| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2023-52026 | TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution (RCE) ... | E | |
| CVE-2023-52027 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vu... | E | |
| CVE-2023-52028 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vu... | E | |
| CVE-2023-52029 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vu... | E | |
| CVE-2023-52030 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vu... | E | |
| CVE-2023-52031 | TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vu... | E | |
| CVE-2023-52032 | TOTOlink EX1200T V4.1.2cu.5232_B20210713 was discovered to contain a remote command execution (RCE) ... | E | |
| CVE-2023-52038 | An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary comm... | E | |
| CVE-2023-52039 | An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary comm... | E | |
| CVE-2023-52040 | An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary comm... | E | |
| CVE-2023-52041 | An issue discovered in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attackers to run arbitrary code... | E | |
| CVE-2023-52042 | An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows attacker... | E | |
| CVE-2023-52043 | An issue in D-Link COVR 1100, 1102, 1103 AC1200 Dual-Band Whole-Home Mesh Wi-Fi System (Hardware Rev... | | |
| CVE-2023-52044 | Studio-42 eLfinder 2.1.62 is vulnerable to Remote Code Execution (RCE) as there is no restriction fo... | E | |
| CVE-2023-52045 | Studio-42 eLfinder 2.1.62 contains a filename restriction bypass leading to a persistent Cross-site ... | E | |
| CVE-2023-52046 | Cross Site Scripting vulnerability (XSS) in webmin v.2.105 and earlier allows a remote attacker to e... | E | |
| CVE-2023-52047 | Dedecms v5.7.112 was discovered to contain a Cross-Site Request Forgery (CSRF) in the file manager.... | | |
| CVE-2023-52048 | RuoYi v4.7.8 was discovered to contain a cross-site scripting (XSS) vulnerability via the component ... | | |
| CVE-2023-52059 | A cross-site scripting (XSS) vulnerability in Gestsup v3.2.46 allows attackers to execute arbitrary ... | E S | |
| CVE-2023-52060 | A Cross-Site Request Forgery (CSRF) in Gestsup v3.2.46 allows attackers to arbitrarily edit user pro... | E S | |
| CVE-2023-52064 | Wuzhicms v4.1.0 was discovered to contain a SQL injection vulnerability via the $keywords parameter ... | E | |
| CVE-2023-52066 | http.zig commit 76cf5 was discovered to contain a CRLF injection vulnerability via the url parameter... | | |
| CVE-2023-52068 | kodbox v1.43 was discovered to contain a cross-site scripting (XSS) vulnerability via the operation ... | | |
| CVE-2023-52069 | kodbox v1.49.04 was discovered to contain a cross-site scripting (XSS) vulnerability via the URL par... | | |
| CVE-2023-52070 | JFreeChart v1.5.4 was discovered to be vulnerable to ArrayIndexOutOfBounds via the 'setSeriesNeedle(... | | |
| CVE-2023-52071 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2023-52072 | FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/... | E | |
| CVE-2023-52073 | FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component /system/... | E | |
| CVE-2023-52074 | FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/s... | E | |
| CVE-2023-52075 | ReVanced API vulnerable to Denial of Service due to lack of error caching | | |
| CVE-2023-52076 | Remote Code Execution Vulnerability in Atril's EPUB ebook parsing | E S | |
| CVE-2023-52077 | External apps using tokens issued by administrators and moderators can call admin APIs | S | |
| CVE-2023-52079 | Conversion of property names to strings can trigger infinite recursion | S | |
| CVE-2023-52080 | IEIT NF5280M6 UEFI firmware through 8.4 has a pool overflow vulnerability, caused by improper use of... | | |
| CVE-2023-52081 | ewen-lbh/ffcss late-Unicode normalization vulnerability | E S | |
| CVE-2023-52082 | Lychee is vulnerable to an SQL Injection in explain DB queries. | S | |
| CVE-2023-52083 | Stored XSS through privileged upload of Media Manager file followed by renaming | S | |
| CVE-2023-52084 | Winter CMS Stored XSS through Backend ColorPicker FormWidget | S | |
| CVE-2023-52085 | Winter CMS Local File Inclusion through Server Side Template Injection | S | |
| CVE-2023-52086 | resumable.php (aka PHP backend for resumable.js) 0.1.4 before 3c6dbf5 allows arbitrary file upload a... | S | |
| CVE-2023-52090 | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker t... | | |
| CVE-2023-52091 | An anti-spyware engine link following vulnerability in Trend Micro Apex One could allow a local atta... | | |
| CVE-2023-52092 | A security agent link following vulnerability in Trend Micro Apex One could allow a local attacker t... | | |
| CVE-2023-52093 | An exposed dangerous function vulnerability in the Trend Micro Apex One agent could allow a local at... | | |
| CVE-2023-52094 | An updater link following vulnerability in the Trend Micro Apex One agent could allow a local attack... | | |
| CVE-2023-52096 | SteVe Community ocpp-jaxb before 0.0.8 generates invalid timestamps such as ones with month 00 in ce... | E | |
| CVE-2023-52097 | Vulnerability of foreground service restrictions being bypassed in the NMS module.Successful exploit... | | |
| CVE-2023-52098 | Denial of Service (DoS) vulnerability in the DMS module. Successful exploitation of this vulnerabili... | | |
| CVE-2023-52099 | Vulnerability of foreground service restrictions being bypassed in the NMS module. Successful exploi... | | |
| CVE-2023-52100 | The Celia Keyboard module has a vulnerability in access control. Successful exploitation of this vul... | | |
| CVE-2023-52101 | Component exposure vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability ... | | |
| CVE-2023-52102 | Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vu... | | |
| CVE-2023-52103 | Buffer overflow vulnerability in the FLP module. Successful exploitation of this vulnerability may c... | | |
| CVE-2023-52104 | Vulnerability of parameters being not verified in the WMS module. Successful exploitation of this vu... | | |
| CVE-2023-52105 | The nearby module has a privilege escalation vulnerability. Successful exploitation of this vulnerab... | | |
| CVE-2023-52106 | Vulnerability of permission verification for APIs in the DownloadProviderMain module. Impact: Succes... | | |
| CVE-2023-52107 | Vulnerability of permissions being not strictly verified in the WMS module. Successful exploitation ... | | |
| CVE-2023-52108 | Vulnerability of process priorities being raised in the ActivityManagerService module. Successful ex... | | |
| CVE-2023-52109 | Vulnerability of trust relationships being inaccurate in distributed scenarios. Successful exploitat... | | |
| CVE-2023-52110 | The sensor module has an out-of-bounds access vulnerability.Successful exploitation of this vulnerab... | | |
| CVE-2023-52111 | Authorization vulnerability in the BootLoader module. Successful exploitation of this vulnerability ... | | |
| CVE-2023-52112 | Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation of t... | | |
| CVE-2023-52113 | launchAnyWhere vulnerability in the ActivityManagerService module. Successful exploitation of this v... | | |
| CVE-2023-52114 | Data confidentiality vulnerability in the ScreenReader module. Successful exploitation of this vulne... | | |
| CVE-2023-52115 | The iaware module has a Use-After-Free (UAF) vulnerability. Successful exploitation of this vulnerab... | | |
| CVE-2023-52116 | Permission management vulnerability in the multi-screen interaction module. Successful exploitation ... | | |
| CVE-2023-52117 | WordPress ProfileGrid plugin <= 5.6.6 - Broken Access Control vulnerability | S | |
| CVE-2023-52118 | WordPress WP User Profile Avatar Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-52119 | WordPress Icegram Plugin <= 3.1.18 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52120 | WordPress NEX-Forms – Ultimate Form Builder Plugin <= 8.5.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52121 | WordPress NitroPack Plugin <= 1.10.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52122 | WordPress Simple Job Board Plugin <= 2.10.6 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52123 | WordPress Strong Testimonials Plugin <= 3.1.10 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52124 | WordPress WP Tabs Plugin <= 2.2.0 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-52125 | WordPress iFrame Plugin <= 4.8 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-52126 | WordPress Send Users Email Plugin <= 1.4.3 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-52127 | WordPress WPC Product Bundles for WooCommerce Plugin <= 7.3.1 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52128 | WordPress White Label Plugin <= 2.9.0 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52129 | WordPress teachPress Plugin <= 9.0.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52130 | WordPress Affiliates Manager Plugin <= 2.9.31 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52131 | WordPress Page Generator Plugin <= 1.7.1 is vulnerable to SQL Injection | S | |
| CVE-2023-52132 | WordPress WP Adminify Plugin <= 3.1.6 is vulnerable to SQL Injection | S | |
| CVE-2023-52133 | WordPress Most And Least Read Posts Widget Plugin <= 2.5.16 is vulnerable to SQL Injection | S | |
| CVE-2023-52134 | WordPress GEO my WordPress Plugin <= 4.0.2 is vulnerable to SQL Injection | S | |
| CVE-2023-52135 | WordPress WS Form LITE Plugin <= 1.9.170 is vulnerable to SQL Injection | S | |
| CVE-2023-52136 | WordPress Custom Twitter Feeds (Tweets Widget) Plugin <= 2.1.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52137 | GitHub Action tj-actions/verify-changed-files is vulnerable to command injection in output filenames | E S | |
| CVE-2023-52138 | Path traversal via crafted cpio archives in Engrampa archivers | E S | |
| CVE-2023-52139 | Misskey vulnerable to improper authorization when accessing with third-party application | S | |
| CVE-2023-52140 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candi... | R | |
| CVE-2023-52141 | Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candi... | R | |
