Export limit exceeded: 336842 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (34622 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-4343 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 7.5 High |
| Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter | ||||
| CVE-2023-4342 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy | ||||
| CVE-2023-4341 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI | ||||
| CVE-2023-4340 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file | ||||
| CVE-2023-4339 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 7.5 High |
| Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions | ||||
| CVE-2023-4338 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers | ||||
| CVE-2023-4337 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation | ||||
| CVE-2023-4336 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute | ||||
| CVE-2023-4333 | 2 Broadcom, Microsoft | 2 Raid Controller Web Interface, Windows | 2025-11-04 | 5.5 Medium |
| Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server | ||||
| CVE-2023-4329 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute | ||||
| CVE-2023-4328 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2025-11-04 | 5.5 Medium |
| Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Windows | ||||
| CVE-2023-4327 | 2 Broadcom, Linux | 2 Raid Controller Web Interface, Linux Kernel | 2025-11-04 | 5.5 Medium |
| Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux | ||||
| CVE-2023-4325 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities | ||||
| CVE-2023-4324 | 2 Broadcom, Intel | 3 Lsi Storage Authority, Raid Controller Web Interface, Raid Web Console 3 | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers | ||||
| CVE-2023-4323 | 1 Broadcom | 1 Raid Controller Web Interface | 2025-11-04 | 9.8 Critical |
| Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup | ||||
| CVE-2023-47235 | 2 Frrouting, Redhat | 3 Frrouting, Enterprise Linux, Rhel Eus | 2025-11-04 | 6.8 Medium |
| An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdraw outcome. | ||||
| CVE-2023-47234 | 2 Frrouting, Redhat | 3 Frrouting, Enterprise Linux, Rhel Eus | 2025-11-04 | 7.5 High |
| An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory path attributes). | ||||
| CVE-2023-38407 | 2 Frrouting, Redhat | 3 Frrouting, Enterprise Linux, Rhel Eus | 2025-11-04 | 7.5 High |
| bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing. | ||||
| CVE-2023-32559 | 2 Nodejs, Redhat | 4 Node.js, Nodejs, Enterprise Linux and 1 more | 2025-11-04 | 7.5 High |
| A privilege escalation vulnerability exists in the experimental policy mechanism in all active release lines: 16.x, 18.x and, 20.x. The use of the deprecated API `process.binding()` can bypass the policy mechanism by requiring internal modules and eventually take advantage of `process.binding('spawn_sync')` run arbitrary code, outside of the limits defined in a `policy.json` file. Please note that at the time this CVE was issued, the policy is an experimental feature of Node.js. | ||||
| CVE-2023-25652 | 3 Fedoraproject, Git-scm, Redhat | 7 Fedora, Git, Enterprise Linux and 4 more | 2025-11-04 | 7.5 High |
| Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists. | ||||