Total
31934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-29059 | 1 3cx | 1 3cx | 2025-05-05 | N/A | 7.8 HIGH |
| 3CX DesktopApp through 18.12.416 has embedded malicious code, as exploited in the wild in March 2023. This affects versions 18.12.407 and 18.12.416 of the 3CX DesktopApp Electron Windows application shipped in Update 7, and versions 18.11.1213, 18.12.402, 18.12.407, and 18.12.416 of the 3CX DesktopApp Electron macOS application. | |||||
| CVE-2023-38586 | 1 Apple | 1 Macos | 2025-05-05 | N/A | 10.0 CRITICAL |
| An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Sonoma 14. A sandboxed process may be able to circumvent sandbox restrictions. | |||||
| CVE-2023-32396 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-05-05 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in Xcode 15, tvOS 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to gain elevated privileges. | |||||
| CVE-2023-20873 | 1 Vmware | 1 Spring Boot | 2025-05-05 | N/A | 9.8 CRITICAL |
| In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+. | |||||
| CVE-2023-40412 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-05 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-40431 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-05 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-40400 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-05 | N/A | 9.8 CRITICAL |
| This issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, macOS Sonoma 14. A remote user may cause an unexpected app termination or arbitrary code execution. | |||||
| CVE-2023-35074 | 2 Apple, Fedoraproject | 7 Ipados, Iphone Os, Macos and 4 more | 2025-05-05 | N/A | 8.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17, Safari 17, watchOS 10, iOS 17 and iPadOS 17, macOS Sonoma 14. Processing web content may lead to arbitrary code execution. | |||||
| CVE-2023-28005 | 2 Microsoft, Trendmicro | 2 Windows, Trend Micro Endpoint Encryption | 2025-05-05 | N/A | 6.8 MEDIUM |
| A vulnerability in Trend Micro Endpoint Encryption Full Disk Encryption version 6.0.0.3204 and below could allow an attacker with physical access to an affected device to bypass Microsoft Windows? Secure Boot process in an attempt to execute other attacks to obtain access to the contents of the device. An attacker must first obtain physical access to the target system in order to exploit this vulnerability. It is also important to note that the contents of the drive(s) encrypted with TMEE FDE would still be protected and would NOT be accessible by the attacker by exploitation of this vulnerability alone. | |||||
| CVE-2023-40409 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-05 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, macOS Monterey 12.7, watchOS 10, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-4415 | 1 Systemd Project | 1 Systemd | 2025-05-05 | N/A | 5.5 MEDIUM |
| A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting. | |||||
| CVE-2023-38600 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-05-05 | N/A | 8.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Ventura 13.5, Safari 16.6, watchOS 9.6. Processing web content may lead to arbitrary code execution. | |||||
| CVE-2023-21266 | 1 Google | 1 Android | 2025-05-05 | N/A | 7.8 HIGH |
| In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-41068 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2025-05-05 | N/A | 7.8 HIGH |
| An access issue was addressed with improved access restrictions. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10, iOS 16.7 and iPadOS 16.7. A user may be able to elevate privileges. | |||||
| CVE-2023-41063 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-05-05 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.6, tvOS 17, iOS 16.7 and iPadOS 16.7, iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-40419 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2025-05-05 | N/A | 7.8 HIGH |
| The issue was addressed with improved checks. This issue is fixed in tvOS 17, iOS 17 and iPadOS 17, watchOS 10. An app may be able to gain elevated privileges. | |||||
| CVE-2023-40116 | 1 Google | 1 Android | 2025-05-05 | N/A | 7.8 HIGH |
| In onTaskAppeared of PipTaskOrganizer.java, there is a possible way to bypass background activity launch restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-40125 | 1 Google | 1 Android | 2025-05-05 | N/A | 7.8 HIGH |
| In onCreate of ApnEditor.java, there is a possible way for a Guest user to change the APN due to a permission bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-32377 | 1 Apple | 1 Macos | 2025-05-05 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-40418 | 1 Apple | 3 Watch Ultra, Watch Ultra 2, Watchos | 2025-05-05 | N/A | 5.5 MEDIUM |
| An authentication issue was addressed with improved state management. This issue is fixed in watchOS 10. An Apple Watch Ultra may not lock when using the Depth app. | |||||