| CVE-2023-52142 | WordPress Events Shortcodes & Templates For The Events Calendar Plugin <= 2.3.1 is vulnerable to SQL Injection | S | |
| CVE-2023-52143 | WordPress WP Stripe Checkout Plugin <= 1.2.2.37 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-52144 | WordPress Product Feed Manager plugin <= 7.3.15 - Directory Traversal vulnerability | S | |
| CVE-2023-52145 | WordPress Republish Old Posts Plugin <= 1.21 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52146 | WordPress 404 Solution Plugin <= 2.33.0 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-52147 | WordPress All-In-One Security (AIOS) plugin <= 5.2.4 - Secret Login Page Location Disclosure on Multisites vulnerability | S | |
| CVE-2023-52148 | WordPress Affiliates Manager Plugin <= 2.9.30 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-52149 | WordPress Floating Button Plugin <= 6.0 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52150 | WordPress Dynamic Content for Elementor Plugin < 2.12.5 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52151 | WordPress Uncanny Automator Plugin <= 5.1.0.2 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-52152 | mupnp/net/uri.c in mUPnP for C through 3.0.2 has an out-of-bounds read and application crash because... | E | |
| CVE-2023-52153 | A SQL Injection vulnerability in /pmb/opac_css/includes/sessions.inc.php in PMB 7.4.7 and earlier al... | E | |
| CVE-2023-52154 | File Upload vulnerability in pmb/camera_upload.php in PMB 7.4.7 and earlier allows attackers to run ... | E | |
| CVE-2023-52155 | A SQL Injection vulnerability in /admin/sauvegarde/run.php in PMB 7.4.7 and earlier allows remote au... | E | |
| CVE-2023-52159 | A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote at... | | |
| CVE-2023-52160 | The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass. For a succes... | S | |
| CVE-2023-52161 | The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) bef... | S | |
| CVE-2023-52162 | Mercusys MW325R EU V3 (Firmware MW325R(EU)_V3_1.11.0 Build 221019) is vulnerable to a stack-based bu... | E | |
| CVE-2023-52163 | Digiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulner... | | |
| CVE-2023-52164 | access_device.cgi on Digiever DS-2105 Pro 3.1.0.71-11 devices allows arbitrary file read. NOTE: This... | | |
| CVE-2023-52168 | The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overfl... | | |
| CVE-2023-52169 | The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains an out-of-bounds read that... | | |
| CVE-2023-52173 | XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3ADBD0.... | | |
| CVE-2023-52174 | XnView Classic before 2.51.3 on Windows has a Write Access Violation at xnview.exe+0x3125D6.... | E | |
| CVE-2023-52175 | WordPress Auto Amazon Links Plugin <= 5.1.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-52176 | WordPress Malware Scanner plugin <= 4.7.1 - IP Restriction Bypass vulnerability | S | |
| CVE-2023-52177 | WordPress Integrate Google Drive plugin <= 1.3.3 - Broken Access Control vulnerability | S | |
| CVE-2023-52178 | WordPress WP Affiliate Disclosure Plugin <= 1.2.7 is vulnerable to Cross-Site Scripting (XSS) | S | |
| CVE-2023-52179 | WordPress Product Expiry for WooCommerce plugin <= 2.5 - Broken Access Control vulnerability | S | |
| CVE-2023-52180 | WordPress Recipe Maker For Your Food Blog from Zip Recipes Plugin <= 8.1.0 is vulnerable to SQL Injection | S | |
| CVE-2023-52181 | WordPress Theme per user Plugin <= 1.0.1 is vulnerable to PHP Object Injection | S | |
| CVE-2023-52182 | WordPress ARI Stream Quiz Plugin <= 1.3.0 is vulnerable to PHP Object Injection | S | |
| CVE-2023-52183 | WordPress WordPress Backup & Migration plugin <= 1.4.3 - Broken Access Control vulnerability | S | |
| CVE-2023-52184 | WordPress WP Job Portal Plugin <= 2.0.6 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52185 | WordPress Everest Backup Plugin <= 2.1.9 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-52186 | WordPress WooCommerce Product Vendors plugin <= 2.2.2 - Unauthenticated Broken Access Control vulnerability | S | |
| CVE-2023-52187 | WordPress Image Source Control Plugin <= 2.17.0 is vulnerable to Sensitive Data Exposure | S | |
| CVE-2023-52188 | WordPress Footer Putter Plugin <= 1.17 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52189 | WordPress Ideal Interactive Map Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52190 | WordPress Coupon Referral Program Plugin <= 1.7.2 is vulnerable to Sensitive Data Exposure | | |
| CVE-2023-52191 | WordPress Infogram Plugin <= 1.6.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52192 | WordPress Keap Official Opt-in Forms Plugin <= 1.0.11 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52193 | WordPress Page Builder: Live Composer Plugin <= 1.5.23 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-52194 | WordPress oEmbed Gist Plugin <= 4.9.1 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52195 | WordPress Posts to Page Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52196 | WordPress CPT Bootstrap Carousel Plugin <= 1.12 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52197 | WordPress Ads Invalid Click Protection Plugin <= 1.0 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52198 | WordPress Private Google Calendars Plugin <= 20231125 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52199 | WordPress ActivityPub plugin <= 1.0.5 - Unauthenticated Broken Access Control vulnerability | S | |
| CVE-2023-52200 | WordPress ARMember Plugin <= 4.0.22 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection | S | |
| CVE-2023-52201 | WordPress pTypeConverter Plugin <= 0.2.8.1 is vulnerable to SQL Injection | | |
| CVE-2023-52202 | WordPress HTML5 MP3 Player with Folder Feedburner Plugin <= 2.8.0 is vulnerable to PHP Object Injection | | |
| CVE-2023-52203 | WordPress CformsII Plugin <= 15.0.5 is vulnerable to Cross Site Scripting (XSS) | | |
| CVE-2023-52204 | WordPress Randomize Plugin <= 1.4.3 is vulnerable to SQL Injection | | |
| CVE-2023-52205 | WordPress HTML5 SoundCloud Player Plugin <= 2.8.0 is vulnerable to PHP Object Injection | | |
| CVE-2023-52206 | WordPress Page Builder: Live Composer Plugin <= 1.5.25 is vulnerable to PHP Object Injection | | |
| CVE-2023-52207 | WordPress HTML5 MP3 Player with Playlist Free Plugin <= 3.0.0 is vulnerable to PHP Object Injection | | |
| CVE-2023-52208 | WordPress Constant Contact Forms Plugin <= 2.4.2 is vulnerable to Sensitive Data Exposure | | |
| CVE-2023-52209 | WordPress WPForms User Registration plugin <= 2.1.0 - Authenticated Privilege Escalation vulnerability | S | |
| CVE-2023-52211 | WordPress WP Job Manager plugin <= 2.0.0 - Broken Access Control vulnerability | S | |
| CVE-2023-52213 | WordPress Rate Star Review Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2023-52214 | WordPress Void Contact Form 7 Widget For Elementor Page Builder plugin <= 2.3 - Broken Access Control vulnerability | S | |
| CVE-2023-52215 | WordPress Barcode Scanner with Inventory & Order Manager Plugin <=1.5.1 is vulnerable to SQL Injection | S | |
| CVE-2023-52216 | WordPress JS & CSS Script Optimizer Plugin <= 0.3.3 is vulnerable to Cross Site Request Forgery (CSRF) | | |
| CVE-2023-52217 | WordPress WooCommerce Conversion Tracking plugin <= 2.0.11 - Broken Access Control vulnerability | S | |
| CVE-2023-52218 | WordPress WooCommerce Tranzila Gateway Plugin <= 1.0.8 is vulnerable to PHP Object Injection | | |
| CVE-2023-52219 | WordPress Gecka Terms Thumbnails Plugin <= 1.1 is vulnerable to PHP Object Injection | | |
| CVE-2023-52220 | WordPress MonsterInsights plugin <= 8.21.0 - Broken Access Control vulnerability | S | |
| CVE-2023-52221 | WordPress Barcode Scanner with Inventory & Order Manager Plugin <= 1.5.1 is vulnerable to Arbitrary File Upload | S | |
| CVE-2023-52222 | WordPress WooCommerce Plugin <= 8.2.2 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52223 | WordPress MailerLite – WooCommerce integration Plugin <= 2.0.8 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2023-52224 | WordPress Revolut Gateway for WooCommerce plugin <= 4.9.7 - Broken Access Control vulnerability | S | |
| CVE-2023-52225 | WordPress Taggbox Plugin <= 3.1 is vulnerable to PHP Object Injection | | |
| CVE-2023-52226 | WordPress Advanced Flamingo plugin <= 1.0 - Cross Site Request Forgery (CSRF) vulnerability | | |
| CVE-2023-52227 | WordPress MailerLite – WooCommerce integration plugin <= 2.0.8 - Broken Access Control vulnerability | S | |
| CVE-2023-52228 | WordPress Beds24 Online Booking plugin <= 2.0.24 - Cross Site Scripting (XSS) vulnerability | S | |
| CVE-2023-52229 | WordPress Word Replacer Pro plugin <= 1.0 - Broken Access Control vulnerability | | |
| CVE-2023-52230 | WordPress Booster Plus for WooCommerce plugin < 7.1.3 - Authenticated Arbitrary WordPress Option Disclosure Vulnerability | S | |
| CVE-2023-52231 | WordPress Booster Plus for WooCommerce plugin < 7.1.2 - Auth. Sensitive Data Exposure vulnerability | S | |
| CVE-2023-52232 | WordPress Booster Plus for WooCommerce plugin < 7.1.2 - Authenticated Arbitrary Post/Page Deletion Vulnerability | S | |
| CVE-2023-52233 | WordPress POST SMTP Mailer plugin <= 2.8.6 - Broken Access Control on API vulnerability | S | |
| CVE-2023-52234 | WordPress Booster Elite for WooCommerce plugin < 7.1.2 - Auth. Sensitive Data Exposure vulnerability | S | |
| CVE-2023-52235 | SpaceX Starlink Wi-Fi router GEN 2 before 2023.53.0 and Starlink Dish before 07dd2798-ff15-4722-a9ee... | | |
| CVE-2023-52237 | A vulnerability has been identified in RUGGEDCOM i800, RUGGEDCOM i800NC, RUGGEDCOM i801, RUGGEDCOM i... | | |
| CVE-2023-52238 | A vulnerability has been identified in RUGGEDCOM RST2228 (All versions < V5.9.0), RUGGEDCOM RST2228P... | | |
| CVE-2023-52239 | The XML parser in Magic xpi Integration Platform 4.13.4 allows XXE attacks, e.g., via onItemImport.... | E | |
| CVE-2023-52240 | The Kantega SAML SSO OIDC Kerberos Single Sign-on apps before 6.20.0 for Atlassian products allow XS... | | |
| CVE-2023-52251 | An issue discovered in provectus kafka-ui 0.4.0 through 0.7.1 allows remote attackers to execute arb... | E | |
