CVE List - 2023 / January
Showing 1301 - 1400 of 2351 CVEs for January 2023 (Page 14 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-22727 | 2023-01-17 | Database Query::offset() and limit() vulnerable to SQL injection in cakephp |
| CVE-2022-41953 | 2023-01-17 | Git clone remote code execution vulnerability in git-for-windows |
| CVE-2023-22734 | 2023-01-17 | Improper Input Newsletter subscription option validation in shopware |
| CVE-2023-22730 | 2023-01-17 | Improper Input Validation of Clearance sale in cart |
| CVE-2023-22731 | 2023-01-17 | Improper Control of Generation of Code in Twig rendered views in shopware |
| CVE-2023-22732 | 2023-01-17 | Insufficient Session Expiration in Administration in shopware |
| CVE-2023-22733 | 2023-01-17 | Improper Output Neutralization in Log Module in shopware |
| CVE-2022-41903 | 2023-01-17 | Integer overflow in `git archive`, `git log --format` leading to RCE in git |
| CVE-2022-23521 | 2023-01-17 | gitattributes parsing integer overflow in git |
| CVE-2014-125081 | 2023-01-17 | risheesh debutsav sql injection |
| CVE-2015-10065 | 2023-01-17 | AenBleidd FiND my_validator.cpp init_result buffer overflow |
| CVE-2017-20171 | 2023-01-17 | PrivateSky apersistence mysqlUtils.js sql injection |
| CVE-2022-46732 | 2023-01-17 | CVE-2022-46732 |
| CVE-2022-39429 | 2023-01-17 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege... |
| CVE-2023-21824 | 2023-01-17 | Vulnerability in the Oracle Communications BRM - Elastic Charging Engine product of Oracle Communications Applications (component: Customer, Config, Pricing Manager). Supported versions that are affected are 12.0.0.3.0-12.0.0.7.0. Easily exploitable vulnerability... |
| CVE-2023-21825 | 2023-01-17 | Vulnerability in the Oracle iSupplier Portal product of Oracle E-Business Suite (component: Supplier Management). Supported versions that are affected are 12.2.6-12.2.8. Easily exploitable vulnerability allows unauthenticated attacker with network access... |
| CVE-2023-21826 | 2023-01-17 | Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low... |
| CVE-2023-21827 | 2023-01-17 | Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create... |
| CVE-2023-21828 | 2023-01-17 | Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low... |
| CVE-2023-21829 | 2023-01-17 | Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create... |
| CVE-2023-21830 | 2023-01-17 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf; Oracle GraalVM... |
| CVE-2023-21831 | 2023-01-17 | Vulnerability in the PeopleSoft Enterprise CS Academic Advisement product of Oracle PeopleSoft (component: Advising Notes). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21832 | 2023-01-17 | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected are 5.9.0.0.0, 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker... |
| CVE-2023-21834 | 2023-01-17 | Vulnerability in the Oracle Self-Service Human Resources product of Oracle E-Business Suite (component: Workflow, Approval, Work Force Management). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low... |
| CVE-2023-21835 | 2023-01-17 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle... |
| CVE-2023-21836 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21837 | 2023-01-17 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21838 | 2023-01-17 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21839 | 2023-01-17 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21840 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 5.7.40 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21841 | 2023-01-17 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21842 | 2023-01-17 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2023-21843 | 2023-01-17 | Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5,... |
| CVE-2023-21844 | 2023-01-17 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2023-21845 | 2023-01-17 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor). The supported version that is affected is 8.60. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2023-21846 | 2023-01-17 | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected are 5.9.0.0.0, 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker... |
| CVE-2023-21847 | 2023-01-17 | Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Download). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2023-21848 | 2023-01-17 | Vulnerability in the Oracle Communications Convergence product of Oracle Communications Applications (component: Admin Configuration). The supported version that is affected is 3.0.3.1.0. Easily exploitable vulnerability allows low privileged attacker with... |
| CVE-2023-21849 | 2023-01-17 | Vulnerability in the Oracle Applications DBA product of Oracle E-Business Suite (component: Java utils). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access... |
| CVE-2023-21850 | 2023-01-17 | Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: E-Business Collections). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2023-21851 | 2023-01-17 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via... |
| CVE-2023-21852 | 2023-01-17 | Vulnerability in the Oracle Learning Management product of Oracle E-Business Suite (component: Setup). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via... |
| CVE-2023-21853 | 2023-01-17 | Vulnerability in the Oracle Mobile Field Service product of Oracle E-Business Suite (component: Synchronization). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access... |
| CVE-2023-21854 | 2023-01-17 | Vulnerability in the Oracle Sales Offline product of Oracle E-Business Suite (component: Core Components). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access... |
| CVE-2023-21855 | 2023-01-17 | Vulnerability in the Oracle Sales for Handhelds product of Oracle E-Business Suite (component: Pocket Outlook Sync(PocketPC)). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21856 | 2023-01-17 | Vulnerability in the Oracle iSetup product of Oracle E-Business Suite (component: General Ledger Update Transform, Reports). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21857 | 2023-01-17 | Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite (component: Auomated Test Suite). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21858 | 2023-01-17 | Vulnerability in the Oracle Collaborative Planning product of Oracle E-Business Suite (component: Installation). Supported versions that are affected are 12.2.3-12.2.12. Easily exploitable vulnerability allows unauthenticated attacker with network access via... |
