there is a possible way to launch a background activity due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| CVE-2023-41061 | | 0.12 | — | 0.01 | KEV | Sep 7, 2023 | A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2022-48503 | | 0.12 | — | 0.00 | KEV | Aug 14, 2023 | The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5, Safari 15.6. Processing web content may lead to arbitrary code execution. |
| CVE-2023-38180 | | 0.12 | — | 0.01 | KEV | Aug 8, 2023 | .NET and Visual Studio Denial of Service Vulnerability |
| CVE-2023-38606 | | 0.12 | — | 0.00 | KEV | Jul 26, 2023 | This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7.1. |
| CVE-2023-37450 | | 0.12 | — | 0.00 | KEV | Jul 26, 2023 | The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, Safari 16.5.2, tvOS 16.6, macOS Ventura 13.5, watchOS 9.6. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2023-35311 | | 0.12 | — | 0.00 | KEV | Jul 11, 2023 | Microsoft Outlook Security Feature Bypass Vulnerability |
| CVE-2023-21237 | | 0.12 | — | 0.01 | KEV | Jun 28, 2023 | In applyRemoteView of NotificationContentInflater.java, there is a possible way to hide foreground service notification due to misleading or insufficient UI. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-251586912 |
| CVE-2023-32409 | | 0.12 | — | 0.00 | KEV | Jun 23, 2023 | The issue was addressed with improved bounds checks. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.8 and iPadOS 15.7.8, Safari 16.5, iOS 16.5 and iPadOS 16.5. A remote attacker may be able to break out of Web Content sandbox. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2023-28204 | | 0.12 | — | 0.00 | KEV | Jun 23, 2023 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2023-32439 | | 0.12 | — | 0.01 | KEV | Jun 23, 2023 | A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2023-32435 | | 0.12 | — | 0.00 | KEV | Jun 23, 2023 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Safari 16.4, iOS 16.4 and iPadOS 16.4, iOS 15.7.7 and iPadOS 15.7.7. Processing web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.7. |
| CVE-2023-32373 | | 0.12 | — | 0.00 | KEV | Jun 23, 2023 | A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 9.5, tvOS 16.5, macOS Ventura 13.4, iOS 15.7.6 and iPadOS 15.7.6, Safari 16.5, iOS 16.5 and iPadOS 16.5. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2023-20867 | | 0.12 | — | 0.03 | KEV | Jun 13, 2023 | A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine. |
| CVE-2023-3079 | | 0.12 | — | 0.02 | KEV | Jun 5, 2023 | Type confusion in V8 in Google Chrome prior to 114.0.5735.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2023-33009 | | 0.12 | — | 0.06 | KEV | May 24, 2023 | A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. |
| CVE-2023-33010 | | 0.12 | — | 0.06 | KEV | May 24, 2023 | A buffer overflow vulnerability in the ID processing function in Zyxel ATP series firmware versions 4.32 through 5.36 Patch 1, USG FLEX series firmware versions 4.50 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.25 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.25 through 5.36 Patch 1, VPN series firmware versions 4.30 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.25 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. |
| CVE-2023-21492 | | 0.12 | — | 0.00 | KEV | May 4, 2023 | Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. |
| CVE-2023-2136 | | 0.12 | — | 0.00 | KEV | Apr 19, 2023 | Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
| CVE-2023-28205 | | 0.12 | — | 0.00 | KEV | Apr 10, 2023 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2023-26083 | | 0.12 | — | 0.05 | KEV | Apr 6, 2023 | Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from r41p0 - r42p0 allows a non-privileged user to make valid GPU processing operations that expose sensitive kernel metadata. |
| CVE-2023-20118 | | 0.12 | — | 0.04 | KEV | Apr 5, 2023 | A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device.
This vulnerability is due to improper validation of user input within incoming HTTP packets. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web-based management interface. A successful exploit could allow the attacker to gain root-level privileges and access unauthorized data. To exploit this vulnerability, an attacker would need to have valid administrative credentials on the affected device.
Cisco has not and will not release software updates that address this vulnerability. However, administrators may disable the affected feature as described in the Workarounds ["#workarounds"] section.
{{value}} ["%7b%7bvalue%7d%7d"])}]] |
| CVE-2023-20963 | | 0.12 | — | 0.02 | KEV | Mar 24, 2023 | In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-220302519 |
| CVE-2022-41328 | | 0.12 | — | 0.00 | KEV | Mar 7, 2023 | A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via crafted CLI commands. |
| CVE-2019-8720 | | 0.12 | — | 0.04 | KEV | Mar 6, 2023 | A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues. |
| CVE-2023-23529 | | 0.12 | — | 0.00 | KEV | Feb 27, 2023 | A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