| CVE-2023-52252 | Unified Remote 3.13.0 allows remote attackers to execute arbitrary Lua code because of a wildcarded ... | E | |
| CVE-2023-52257 | LogoBee 0.2 allows updates.php?id= XSS.... | E | |
| CVE-2023-52262 | outdoorbits little-backup-box (aka Little Backup Box) before f39f91c allows remote attackers to exec... | S | |
| CVE-2023-52263 | Brave Browser before 1.59.40 does not properly restrict the schema for WebUI factory and redirect. T... | S | |
| CVE-2023-52264 | The beesblog (aka Bees Blog) component before 1.6.2 for thirty bees allows Reflected XSS because con... | S | |
| CVE-2023-52265 | IDURAR (aka idurar-erp-crm) through 2.0.1 allows stored XSS via a PATCH request with a crafted JSON ... | E S | |
| CVE-2023-52266 | ehttp 1.0.6 before 17405b9 has an epoll_socket.cpp read_func use-after-free. An attacker can make ma... | E S | |
| CVE-2023-52267 | ehttp 1.0.6 before 17405b9 has a simple_log.cpp _log out-of-bounds-read during error logging for lon... | E S | |
| CVE-2023-52268 | The End-User Portal module before 1.0.65 for FreeScout sometimes allows an attacker to authenticate ... | | |
| CVE-2023-52269 | MDaemon SecurityGateway through 9.0.3 allows XSS via a crafted Message Content Filtering rule. This ... | E | |
| CVE-2023-52271 | The wsftprm.sys kernel driver 2.0.0.0 in Topaz Antifraud allows low-privileged attackers to kill any... | E | |
| CVE-2023-52274 | member/index/register.html in YzmCMS 6.5 through 7.0 allows XSS via the Referer HTTP header.... | E | |
| CVE-2023-52275 | Gallery3d on Tecno Camon X CA7 devices allows attackers to view hidden images by navigating to data/... | E | |
| CVE-2023-52277 | Royal RoyalTSX before 6.0.2.1 allows attackers to cause a denial of service (Heap Memory Corruption ... | | |
| CVE-2023-52284 | Bytecode Alliance wasm-micro-runtime (aka WebAssembly Micro Runtime or WAMR) before 1.3.0 can have a... | E S | |
| CVE-2023-52285 | ExamSys 9150244 allows SQL Injection via the /Support/action/Pages.php s_score2 parameter.... | E S | |
| CVE-2023-52286 | Tencent tdsqlpcloud through 1.8.5 allows unauthenticated remote attackers to discover database crede... | E | |
| CVE-2023-52288 | An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated direct... | | |
| CVE-2023-52289 | An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated direct... | | |
| CVE-2023-52290 | Apache StreamPark (incubating): Unchecked SQL query fields trigger SQL injection vulnerability | | |
| CVE-2023-52291 | Apache StreamPark (incubating): Unchecked maven build params could trigger remote command execution | | |
| CVE-2023-52292 | IBM Sterling File Gateway cross-site scripting | | |
| CVE-2023-52296 | IBM Db2 for Linux, UNIX and Windows denial of service | | |
| CVE-2023-52302 | Segfault in paddle.nextafter | S | |
| CVE-2023-52303 | Segfault in paddle.put_along_axis | S | |
| CVE-2023-52304 | Stack overflow in paddle.searchsorted | S | |
| CVE-2023-52305 | FPE in paddle.topk | S | |
| CVE-2023-52306 | FPE in paddle.lerp | S | |
| CVE-2023-52307 | Stack overflow in paddle.linalg.lu_unpack | S | |
| CVE-2023-52308 | FPE in paddle.amin | S | |
| CVE-2023-52309 | Heap buffer overflow in paddle.repeat_interleave | S | |
| CVE-2023-52310 | Command injection in get_online_pass_interval | S | |
| CVE-2023-52311 | Command injection in _wget_download | S | |
| CVE-2023-52312 | Null pointer dereference in paddle.crop | S | |
| CVE-2023-52313 | FPE in paddle.argmin and paddle.argmax | S | |
| CVE-2023-52314 | Command injection in convert_shape_compare | S | |
| CVE-2023-52315 | Rejected reason: This CVE Record has been withdrawn by its CNA.... | R | |
| CVE-2023-52316 | Rejected reason: This CVE Record has been withdrawn by its CNA.... | R | |
| CVE-2023-52317 | Rejected reason: This CVE Record has been withdrawn by its CNA.... | R | |
| CVE-2023-52318 | Rejected reason: This CVE Record has been withdrawn by its CNA.... | R | |
| CVE-2023-52319 | Rejected reason: This CVE Record has been withdrawn by its CNA.... | R | |
| CVE-2023-52320 | Rejected reason: This CVE Record has been withdrawn by its CNA.... | R | |
| CVE-2023-52321 | Rejected reason: This CVE Record has been withdrawn by its CNA.... | R | |
| CVE-2023-52322 | ecrire/public/assembler.php in SPIP before 4.1.13 and 4.2.x before 4.2.7 allows XSS because input fr... | S | |
| CVE-2023-52323 | PyCryptodome and pycryptodomex before 3.19.1 allow side-channel leakage for OAEP decryption, exploit... | | |
| CVE-2023-52324 | An unrestricted file upload vulnerability in Trend Micro Apex Central could allow a remote attacker ... | | |
| CVE-2023-52325 | A local file inclusion vulnerability in one of Trend Micro Apex Central's widgets could allow a remo... | | |
| CVE-2023-52326 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scri... | | |
| CVE-2023-52327 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scri... | | |
| CVE-2023-52328 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scri... | | |
| CVE-2023-52329 | Certain dashboard widgets on Trend Micro Apex Central (on-premise) are vulnerable to cross-site scri... | | |
| CVE-2023-52330 | A cross-site scripting vulnerability in Trend Micro Apex Central could allow a remote attacker to ex... | | |
| CVE-2023-52331 | A post-authenticated server-side request forgery (SSRF) vulnerability in Trend Micro Apex Central co... | | |
| CVE-2023-52332 | Allegra serveMathJaxLibraries Directory Traversal Information Disclosure Vulnerability | | |
| CVE-2023-52333 | Allegra saveFile Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-52334 | Allegra downloadAttachmentGlobal Directory Traversal Information Disclosure Vulnerability | | |
| CVE-2023-52335 | Advantech iView ConfigurationServlet SQL Injection Information Disclosure Vulnerability | | |
| CVE-2023-52337 | An improper access control vulnerability in Trend Micro Deep Security 20.0 and Trend Micro Cloud One... | | |
| CVE-2023-52338 | A link following vulnerability in the Trend Micro Deep Security 20.0 and Trend Micro Cloud One - End... | | |
| CVE-2023-52339 | In libebml before 1.4.5, an integer overflow in MemIOCallback.cpp can occur when reading or writing.... | E S | |
| CVE-2023-52340 | The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold tha... | S | |
| CVE-2023-52341 | In Plaintext COUNTER CHECK message accepted before AS security activation, there is a possible missi... | | |
| CVE-2023-52342 | In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This c... | | |
| CVE-2023-52343 | In SecurityCommand message after as security has been actived., there is a possible improper input v... | | |
| CVE-2023-52344 | In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This c... | | |
| CVE-2023-52345 | In modem driver, there is a possible system crash due to improper input validation. This could lead ... | | |
| CVE-2023-52346 | In modem driver, there is a possible system crash due to improper input validation. This could lead ... | | |
| CVE-2023-52347 | In ril service, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2023-52348 | In ril service, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2023-52349 | In ril service, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2023-52350 | In ril service, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2023-52351 | In ril service, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2023-52352 | In Network Adapter Service, there is a possible missing permission check. This could lead to local d... | | |
| CVE-2023-52353 | An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotia... | E S | |
| CVE-2023-52354 | chasquid before 1.13 allows SMTP smuggling because LF-terminated lines are accepted.... | | |
| CVE-2023-52355 | Libtiff: tiffrasterscanlinesize64 produce too-big size and could cause oom | E S | |
| CVE-2023-52356 | Libtiff: segment fault in libtiff in tiffreadrgbatileext() leading to denial of service | S | |
| CVE-2023-52357 | Vulnerability of serialization/deserialization mismatch in the vibration framework.Successful exploi... | | |
| CVE-2023-52358 | Vulnerability of configuration defects in some APIs of the audio module.Successful exploitation of t... | | |
| CVE-2023-52359 | Vulnerability of permission verification in some APIs in the ActivityTaskManagerService module. Impa... | | |
| CVE-2023-52360 | Logic vulnerabilities in the baseband.Successful exploitation of this vulnerability may affect servi... | | |
| CVE-2023-52361 | The VerifiedBoot module has a vulnerability that may cause authentication errors.Successful exploita... | | |
| CVE-2023-52362 | Permission management vulnerability in the lock screen module.Successful exploitation of this vulner... | | |
| CVE-2023-52363 | Vulnerability of defects introduced in the design process in the Control Panel module.Successful exp... | | |
| CVE-2023-52364 | Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful... | | |
| CVE-2023-52365 | Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of... | | |
| CVE-2023-52366 | Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of... | | |
| CVE-2023-52367 | Vulnerability of improper access control in the media library module.Successful exploitation of this... | | |
| CVE-2023-52368 | Input verification vulnerability in the account module.Successful exploitation of this vulnerability... | | |
| CVE-2023-52369 | Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may aff... | | |
| CVE-2023-52370 | Stack overflow vulnerability in the network acceleration module.Successful exploitation of this vuln... | | |
| CVE-2023-52371 | Vulnerability of null references in the motor module.Successful exploitation of this vulnerability m... | | |
| CVE-2023-52372 | Vulnerability of input parameter verification in the motor module.Successful exploitation of this vu... | | |
| CVE-2023-52373 | Vulnerability of permission verification in the content sharing pop-up module.Successful exploitatio... | | |
| CVE-2023-52374 | Permission control vulnerability in the package management module.Successful exploitation of this vu... | | |
| CVE-2023-52375 | Permission control vulnerability in the WindowManagerServices module.Successful exploitation of this... | | |
| CVE-2023-52376 | Information management vulnerability in the Gallery module.Successful exploitation of this vulnerabi... | | |