| CVE-2023-21859 | 2023-01-17 | Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Authentication Engine). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2023-21861 | 2023-01-17 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Visual Analyzer). Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.0. Easily exploitable vulnerability allows low... |
| CVE-2023-21862 | 2023-01-17 | Vulnerability in the Oracle Web Services Manager product of Oracle Fusion Middleware (component: XML Security component). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker... |
| CVE-2023-21863 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21864 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21865 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21866 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21867 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21868 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows low privileged attacker with network... |
| CVE-2023-21869 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... |
| CVE-2023-21870 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21871 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... |
| CVE-2023-21872 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21873 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21874 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Thread Pooling). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with... |
| CVE-2023-21875 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.31 and prior. Difficult to exploit vulnerability allows high privileged attacker... |
| CVE-2023-21876 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21877 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... |
| CVE-2023-21878 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21879 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21880 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network access... |
| CVE-2023-21881 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21882 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21883 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21884 | 2023-01-17 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows high... |
| CVE-2023-21885 | 2023-01-17 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low... |
| CVE-2023-21886 | 2023-01-17 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Difficult to exploit vulnerability allows... |
| CVE-2023-21887 | 2023-01-17 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: GIS). Supported versions that are affected are 8.0.31 and prior. Easily exploitable vulnerability allows high privileged attacker with network... |
| CVE-2023-21888 | 2023-01-17 | Vulnerability in the Primavera Gateway product of Oracle Construction and Engineering (component: WebUI). Supported versions that are affected are 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10 and 21.12.0-21.12.8. Easily exploitable vulnerability allows low privileged... |
| CVE-2023-21889 | 2023-01-17 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low... |
| CVE-2023-21890 | 2023-01-17 | Vulnerability in the Oracle Communications Converged Application Server product of Oracle Communications (component: Core). Supported versions that are affected are 7.1.0 and 8.0.0. Easily exploitable vulnerability allows unauthenticated attacker with... |
| CVE-2023-21891 | 2023-01-17 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Visual Analyzer). Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.0. Easily exploitable vulnerability allows low... |
| CVE-2023-21892 | 2023-01-17 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Visual Analyzer). Supported versions that are affected are 5.9.0.0.0 and 6.4.0.0.0. Easily exploitable vulnerability allows low... |
| CVE-2023-21893 | 2023-01-17 | Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with... |
| CVE-2023-21894 | 2023-01-17 | Vulnerability in the Oracle Global Lifecycle Management NextGen OUI Framework product of Oracle Fusion Middleware (component: NextGen Installer issues). Supported versions that are affected are Prior to 13.9.4.2.11. Easily exploitable... |
| CVE-2023-21898 | 2023-01-17 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low... |
| CVE-2023-21899 | 2023-01-17 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low... |
| CVE-2023-21900 | 2023-01-17 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: NSSwitch). Supported versions that are affected are 10 and 11. Difficult to exploit vulnerability allows high privileged attacker with network... |
| CVE-2022-46660 | 2023-01-17 | An unauthorized user could alter or write files with full control over the path and content of the file. |
| CVE-2022-43494 | 2023-01-17 | An unauthorized user could be able to read any file on the system, potentially exposing sensitive information. |
| CVE-2022-46331 | 2023-01-17 | An unauthorized user could possibly delete any file on the system. |
| CVE-2022-38469 | 2023-01-17 | An unauthorized user with network access and the decryption key could decrypt sensitive data, such as usernames and passwords. |
| CVE-2010-10006 | 2023-01-17 | michaelliao jopenid OpenIdManager.java getAuthentication timing discrepancy |
| CVE-2014-125082 | 2023-01-17 | nivit redports model.py sql injection |
| CVE-2015-10066 | 2023-01-17 | tynx wuersch Store.class.php getByCustomQuery sql injection |
| CVE-2020-22007 | 2023-01-18 | OS Command Injection vulnerability in OKER G955V1 v1.03.02.20161128, allows physical attackers to interrupt the boot sequence and execute arbitrary commands with root privileges. |
| CVE-2020-35326 | 2023-01-18 | SQL Injection vulnerability in file /inxedu/demo_inxedu_open/src/main/resources/mybatis/inxedu/website/WebsiteImagesMapper.xml in inxedu 2.0.6 via the id value. |
| CVE-2021-33959 | 2023-01-18 | Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service. |
| CVE-2021-36630 | 2023-01-18 | DDOS reflection amplification vulnerability in eAut module of Ruckus Wireless SmartZone controller that allows remote attackers to perform DOS attacks via crafted request. |
| CVE-2022-3100 | 2023-01-18 | A flaw was found in the openstack-barbican component. This issue allows an access policy bypass via a query string when accessing the API. |
| CVE-2022-41417 | 2023-01-18 | BlogEngine.NET v3.3.8.0 allows an attacker to create any folder with "files" prefix under ~/App_Data/. |
| CVE-2022-4235 | 2023-01-18 | RushBet version 2022.23.1-b490616d allows a remote attacker to steal customer accounts via use of a malicious application. This is possible because the application exposes an activity and does not properly... |