| CVE-2023-52377 | Vulnerability of input data not being verified in the cellular data module.Successful exploitation o... | | |
| CVE-2023-52378 | Vulnerability of incorrect service logic in the WindowManagerServices module.Successful exploitation... | | |
| CVE-2023-52379 | Permission control vulnerability in the calendarProvider module.Successful exploitation of this vuln... | | |
| CVE-2023-52380 | Vulnerability of improper access control in the email module.Successful exploitation of this vulnera... | | |
| CVE-2023-52381 | Script injection vulnerability in the email module.Successful exploitation of this vulnerability may... | | |
| CVE-2023-52382 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52383 | Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability w... | | |
| CVE-2023-52384 | Double-free vulnerability in the RSMC module Impact: Successful exploitation of this vulnerability w... | | |
| CVE-2023-52385 | Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulner... | | |
| CVE-2023-52386 | Out-of-bounds write vulnerability in the RSMC module. Impact: Successful exploitation of this vulner... | | |
| CVE-2023-52387 | Resource reuse vulnerability in the GPU module. Successful exploitation of this vulnerability may af... | | |
| CVE-2023-52388 | Permission control vulnerability in the clock module. Impact: Successful exploitation of this vulner... | | |
| CVE-2023-52389 | UTF32Encoding.cpp in POCO has a Poco::UTF32Encoding integer overflow and resultant stack buffer over... | S | |
| CVE-2023-52392 | Rejected reason: This is unused.... | R | |
| CVE-2023-52395 | Rejected reason: This is unused.... | R | |
| CVE-2023-52396 | Rejected reason: This is unused.... | R | |
| CVE-2023-52398 | Rejected reason: This is unused.... | R | |
| CVE-2023-52399 | Rejected reason: This is unused.... | R | |
| CVE-2023-52424 | The IEEE 802.11 standard sometimes enables an adversary to trick a victim into connecting to an unin... | | |
| CVE-2023-52425 | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsing... | E | |
| CVE-2023-52426 | libexpat through 2.5.0 allows recursive XML Entity Expansion if XML_DTD is undefined at compile time... | S | |
| CVE-2023-52427 | In OpenDDS through 3.27, there is a segmentation fault for a DataWriter with a large value of resour... | E | |
| CVE-2023-52428 | In Connect2id Nimbus JOSE+JWT before 9.37.2, an attacker can cause a denial of service (resource con... | S | |
| CVE-2023-52429 | dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_... | S | |
| CVE-2023-52430 | The caddy-security plugin 1.1.20 for Caddy allows reflected XSS via a GET request to a URL that cont... | | |
| CVE-2023-52431 | The Plack::Middleware::XSRFBlock package before 0.0.19 for Perl allows attackers to bypass a CSRF pr... | | |
| CVE-2023-52432 | Improper input validation in IpcTxSndSetLoopbackCtrl in libsec-ril prior to SMR Sep-2023 Release 1 a... | | |
| CVE-2023-52433 | netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction | S | |
| CVE-2023-52434 | smb: client: fix potential OOBs in smb2_parse_contexts() | S | |
| CVE-2023-52435 | net: prevent mss overflow in skb_segment() | S | |
| CVE-2023-52436 | f2fs: explicitly null-terminate the xattr list | S | |
| CVE-2023-52437 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52438 | binder: fix use-after-free in shinker's callback | S | |
| CVE-2023-52439 | uio: Fix use-after-free in uio_open | S | |
| CVE-2023-52440 | ksmbd: fix slub overflow in ksmbd_decode_ntlmssp_auth_blob() | S | |
| CVE-2023-52441 | ksmbd: fix out of bounds in init_smb2_rsp_hdr() | S | |
| CVE-2023-52442 | ksmbd: validate session id and tree id in compound request | S | |
| CVE-2023-52443 | apparmor: avoid crash when parsed profile name is empty | S | |
| CVE-2023-52444 | f2fs: fix to avoid dirent corruption | S | |
| CVE-2023-52445 | media: pvrusb2: fix use after free on context disconnection | S | |
| CVE-2023-52446 | bpf: Fix a race condition between btf_put() and map_free() | S | |
| CVE-2023-52447 | bpf: Defer the free of inner map when necessary | S | |
| CVE-2023-52448 | gfs2: Fix kernel NULL pointer dereference in gfs2_rgrp_dump | S | |
| CVE-2023-52449 | mtd: Fix gluebi NULL pointer dereference caused by ftl notifier | S | |
| CVE-2023-52450 | perf/x86/intel/uncore: Fix NULL pointer dereference issue in upi_fill_topology() | S | |
| CVE-2023-52451 | powerpc/pseries/memhp: Fix access beyond end of drmem array | S | |
| CVE-2023-52452 | bpf: Fix accesses to uninit stack slots | S | |
| CVE-2023-52453 | hisi_acc_vfio_pci: Update migration data pointer correctly on saving/resume | S | |
| CVE-2023-52454 | nvmet-tcp: Fix a kernel panic when host sends an invalid H2C PDU length | S | |
| CVE-2023-52455 | iommu: Don't reserve 0-length IOVA region | S | |
| CVE-2023-52456 | serial: imx: fix tx statemachine deadlock | S | |
| CVE-2023-52457 | serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed | S | |
| CVE-2023-52458 | block: add check that partition length needs to be aligned with block size | S | |
| CVE-2023-52459 | media: v4l: async: Fix duplicated list deletion | S | |
| CVE-2023-52460 | drm/amd/display: Fix NULL pointer dereference at hibernate | S | |
| CVE-2023-52461 | drm/sched: Fix bounds limiting when given a malformed entity | S | |
| CVE-2023-52462 | bpf: fix check for attempt to corrupt spilled pointer | S | |
| CVE-2023-52463 | efivarfs: force RO when remounting if SetVariable is not supported | S | |
| CVE-2023-52464 | EDAC/thunderx: Fix possible out-of-bounds string access | S | |
| CVE-2023-52465 | power: supply: Fix null pointer dereference in smb2_probe | S | |
| CVE-2023-52466 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52467 | mfd: syscon: Fix null pointer dereference in of_syscon_register() | S | |
| CVE-2023-52468 | class: fix use-after-free in class_register() | S | |
| CVE-2023-52469 | drivers/amd/pm: fix a use-after-free in kv_parse_power_table | S | |
| CVE-2023-52470 | drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() | S | |
| CVE-2023-52471 | ice: Fix some null pointer dereference issues in ice_ptp.c | S | |
| CVE-2023-52472 | crypto: rsa - add a check for allocation failure | S | |
| CVE-2023-52473 | thermal: core: Fix NULL pointer dereference in zone registration error path | S | |
| CVE-2023-52474 | IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests | S | |
| CVE-2023-52475 | Input: powermate - fix use-after-free in powermate_config_complete | S | |
| CVE-2023-52476 | perf/x86/lbr: Filter vsyscall addresses | S | |
| CVE-2023-52477 | usb: hub: Guard against accesses to uninitialized BOS descriptors | S | |
| CVE-2023-52478 | HID: logitech-hidpp: Fix kernel crash on receiver USB disconnect | S | |
| CVE-2023-52479 | ksmbd: fix uaf in smb20_oplock_break_ack | S | |
| CVE-2023-52480 | ksmbd: fix race condition between session lookup and expire | S | |
| CVE-2023-52481 | arm64: errata: Add Cortex-A520 speculative unprivileged load workaround | S | |
| CVE-2023-52482 | x86/srso: Add SRSO mitigation for Hygon processors | S | |
| CVE-2023-52483 | mctp: perform route lookups under a RCU read-side lock | S | |
| CVE-2023-52484 | iommu/arm-smmu-v3: Fix soft lockup triggered by arm_smmu_mm_invalidate_range | S | |
| CVE-2023-52485 | drm/amd/display: Wake DMCUB before sending a command | S | |
| CVE-2023-52486 | drm: Don't unref the same fb many times by mistake due to deadlock handling | S | |
| CVE-2023-52487 | net/mlx5e: Fix peer flow lists handling | S | |
| CVE-2023-52488 | serial: sc16is7xx: convert from _raw_ to _noinc_ regmap functions for FIFO | S | |
| CVE-2023-52489 | mm/sparsemem: fix race in accessing memory_section->usage | E S | |
| CVE-2023-52490 | mm: migrate: fix getting incorrect page mapping during page migration | S | |
| CVE-2023-52491 | media: mtk-jpeg: Fix use after free bug due to error path handling in mtk_jpeg_dec_device_run | S | |
| CVE-2023-52492 | dmaengine: fix NULL pointer in channel unregistration function | S | |
| CVE-2023-52493 | bus: mhi: host: Drop chan lock before queuing buffers | S | |
| CVE-2023-52494 | bus: mhi: host: Add alignment check for event ring read pointer | S | |
| CVE-2023-52495 | soc: qcom: pmic_glink_altmode: fix port sanity check | S | |
| CVE-2023-52496 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52497 | erofs: fix lz4 inplace decompression | S | |
| CVE-2023-52498 | PM: sleep: Fix possible deadlocks in core system-wide PM code | S | |
| CVE-2023-52499 | powerpc/47x: Fix 47x syscall return crash | S | |
| CVE-2023-52500 | scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command | S | |
| CVE-2023-52501 | ring-buffer: Do not attempt to read past "commit" | S | |
| CVE-2023-52502 | net: nfc: fix races in nfc_llcp_sock_get() and nfc_llcp_sock_get_sn() | S | |
| CVE-2023-52503 | tee: amdtee: fix use-after-free vulnerability in amdtee_close_session | S | |
| CVE-2023-52504 | x86/alternatives: Disable KASAN in apply_alternatives() | S | |
| CVE-2023-52505 | phy: lynx-28g: serialize concurrent phy_set_mode_ext() calls to shared registers | S | |
| CVE-2023-52506 | LoongArch: Set all reserved memblocks on Node#0 at initialization | S | |
| CVE-2023-52507 | nfc: nci: assert requested protocol is valid | S | |
| CVE-2023-52508 | nvme-fc: Prevent null pointer dereference in nvme_fc_io_getuuid() | S | |
| CVE-2023-52509 | ravb: Fix use-after-free issue in ravb_tx_timeout_work() | S | |
| CVE-2023-52510 | ieee802154: ca8210: Fix a potential UAF in ca8210_probe | S | |
| CVE-2023-52511 | spi: sun6i: reduce DMA RX transfer width to single byte | S | |
| CVE-2023-52512 | pinctrl: nuvoton: wpcm450: fix out of bounds write | S | |
| CVE-2023-52513 | RDMA/siw: Fix connection failure handling | S | |
| CVE-2023-52514 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52515 | RDMA/srp: Do not call scsi_done() from srp_abort() | S | |
| CVE-2023-52516 | dma-debug: don't call __dma_entry_alloc_check_leak() under free_entries_lock | S | |
| CVE-2023-52517 | spi: sun6i: fix race between DMA RX transfer completion and RX FIFO drain | S | |
| CVE-2023-52518 | Bluetooth: hci_codec: Fix leaking content of local_codecs | S | |
| CVE-2023-52519 | HID: intel-ish-hid: ipc: Disable and reenable ACPI GPE bit | S | |
| CVE-2023-52520 | platform/x86: think-lmi: Fix reference leak | S | |
| CVE-2023-52521 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52522 | net: fix possible store tearing in neigh_periodic_work() | | |
| CVE-2023-52523 | bpf, sockmap: Reject sk_msg egress redirects to non-TCP sockets | S | |
| CVE-2023-52524 | net: nfc: llcp: Add lock when modifying device list | S | |
| CVE-2023-52525 | wifi: mwifiex: Fix oob check condition in mwifiex_process_rx_packet | S | |
| CVE-2023-52526 | erofs: fix memory leak of LZMA global compressed deduplication | S | |
| CVE-2023-52527 | ipv4, ipv6: Fix handling of transhdrlen in __ip{,6}_append_data() | S | |
| CVE-2023-52528 | net: usb: smsc75xx: Fix uninit-value access in __smsc75xx_read_reg | S | |
| CVE-2023-52529 | HID: sony: Fix a potential memory leak in sony_probe() | S | |
| CVE-2023-52530 | wifi: mac80211: fix potential key use-after-free | S | |
| CVE-2023-52531 | wifi: iwlwifi: mvm: Fix a memory corruption issue | S | |
| CVE-2023-52532 | net: mana: Fix TX CQE error handling | S | |
| CVE-2023-52533 | In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This c... | | |
| CVE-2023-52534 | In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to ... | | |
| CVE-2023-52535 | In vsp driver, there is a possible missing verification incorrect input. This could lead to local de... | | |
| CVE-2023-52536 | In faceid service, there is a possible out of bounds read due to a missing bounds check. This could ... | | |
| CVE-2023-52537 | Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful ex... | | |
| CVE-2023-52538 | Vulnerability of package name verification being bypassed in the HwIms module. Impact: Successful ex... | | |
| CVE-2023-52539 | Permission verification vulnerability in the Settings module. Impact: Successful exploitation of thi... | | |
| CVE-2023-52540 | Vulnerability of improper authentication in the Iaware module. Impact: Successful exploitation of th... | | |
| CVE-2023-52541 | Authentication vulnerability in the API for app pre-loading. Impact: Successful exploitation of this... | | |
| CVE-2023-52542 | Permission verification vulnerability in the system module. Impact: Successful exploitation of this ... | | |
| CVE-2023-52543 | Permission verification vulnerability in the system module. Impact: Successful exploitation of this ... | | |
| CVE-2023-52544 | Vulnerability of file path verification being bypassed in the email module. Impact: Successful explo... | | |
| CVE-2023-52545 | Vulnerability of undefined permissions in the Calendar app. Impact: Successful exploitation of this ... | | |
| CVE-2023-52546 | Vulnerability of package name verification being bypassed in the Calendar app. Impact: Successful ex... | | |
| CVE-2023-52547 | Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword S... | | |
| CVE-2023-52548 | Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of Thi... | | |
| CVE-2023-52549 | Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of t... | | |
| CVE-2023-52550 | Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of t... | | |
| CVE-2023-52551 | Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of t... | | |
| CVE-2023-52552 | Input verification vulnerability in the power module. Impact: Successful exploitation of this vulner... | | |
| CVE-2023-52553 | Race condition vulnerability in the Wi-Fi module. Impact: Successful exploitation of this vulnerabil... | | |
| CVE-2023-52554 | Permission control vulnerability in the Bluetooth module. Impact: Successful exploitation of this vu... | | |
| CVE-2023-52555 | In mongo-express 1.0.2, /admin allows CSRF, as demonstrated by deletion of a Collection.... | E | |
| CVE-2023-52556 | OpenBSD 7.4 pf state race condition kernel crash | | |
| CVE-2023-52557 | OpenBSD 7.3 invalid l2tp message npppd crash | | |
| CVE-2023-52558 | OpenBSD 7.4 and 7.3 m_split() network buffer kernel crash | | |
| CVE-2023-52559 | iommu/vt-d: Avoid memory allocation in iommu_suspend() | S | |
| CVE-2023-52560 | mm/damon/vaddr-test: fix memory leak in damon_do_test_apply_three_regions() | S | |
| CVE-2023-52561 | arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved | S | |
| CVE-2023-52562 | mm/slab_common: fix slab_caches list corruption after kmem_cache_destroy() | S | |
| CVE-2023-52563 | drm/meson: fix memory leak on ->hpd_notify callback | S | |
| CVE-2023-52564 | Revert "tty: n_gsm: fix UAF in gsm_cleanup_mux" | S | |
| CVE-2023-52565 | media: uvcvideo: Fix OOB read | S | |
| CVE-2023-52566 | nilfs2: fix potential use after free in nilfs_gccache_submit_read_data() | S | |
| CVE-2023-52567 | serial: 8250_port: Check IRQ data before use | S | |
| CVE-2023-52568 | x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race | S | |
| CVE-2023-52569 | btrfs: remove BUG() after failure to insert delayed dir index item | S | |
| CVE-2023-52570 | vfio/mdev: Fix a null-ptr-deref bug for mdev_unregister_parent() | S | |
| CVE-2023-52571 | power: supply: rk817: Fix node refcount leak | S | |
| CVE-2023-52572 | cifs: Fix UAF in cifs_demultiplex_thread() | S | |
| CVE-2023-52573 | net: rds: Fix possible NULL-pointer dereference | S | |
| CVE-2023-52574 | team: fix null-ptr-deref when team device type is changed | S | |
| CVE-2023-52575 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52576 | x86/mm, kexec, ima: Use memblock_free_late() from ima_free_kexec_buffer() | S | |
| CVE-2023-52577 | dccp: fix dccp_v4_err()/dccp_v6_err() again | S | |
| CVE-2023-52578 | net: bridge: use DEV_STATS_INC() | S | |
| CVE-2023-52579 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52580 | net/core: Fix ETH_P_1588 flow dissector | S | |
| CVE-2023-52581 | netfilter: nf_tables: fix memleak when more than 255 elements expired | S | |
| CVE-2023-52582 | netfs: Only call folio_start_fscache() one time for each folio | S | |
| CVE-2023-52583 | ceph: fix deadlock or deadcode of misusing dget() | S | |
| CVE-2023-52584 | spmi: mediatek: Fix UAF on device remove | S | |
| CVE-2023-52585 | drm/amdgpu: Fix possible NULL dereference in amdgpu_ras_query_error_status_helper() | S | |
| CVE-2023-52586 | drm/msm/dpu: Add mutex lock in control vblank irq | S | |
| CVE-2023-52587 | IB/ipoib: Fix mcast list locking | E S | |
| CVE-2023-52588 | f2fs: fix to tag gcing flag on page during block migration | S | |
| CVE-2023-52589 | media: rkisp1: Fix IRQ disable race issue | S | |
| CVE-2023-52590 | ocfs2: Avoid touching renamed directory if parent does not change | S | |
| CVE-2023-52591 | reiserfs: Avoid touching renamed directory if parent does not change | S | |
| CVE-2023-52592 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52593 | wifi: wfx: fix possible NULL pointer dereference in wfx_set_mfp_ap() | S | |
| CVE-2023-52594 | wifi: ath9k: Fix potential array-index-out-of-bounds read in ath9k_htc_txstatus() | S | |
| CVE-2023-52595 | wifi: rt2x00: restart beacon queue when hardware reset | S | |
| CVE-2023-52596 | sysctl: Fix out of bounds access for empty sysctl registers | S | |
| CVE-2023-52597 | KVM: s390: fix setting of fpc register | S | |
| CVE-2023-52598 | s390/ptrace: handle setting of fpc register correctly | S | |
| CVE-2023-52599 | jfs: fix array-index-out-of-bounds in diNewExt | S | |
| CVE-2023-52600 | jfs: fix uaf in jfs_evict_inode | S | |
| CVE-2023-52601 | jfs: fix array-index-out-of-bounds in dbAdjTree | S | |
| CVE-2023-52602 | jfs: fix slab-out-of-bounds Read in dtSearch | S | |
| CVE-2023-52603 | UBSAN: array-index-out-of-bounds in dtSplitRoot | S | |
| CVE-2023-52604 | FS:JFS:UBSAN:array-index-out-of-bounds in dbAdjTree | S | |
| CVE-2023-52605 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52606 | powerpc/lib: Validate size for vector operations | S | |
| CVE-2023-52607 | powerpc/mm: Fix null-pointer dereference in pgtable_cache_add | S | |
| CVE-2023-52608 | firmware: arm_scmi: Check mailbox/SMT channel for consistency | S | |
| CVE-2023-52609 | binder: fix race between mmput() and do_exit() | S | |
| CVE-2023-52610 | net/sched: act_ct: fix skb leak and crash on ooo frags | S | |
| CVE-2023-52611 | wifi: rtw88: sdio: Honor the host max_req_size in the RX path | S | |
| CVE-2023-52612 | crypto: scomp - fix req->dst buffer overflow | S | |
| CVE-2023-52613 | drivers/thermal/loongson2_thermal: Fix incorrect PTR_ERR() judgment | S | |
| CVE-2023-52614 | PM / devfreq: Fix buffer overflow in trans_stat_show | S | |
| CVE-2023-52615 | hwrng: core - Fix page fault dead lock on mmap-ed hwrng | S | |
| CVE-2023-52616 | crypto: lib/mpi - Fix unexpected pointer access in mpi_ec_init | S | |
| CVE-2023-52617 | PCI: switchtec: Fix stdev_release() crash after surprise hot remove | S | |
| CVE-2023-52618 | block/rnbd-srv: Check for unlikely string overflow | S | |
| CVE-2023-52619 | pstore/ram: Fix crash when setting number of cpus to an odd number | S | |
| CVE-2023-52620 | netfilter: nf_tables: disallow timeout for anonymous sets | | |
| CVE-2023-52621 | bpf: Check rcu_read_lock_trace_held() before calling bpf map helpers | S | |
| CVE-2023-52622 | ext4: avoid online resizing failures due to oversized flex bg | S | |
| CVE-2023-52623 | SUNRPC: Fix a suspicious RCU usage warning | | |
| CVE-2023-52624 | drm/amd/display: Wake DMCUB before executing GPINT commands | S | |
| CVE-2023-52625 | drm/amd/display: Refactor DMCUB enter/exit idle interface | S | |
| CVE-2023-52626 | net/mlx5e: Fix operation precedence bug in port timestamping napi_poll context | S | |
| CVE-2023-52627 | iio: adc: ad7091r: Allow users to configure device events | S | |
| CVE-2023-52628 | netfilter: nftables: exthdr: fix 4-byte stack OOB write | S | |
| CVE-2023-52629 | sh: push-switch: Reorder cleanup operations to avoid use-after-free bug | S | |
| CVE-2023-52630 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52631 | fs/ntfs3: Fix an NULL dereference bug | S | |
| CVE-2023-52632 | drm/amdkfd: Fix lock dependency warning with srcu | S | |
| CVE-2023-52633 | um: time-travel: fix time corruption | S | |
| CVE-2023-52634 | drm/amd/display: Fix disable_otg_wa logic | S | |
| CVE-2023-52635 | PM / devfreq: Synchronize devfreq_monitor_[start/stop] | S | |
| CVE-2023-52636 | libceph: just wait for more data to be available on the socket | S | |
| CVE-2023-52637 | can: j1939: Fix UAF in j1939_sk_match_filter during setsockopt(SO_J1939_FILTER) | S | |
| CVE-2023-52638 | can: j1939: prevent deadlock by changing j1939_socks_lock to rwlock | S | |
| CVE-2023-52639 | KVM: s390: vsie: fix race during shadow creation | S | |
| CVE-2023-52640 | fs/ntfs3: Fix oob in ntfs_listxattr | S | |
| CVE-2023-52641 | fs/ntfs3: Add NULL ptr dereference checking at the end of attr_allocate_frame() | S | |
| CVE-2023-52642 | media: rc: bpf attach/detach requires write permission | S | |
| CVE-2023-52643 | iio: core: fix memleak in iio_device_register_sysfs | S | |
| CVE-2023-52644 | wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled | S | |
| CVE-2023-52645 | pmdomain: mediatek: fix race conditions with genpd | S | |
| CVE-2023-52646 | aio: fix mremap after fork null-deref | S | |
| CVE-2023-52647 | media: nxp: imx8-isi: Check whether crossbar pad is non-NULL before access | | |
| CVE-2023-52648 | drm/vmwgfx: Unmap the surface before resetting it on a plane state | | |
| CVE-2023-52649 | drm/vkms: Avoid reading beyond LUT array | S | |
| CVE-2023-52650 | drm/tegra: dsi: Add missing check for of_find_device_by_node | S | |
| CVE-2023-52651 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52652 | NTB: fix possible name leak in ntb_register_device() | | |
| CVE-2023-52653 | SUNRPC: fix a memleak in gss_import_v2_context | S | |
| CVE-2023-52654 | io_uring/af_unix: disable sending io_uring over sockets | | |
| CVE-2023-52655 | usb: aqc111: check packet for fixup for true limit | | |
| CVE-2023-52656 | io_uring: drop any code related to SCM_RIGHTS | | |
| CVE-2023-52657 | Revert "drm/amd/pm: resolve reboot exception for si oland" | | |
| CVE-2023-52658 | Revert "net/mlx5: Block entering switchdev mode with ns inconsistency" | | |
| CVE-2023-52659 | x86/mm: Ensure input to pfn_to_kaddr() is treated as a 64-bit type | | |
| CVE-2023-52660 | media: rkisp1: Fix IRQ handling due to shared interrupts | | |
| CVE-2023-52661 | drm/tegra: rgb: Fix missing clk_put() in the error handling paths of tegra_dc_rgb_probe() | | |
| CVE-2023-52662 | drm/vmwgfx: fix a memleak in vmw_gmrid_man_get_node | S | |
| CVE-2023-52663 | ASoC: SOF: amd: Fix memory leak in amd_sof_acp_probe() | S | |
| CVE-2023-52664 | net: atlantic: eliminate double free in error handling logic | S | |
| CVE-2023-52665 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52666 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52667 | net/mlx5e: fix a potential double-free in fs_any_create_groups | S | |
| CVE-2023-52668 | btrfs: zoned: fix lock ordering in btrfs_zone_activate() | | |
| CVE-2023-52669 | crypto: s390/aes - Fix buffer overread in CTR mode | | |
| CVE-2023-52670 | rpmsg: virtio: Free driver_override when rpmsg_remove() | | |
| CVE-2023-52671 | drm/amd/display: Fix hang/underflow when transitioning to ODM4:1 | | |
| CVE-2023-52672 | pipe: wakeup wr_wait after setting max_usage | | |
| CVE-2023-52673 | drm/amd/display: Fix a debugfs null pointer error | | |
| CVE-2023-52674 | ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() | S | |
| CVE-2023-52675 | powerpc/imc-pmu: Add a null pointer check in update_events_in_group() | S | |
| CVE-2023-52676 | bpf: Guard stack limits against 32bit overflow | | |
| CVE-2023-52677 | riscv: Check if the code to patch lies in the exit section | | |
| CVE-2023-52678 | drm/amdkfd: Confirm list is non-empty before utilizing list_first_entry in kfd_topology.c | | |
| CVE-2023-52679 | of: Fix double free in of_parse_phandle_with_args_map | S | |
| CVE-2023-52680 | ALSA: scarlett2: Add missing error checks to *_ctl_get() | | |
| CVE-2023-52681 | efivarfs: Free s_fs_info on unmount | | |
| CVE-2023-52682 | f2fs: fix to wait on block writeback for post_read case | | |
| CVE-2023-52683 | ACPI: LPIT: Avoid u32 multiplication overflow | | |
| CVE-2023-52684 | firmware: qcom: qseecom: fix memory leaks in error paths | S | |
| CVE-2023-52685 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52686 | powerpc/powernv: Add a null pointer check in opal_event_init() | S | |
| CVE-2023-52687 | crypto: safexcel - Add error handling for dma_map_sg() calls | | |
| CVE-2023-52688 | wifi: ath12k: fix the error handler of rfkill config | | |
| CVE-2023-52689 | ALSA: scarlett2: Add missing mutex lock around get meter levels | | |
| CVE-2023-52690 | powerpc/powernv: Add a null pointer check to scom_debug_init_one() | S | |
| CVE-2023-52691 | drm/amd/pm: fix a double-free in si_dpm_init | S | |
| CVE-2023-52692 | ALSA: scarlett2: Add missing error check to scarlett2_usb_set_config() | | |
| CVE-2023-52693 | ACPI: video: check for error while searching for backlight device parent | | |
| CVE-2023-52694 | drm/bridge: tpd12s015: Drop buggy __exit annotation for remove function | | |
| CVE-2023-52695 | drm/amd/display: Check writeback connectors in create_validate_stream_for_sink | | |
| CVE-2023-52696 | powerpc/powernv: Add a null pointer check in opal_powercap_init() | S | |
| CVE-2023-52697 | ASoC: Intel: sof_sdw_rt_sdca_jack_common: ctx->headset_codec_dev = NULL | | |
| CVE-2023-52698 | calipso: fix memory leak in netlbl_calipso_add_pass() | S | |
| CVE-2023-52699 | sysv: don't call sb_bread() with pointers_lock held | S | |
| CVE-2023-52700 | tipc: fix kernel warning when sending SYN message | | |
| CVE-2023-52701 | net: use a bounce buffer for copying skb->mark | | |
| CVE-2023-52702 | net: openvswitch: fix possible memory leak in ovs_meter_cmd_set() | S | |
| CVE-2023-52703 | net/usb: kalmia: Don't pass act_len in usb_bulk_msg error path | | |
| CVE-2023-52704 | freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL | | |
| CVE-2023-52705 | nilfs2: fix underflow in second superblock position calculations | S | |
| CVE-2023-52706 | gpio: sim: fix a memory leak | S | |
| CVE-2023-52707 | sched/psi: Fix use-after-free in ep_remove_wait_queue() | S | |
| CVE-2023-52708 | mmc: mmc_spi: fix error handling in mmc_spi_probe() | S | |
| CVE-2023-52710 | Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26), As the communication buffer size hasn’t been pro... | | |
| CVE-2023-52711 | Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to by... | | |
| CVE-2023-52712 | Various Issues Due To Exposed SMI Handler in AmdPspP2CmboxV2. The first issue can be leveraged to by... | | |
| CVE-2023-52713 | Vulnerability of improper permission control in the window management module. Impact: Successful exp... | | |
| CVE-2023-52714 | Vulnerability of defects introduced in the design process in the hwnff module. Impact: Successful ex... | | |
| CVE-2023-52715 | The SystemUI module has a vulnerability in permission management. Impact: Successful exploitation of... | | |
| CVE-2023-52716 | Vulnerability of starting activities in the background in the ActivityManagerService (AMS) module. I... | | |
| CVE-2023-52717 | Permission verification vulnerability in the lock screen module. Impact: Successful exploitation of ... | | |
| CVE-2023-52718 | A connection hijacking vulnerability exists in some Huawei home routers. Successful exploitation of ... | | |
| CVE-2023-52719 | Privilege escalation vulnerability in the PMS module Impact: Successful exploitation of this vulnera... | | |
| CVE-2023-52720 | Race condition vulnerability in the soundtrigger module Impact: Successful exploitation of this vuln... | | |
| CVE-2023-52721 | The WindowManager module has a vulnerability in permission control. Impact: Successful exploitation ... | | |
| CVE-2023-52722 | An issue was discovered in Artifex Ghostscript before 10.03.1. psi/zmisc1.c, when SAFER mode is used... | | |
| CVE-2023-52723 | In KDE libksieve before 23.03.80, kmanagesieve/session.cpp places a cleartext password in server log... | | |
| CVE-2023-52724 | Open Networking Foundation SD-RAN onos-kpimon 0.4.7 allows out-of-bounds array access in the process... | | |
| CVE-2023-52725 | Open Networking Foundation SD-RAN ONOS onos-kpimon 0.4.7 allows blocking of the errCh channel within... | | |
| CVE-2023-52726 | Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition of the proc... | | |
| CVE-2023-52727 | Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in... | | |
| CVE-2023-52728 | Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in... | | |
| CVE-2023-52729 | TCPServer.cpp in SimpleNetwork through 29bc615 has an off-by-one error that causes a buffer overflow... | | |
| CVE-2023-52730 | mmc: sdio: fix possible resource leaks in some error paths | | |
| CVE-2023-52731 | fbdev: Fix invalid page access after closing deferred I/O devices | | |
| CVE-2023-52732 | ceph: blocklist the kclient when receiving corrupted snap trace | | |
| CVE-2023-52733 | s390/decompressor: specify __decompress() buf len to avoid overflow | S | |
| CVE-2023-52734 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52735 | bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself | S | |
| CVE-2023-52736 | ALSA: hda: Do not unset preset when cleaning up codec | | |
| CVE-2023-52737 | btrfs: lock the inode in shared mode before starting fiemap | S | |
| CVE-2023-52738 | drm/amdgpu/fence: Fix oops due to non-matching drm_sched init/fini | S | |
| CVE-2023-52739 | Fix page corruption caused by racy check in __free_pages | | |
| CVE-2023-52740 | powerpc/64s/interrupt: Fix interrupt exit race with security mitigation switch | | |
| CVE-2023-52741 | cifs: Fix use-after-free in rdata->read_into_pages() | S | |
| CVE-2023-52742 | net: USB: Fix wrong-direction WARNING in plusb.c | | |
| CVE-2023-52743 | ice: Do not use WQ_MEM_RECLAIM flag for workqueue | | |
| CVE-2023-52744 | RDMA/irdma: Fix potential NULL-ptr-dereference | S | |
| CVE-2023-52745 | IB/IPoIB: Fix legacy IPoIB due to wrong number of queues | S | |
| CVE-2023-52746 | xfrm/compat: prevent potential spectre v1 gadget in xfrm_xlate32_attr() | S | |
| CVE-2023-52747 | IB/hfi1: Restore allocated resources on failed copyout | | |
| CVE-2023-52748 | f2fs: avoid format-overflow warning | | |
| CVE-2023-52749 | spi: Fix null dereference on suspend | S | |
| CVE-2023-52750 | arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer | | |
| CVE-2023-52751 | smb: client: fix use-after-free in smb2_query_info_compound() | S | |
| CVE-2023-52752 | smb: client: fix use-after-free bug in cifs_debug_data_proc_show() | S | |
| CVE-2023-52753 | drm/amd/display: Avoid NULL dereference of timing generator | S | |
| CVE-2023-52754 | media: imon: fix access to invalid resource for the second interface | | |
| CVE-2023-52755 | ksmbd: fix slab out of bounds write in smb_inherit_dacl() | S | |
| CVE-2023-52756 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52757 | smb: client: fix potential deadlock when releasing mids | S | |
| CVE-2023-52758 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52759 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52760 | gfs2: Fix slab-use-after-free in gfs2_qd_dealloc | S | |
| CVE-2023-52761 | riscv: VMAP_STACK overflow detection thread-safe | | |
| CVE-2023-52762 | virtio-blk: fix implicit overflow on virtio_max_dma_size | | |
| CVE-2023-52763 | i3c: master: mipi-i3c-hci: Fix a kernel panic for accessing DAT_data. | | |
| CVE-2023-52764 | media: gspca: cpia1: shift-out-of-bounds in set_flicker | | |
| CVE-2023-52765 | mfd: qcom-spmi-pmic: Fix revid implementation | S | |
| CVE-2023-52766 | i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler | S | |
| CVE-2023-52767 | tls: fix NULL deref on tls_sw_splice_eof() with empty record | S | |
| CVE-2023-52768 | wifi: wilc1000: use vmm_table as array in wilc struct | S | |
| CVE-2023-52769 | wifi: ath12k: fix htt mlo-offset event locking | S | |
| CVE-2023-52770 | f2fs: split initial and dynamic conditions for extent_cache | S | |
| CVE-2023-52771 | cxl/port: Fix delete_endpoint() vs parent unregistration race | | |
| CVE-2023-52772 | af_unix: fix use-after-free in unix_stream_read_actor() | S | |
| CVE-2023-52773 | drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer() | S | |
| CVE-2023-52774 | s390/dasd: protect device queue against concurrent access | | |
| CVE-2023-52775 | net/smc: avoid data corruption caused by decline | | |
| CVE-2023-52776 | wifi: ath12k: fix dfs-radar and temperature event locking | S | |
| CVE-2023-52777 | wifi: ath11k: fix gtk offload status event locking | S | |
| CVE-2023-52778 | mptcp: deal with large GSO size | | |
| CVE-2023-52779 | fs: Pass AT_GETATTR_NOSEC flag to getattr interface function | S | |
| CVE-2023-52780 | net: mvneta: fix calls to page_pool_get_stats | S | |
| CVE-2023-52781 | usb: config: fix iteration issue in 'usb_get_bos_descriptor()' | | |
| CVE-2023-52782 | net/mlx5e: Track xmit submission to PTP WQ after populating metadata map | S | |
| CVE-2023-52783 | net: wangxun: fix kernel panic due to null pointer | S | |
| CVE-2023-52784 | bonding: stop the device in bond_setup_by_slave() | | |
| CVE-2023-52785 | scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR | S | |
| CVE-2023-52786 | ext4: fix racy may inline data check in dio write | | |
| CVE-2023-52787 | blk-mq: make sure active queue usage is held for bio_integrity_prep() | | |
| CVE-2023-52788 | i915/perf: Fix NULL deref bugs with drm_dbg() calls | S | |
| CVE-2023-52789 | tty: vcc: Add check for kstrdup() in vcc_probe() | S | |
| CVE-2023-52790 | swiotlb: fix out-of-bounds TLB allocations with CONFIG_SWIOTLB_DYNAMIC | | |
| CVE-2023-52791 | i2c: core: Run atomic i2c xfer when !preemptible | | |
| CVE-2023-52792 | cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails | | |
| CVE-2023-52793 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52794 | thermal: intel: powerclamp: fix mismatch in get function for max_idle | S | |
| CVE-2023-52795 | vhost-vdpa: fix use after free in vhost_vdpa_probe() | S | |
| CVE-2023-52796 | ipvlan: add ipvlan_route_v6_outbound() helper | | |
| CVE-2023-52797 | drivers: perf: Check find_first_bit() return value | | |
| CVE-2023-52798 | wifi: ath11k: fix dfs radar event locking | S | |
| CVE-2023-52799 | jfs: fix array-index-out-of-bounds in dbFindLeaf | S | |
| CVE-2023-52800 | wifi: ath11k: fix htt pktlog locking | S | |
| CVE-2023-52801 | iommufd: Fix missing update of domains_itree after splitting iopt_area | S | |
| CVE-2023-52802 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52803 | SUNRPC: Fix RPC client cleaned up the freed pipefs dentries | | |
| CVE-2023-52804 | fs/jfs: Add validity check for db_maxag and db_agpref | | |
| CVE-2023-52805 | jfs: fix array-index-out-of-bounds in diAlloc | S | |
| CVE-2023-52806 | ALSA: hda: Fix possible null-ptr-deref when assigning a stream | S | |
| CVE-2023-52807 | net: hns3: fix out-of-bounds access may occur when coalesce info is read via debugfs | S | |
| CVE-2023-52808 | scsi: hisi_sas: Set debugfs_dir pointer to NULL after removing debugfs | S | |
| CVE-2023-52809 | scsi: libfc: Fix potential NULL pointer dereference in fc_lport_ptp_setup() | S | |
| CVE-2023-52810 | fs/jfs: Add check for negative db_l2nbperpage | S | |
| CVE-2023-52811 | scsi: ibmvfc: Remove BUG_ON in the case of an empty event pool | S | |
| CVE-2023-52812 | drm/amd: check num of link levels when update pcie param | S | |
| CVE-2023-52813 | crypto: pcrypt - Fix hungtask for PADATA_RESET | | |
| CVE-2023-52814 | drm/amdgpu: Fix potential null pointer derefernce | S | |
| CVE-2023-52815 | drm/amdgpu/vkms: fix a possible null pointer dereference | S | |
| CVE-2023-52816 | drm/amdkfd: Fix shift out-of-bounds issue | | |
| CVE-2023-52817 | drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL | S | |
| CVE-2023-52818 | drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 | S | |
| CVE-2023-52819 | drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga | S | |
| CVE-2023-52820 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52821 | drm/panel: fix a possible null pointer dereference | S | |
| CVE-2023-52822 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52823 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52824 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52825 | drm/amdkfd: Fix a race condition of vram buffer unref in svm code | S | |
| CVE-2023-52826 | drm/panel/panel-tpo-tpg110: fix a possible null pointer dereference | S | |
| CVE-2023-52827 | wifi: ath12k: fix possible out-of-bound read in ath12k_htt_pull_ppdu_stats() | S | |
| CVE-2023-52828 | bpf: Detect IP == ksym.end as part of BPF program | | |
| CVE-2023-52829 | wifi: ath12k: fix possible out-of-bound write in ath12k_wmi_ext_hal_reg_caps() | S | |
| CVE-2023-52830 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52831 | cpu/hotplug: Don't offline the last non-isolated CPU | | |
| CVE-2023-52832 | wifi: mac80211: don't return unset power in ieee80211_get_tx_power() | S | |
| CVE-2023-52833 | Bluetooth: btusb: Add date->evt_skb is NULL check | S | |
| CVE-2023-52834 | atl1c: Work around the DMA RX overflow issue | | |
| CVE-2023-52835 | perf/core: Bail out early if the request AUX area is out of bound | | |
| CVE-2023-52836 | locking/ww_mutex/test: Fix potential workqueue corruption | | |
| CVE-2023-52837 | nbd: fix uaf in nbd_open | S | |
| CVE-2023-52838 | fbdev: imsttfb: fix a resource leak in probe | S | |
| CVE-2023-52839 | drivers: perf: Do not broadcast to other cpus when starting a counter | | |
| CVE-2023-52840 | Input: synaptics-rmi4 - fix use after free in rmi_unregister_function() | S | |
| CVE-2023-52841 | media: vidtv: mux: Add check and kfree for kstrdup | S | |
| CVE-2023-52842 | virtio/vsock: Fix uninit-value in virtio_transport_recv_pkt() | S | |
| CVE-2023-52843 | llc: verify mac len before reading mac header | | |
| CVE-2023-52844 | media: vidtv: psi: Add check for kstrdup | S | |
| CVE-2023-52845 | tipc: Change nla_policy for bearer-related names to NLA_NUL_STRING | S | |
| CVE-2023-52846 | hsr: Prevent use after free in prp_create_tagged_frame() | S | |
| CVE-2023-52847 | media: bttv: fix use after free error due to btv->timeout timer | S | |
| CVE-2023-52848 | f2fs: fix to drop meta_inode's page cache in f2fs_put_super() | S | |
| CVE-2023-52849 | cxl/mem: Fix shutdown order | S | |
| CVE-2023-52850 | media: hantro: Check whether reset op is defined before use | S | |
| CVE-2023-52851 | IB/mlx5: Fix init stage error handling to avoid double free of same QP and UAF | S | |
| CVE-2023-52852 | f2fs: compress: fix to avoid use-after-free on dic | S | |
| CVE-2023-52853 | hid: cp2112: Fix duplicate workqueue initialization | | |
| CVE-2023-52854 | padata: Fix refcnt handling in padata_free_shell() | S | |
| CVE-2023-52855 | usb: dwc2: fix possible NULL pointer dereference caused by driver concurrency | S | |
| CVE-2023-52856 | drm/bridge: lt8912b: Fix crash on bridge detach | S | |
| CVE-2023-52857 | drm/mediatek: Fix coverity issue with unintentional integer overflow | S | |
| CVE-2023-52858 | clk: mediatek: clk-mt7629: Add check for mtk_alloc_clk_data | S | |
| CVE-2023-52859 | perf: hisi: Fix use-after-free when register pmu fails | S | |
| CVE-2023-52860 | drivers/perf: hisi: use cpuhp_state_remove_instance_nocalls() for hisi_hns3_pmu uninit process | S | |
| CVE-2023-52861 | drm: bridge: it66121: Fix invalid connector dereference | S | |
| CVE-2023-52862 | drm/amd/display: Fix null pointer dereference in error message | S | |
| CVE-2023-52863 | hwmon: (axi-fan-control) Fix possible NULL pointer dereference | S | |
| CVE-2023-52864 | platform/x86: wmi: Fix opening of char device | | |
| CVE-2023-52865 | clk: mediatek: clk-mt6797: Add check for mtk_alloc_clk_data | S | |
| CVE-2023-52866 | HID: uclogic: Fix user-memory-access bug in uclogic_params_ugee_v2_init_event_hooks() | | |
| CVE-2023-52867 | drm/radeon: possible buffer overflow | | |
| CVE-2023-52868 | thermal: core: prevent potential string overflow | | |
| CVE-2023-52869 | pstore/platform: Add check for kstrdup | S | |
| CVE-2023-52870 | clk: mediatek: clk-mt6765: Add check for mtk_alloc_clk_data | S | |
| CVE-2023-52871 | soc: qcom: llcc: Handle a second device without data corruption | | |
| CVE-2023-52872 | tty: n_gsm: fix race condition in status line change on dead connections | S | |
| CVE-2023-52873 | clk: mediatek: clk-mt6779: Add check for mtk_alloc_clk_data | S | |
| CVE-2023-52874 | x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro | | |
| CVE-2023-52875 | clk: mediatek: clk-mt2701: Add check for mtk_alloc_clk_data | S | |
| CVE-2023-52876 | clk: mediatek: clk-mt7629-eth: Add check for mtk_alloc_clk_data | S | |
| CVE-2023-52877 | usb: typec: tcpm: Fix NULL pointer dereference in tcpm_pd_svdm() | S | |
| CVE-2023-52878 | can: dev: can_put_echo_skb(): don't crash kernel if can_priv::echo_skb is accessed out of bounds | S | |
| CVE-2023-52879 | tracing: Have trace_event_file have ref counters | S | |
| CVE-2023-52880 | tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc | | |
| CVE-2023-52881 | tcp: do not accept ACK of bytes we never sent | | |
| CVE-2023-52882 | clk: sunxi-ng: h6: Reparent CPUX during PLL CPUX rate change | | |
| CVE-2023-52883 | drm/amdgpu: Fix possible null pointer dereference | S | |
| CVE-2023-52884 | Input: cyapa - add missing input core locking to suspend/resume functions | S | |
| CVE-2023-52885 | SUNRPC: Fix UAF in svc_tcp_listen_data_ready() | S | |
| CVE-2023-52886 | USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() | S | |
| CVE-2023-52887 | net: can: j1939: enhanced error handling for tightly received RTS messages in xtp_rx_rts_session_new | | |
| CVE-2023-52888 | media: mediatek: vcodec: Only free buffer VA that is not NULL | | |
| CVE-2023-52889 | apparmor: Fix null pointer deref when receiving skb during sock creation | S | |
| CVE-2023-52890 | NTFS-3G before 75dcdc2 has a use-after-free in ntfs_uppercase_mbs in libntfs-3g/unistr.c. NOTE: disc... | | |
| CVE-2023-52891 | A vulnerability has been identified in SIMATIC Energy Manager Basic (All versions < V7.5), SIMATIC E... | | |
| CVE-2023-52892 | In phpseclib before 1.0.22, 2.x before 2.0.46, and 3.x before 3.0.33, some characters in Subject Alt... | | |
| CVE-2023-52893 | gsmi: fix null-deref in gsmi_get_variable | S | |
| CVE-2023-52894 | usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() | S | |
| CVE-2023-52895 | io_uring/poll: don't reissue in case of poll race on multishot request | S | |
| CVE-2023-52896 | btrfs: fix race between quota rescan and disable leading to NULL pointer deref | S | |
| CVE-2023-52897 | btrfs: qgroup: do not warn on record without old_roots populated | S | |
| CVE-2023-52898 | xhci: Fix null pointer dereference when host dies | S | |
| CVE-2023-52899 | Add exception protection processing for vd in axi_chan_handle_err function | S | |
| CVE-2023-52900 | nilfs2: fix general protection fault in nilfs_btree_insert() | S | |
| CVE-2023-52901 | usb: xhci: Check endpoint is valid before dereferencing it | S | |
| CVE-2023-52902 | nommu: fix memory leak in do_mmap() error path | S | |
| CVE-2023-52903 | io_uring: lock overflowing for IOPOLL | S | |
| CVE-2023-52904 | ALSA: usb-audio: Fix possible NULL pointer dereference in snd_usb_pcm_has_fixed_rate() | S | |
| CVE-2023-52905 | octeontx2-pf: Fix resource leakage in VF driver unbind | S | |
| CVE-2023-52906 | net/sched: act_mpls: Fix warning during failed attribute validation | S | |
| CVE-2023-52907 | nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() | S | |
| CVE-2023-52908 | drm/amdgpu: Fix potential NULL dereference | S | |
| CVE-2023-52909 | nfsd: fix handling of cached open files in nfsd4_open codepath | S | |
| CVE-2023-52910 | iommu/iova: Fix alloc iova overflows issue | S | |
| CVE-2023-52911 | drm/msm: another fix for the headless Adreno GPU | S | |
| CVE-2023-52912 | drm/amdgpu: Fixed bug on error when unloading amdgpu | S | |
| CVE-2023-52913 | drm/i915: Fix potential context UAFs | S | |
| CVE-2023-52914 | io_uring/poll: add hash if ready poll request can't complete inline | S | |
| CVE-2023-52915 | media: dvb-usb-v2: af9035: Fix null-ptr-deref in af9035_i2c_master_xfer | S | |
| CVE-2023-52916 | media: aspeed: Fix memory overwrite if timing is 1600x900 | | |
| CVE-2023-52917 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52918 | media: pci: cx23885: check cx23885_vdev_init() return | S | |
| CVE-2023-52919 | nfc: nci: fix possible NULL pointer dereference in send_acknowledge() | S | |
| CVE-2023-52920 | bpf: support non-r10 register spill/fill to/from stack in precision tracking | S | |
| CVE-2023-52921 | drm/amdgpu: fix possible UAF in amdgpu_cs_pass1() | S | |
| CVE-2023-52922 | can: bcm: Fix UAF in bcm_proc_show() | S | |
| CVE-2023-52923 | netfilter: nf_tables: adapt set backend to use GC transaction API | | |
| CVE-2023-52924 | netfilter: nf_tables: don't skip expired elements during walk | | |
| CVE-2023-52925 | netfilter: nf_tables: don't fail inserts if duplicate has expired | | |
| CVE-2023-52926 | io_uring/rw: split io_read() into a helper | S | |
| CVE-2023-52927 | netfilter: allow exp not to be removed in nf_ct_find_expectation | | |
| CVE-2023-52928 | bpf: Skip invalid kfunc call in backtrack_insn | | |
| CVE-2023-52929 | nvmem: core: fix cleanup after dev_set_name() | | |
| CVE-2023-52930 | drm/i915: Fix potential bit_17 double-free | S | |
| CVE-2023-52931 | drm/i915: Avoid potential vm use-after-free | S | |
| CVE-2023-52932 | mm/swapfile: add cond_resched() in get_swap_pages() | S | |
| CVE-2023-52933 | Squashfs: fix handling and sanity checking of xattr_ids count | | |
| CVE-2023-52934 | mm/MADV_COLLAPSE: catch !none !huge !bad pmd lookups | | |
| CVE-2023-52935 | mm/khugepaged: fix ->anon_vma race | S | |
| CVE-2023-52936 | kernel/irq/irqdomain.c: fix memory leak with using debugfs_lookup() | S | |
| CVE-2023-52937 | HV: hv_balloon: fix memory leak with using debugfs_lookup() | S | |
| CVE-2023-52938 | usb: typec: ucsi: Don't attempt to resume the ports before they exist | S | |
| CVE-2023-52939 | mm: memcg: fix NULL pointer in mem_cgroup_track_foreign_dirty_slowpath() | S | |
| CVE-2023-52940 | mm: multi-gen LRU: fix crash during cgroup migration | | |
| CVE-2023-52941 | can: isotp: split tx timer into transmission and timeout | | |
| CVE-2023-52942 | cgroup/cpuset: Fix wrong check in update_parent_subparts_cpumask() | | |
| CVE-2023-52943 | Incorrect authorization vulnerability in Alert.Setting webapi component in Synology Surveillance Sta... | | |
| CVE-2023-52944 | Incorrect authorization vulnerability in ActionRule webapi component in Synology Surveillance Statio... | | |
| CVE-2023-52946 | Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in vss service ... | | |
| CVE-2023-52947 | Missing authentication for critical function vulnerability in logout functionality in Synology Activ... | | |
| CVE-2023-52948 | Missing encryption of sensitive data vulnerability in settings functionality in Synology Active Back... | | |
| CVE-2023-52949 | Missing authentication for critical function vulnerability in proxy settings functionality in Synolo... | | |
| CVE-2023-52950 | Missing encryption of sensitive data vulnerability in login component in Synology Active Backup for ... | | |
| CVE-2023-52952 | A vulnerability has been identified in HiMed Cockpit 12 pro (J31032-K2017-H259) (All versions >= V11... | | |
| CVE-2023-52953 | Path traversal vulnerability in the Medialibrary module Impact: Successful exploitation of this vuln... | | |
| CVE-2023-52954 | Vulnerability of improper permission control in the Gallery module Impact: Successful exploitation o... | | |
| CVE-2023-52955 | Vulnerability of improper authentication in the ANS system service module Impact: Successful exploit... | | |
| CVE-2023-52968 | MariaDB Server 10.4 before 10.4.33, 10.5 before 10.5.24, 10.6 before 10.6.17, 10.7 through 10.11 bef... | | |
| CVE-2023-52969 | MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, and 11.0 through 11.0... | | |
| CVE-2023-52970 | MariaDB Server 10.4 through 10.5.*, 10.6 through 10.6.*, 10.7 through 10.11.*, 11.0 through 11.0.*, ... | | |
| CVE-2023-52971 | MariaDB Server 10.10 through 10.11.* and 11.0 through 11.4.* crashes in JOIN::fix_all_splittings_in_... | | |
| CVE-2023-52972 | Huawei PCs have a vulnerability that allows low-privilege users to bypass SDDL permission checks . S... | | |
| CVE-2023-52973 | vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF | S | |
| CVE-2023-52974 | scsi: iscsi_tcp: Fix UAF during login when accessing the shost ipaddress | S | |
| CVE-2023-52975 | scsi: iscsi_tcp: Fix UAF during logout when accessing the shost ipaddress | S | |
| CVE-2023-52976 | efi: fix potential NULL deref in efi_mem_reserve_persistent | S | |
| CVE-2023-52977 | net: openvswitch: fix flow memory leak in ovs_flow_cmd_new | S | |
| CVE-2023-52978 | riscv: kprobe: Fixup kernel panic when probing an illegal position | S | |
| CVE-2023-52979 | squashfs: harden sanity check in squashfs_read_xattr_id_table | S | |
| CVE-2023-52980 | block: ublk: extending queue_size to fix overflow | | |
| CVE-2023-52981 | drm/i915: Fix request ref counting during error capture & debugfs dump | | |
| CVE-2023-52982 | fscache: Use wait_on_bit() to wait for the freeing of relinquished volume | | |
| CVE-2023-52983 | block, bfq: fix uaf for bfqq in bic_set_bfqq() | S | |
| CVE-2023-52984 | net: phy: dp83822: Fix null pointer access on DP83825/DP83826 devices | S | |
| CVE-2023-52985 | arm64: dts: imx8mm-verdin: Do not power down eth-phy | | |
| CVE-2023-52986 | bpf, sockmap: Check for any of tcp_bpf_prots when cloning a listener | | |
| CVE-2023-52987 | ASoC: SOF: ipc4-mtrace: prevent underflow in sof_ipc4_priority_mask_dfs_write() | | |
| CVE-2023-52988 | ALSA: hda/via: Avoid potential array out-of-bound in add_secret_dac_path() | S | |
| CVE-2023-52989 | firewire: fix memory leak for payload of request subaction to IEC 61883-1 FCP region | S | |
| CVE-2023-52990 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-52991 | net: fix NULL pointer in skb_segment_list | S | |
| CVE-2023-52992 | bpf: Skip task with pid=1 in send_signal_common() | | |
| CVE-2023-52993 | x86/i8259: Mark legacy PIC interrupts with IRQ_LEVEL | S | |
| CVE-2023-52994 | acpi: Fix suspend with Xen PV | S | |
| CVE-2023-52995 | riscv/kprobe: Fix instruction simulation of JALR | | |
| CVE-2023-52996 | ipv4: prevent potential spectre v1 gadget in fib_metrics_match() | | |
| CVE-2023-52997 | ipv4: prevent potential spectre v1 gadget in ip_metrics_convert() | | |
| CVE-2023-52998 | net: fec: Use page_pool_put_full_page when freeing rx buffers | | |
| CVE-2023-52999 | net: fix UaF in netns ops registration error path | S |