CVE List - 2023 / January
Showing 1801 - 1900 of 2351 CVEs for January 2023 (Page 19 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-20921 | 2023-01-24 | In onPackageRemoved of AccessibilityManagerService.java, there is a possibility to automatically... |
| CVE-2023-20922 | 2023-01-24 | In setMimeGroup of PackageManagerService.java, there is a possible crash loop... |
| CVE-2023-20923 | 2023-01-24 | In exported content providers of ShannonRcs, there is a possible... |
| CVE-2023-20924 | 2023-01-24 | In (TBD) of (TBD), there is a possible way to... |
| CVE-2023-20925 | 2023-01-24 | In setUclampMinLocked of PowerSessionManager.cpp, there is a possible way to... |
| CVE-2023-20928 | 2023-01-24 | In binder_vma_close of binder.c, there is a possible use after... |
| CVE-2023-23331 | 2023-01-24 | Amano Xoffice parking solutions 7.1.3879 is vulnerable to SQL Injection. |
| CVE-2023-23949 | 2023-01-24 | An authenticated user can supply malicious HTML and JavaScript code... |
| CVE-2023-23950 | 2023-01-24 | User’s supplied input (usually a CRLF sequence) can be used... |
| CVE-2023-23951 | 2023-01-24 | Ability to enumerate the Oracle LDAP attributes for the current... |
| CVE-2023-24057 | 2023-01-24 | HL7 (Health Level 7) FHIR Core Libraries before 5.6.92 allow... |
| CVE-2023-24422 | 2023-01-24 | A sandbox bypass vulnerability involving map constructors in Jenkins Script... |
| CVE-2023-24423 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins Gerrit Trigger... |
| CVE-2023-24424 | 2023-01-24 | Jenkins OpenId Connect Authentication Plugin 2.4 and earlier does not... |
| CVE-2023-24425 | 2023-01-24 | Jenkins Kubernetes Credentials Provider Plugin 1.208.v128ee9800c04 and earlier does not... |
| CVE-2023-24426 | 2023-01-24 | Jenkins Azure AD Plugin 303.va_91ef20ee49f and earlier does not invalidate... |
| CVE-2023-24427 | 2023-01-24 | Jenkins Bitbucket OAuth Plugin 0.12 and earlier does not invalidate... |
| CVE-2023-24428 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket OAuth... |
| CVE-2023-24429 | 2023-01-24 | Jenkins Semantic Versioning Plugin 1.14 and earlier does not restrict... |
| CVE-2023-24430 | 2023-01-24 | Jenkins Semantic Versioning Plugin 1.14 and earlier does not configure... |
| CVE-2023-24431 | 2023-01-24 | A missing permission check in Jenkins Orka by MacStadium Plugin... |
| CVE-2023-24432 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins Orka by... |
| CVE-2023-24433 | 2023-01-24 | Missing permission checks in Jenkins Orka by MacStadium Plugin 1.31... |
| CVE-2023-24434 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins GitHub Pull... |
| CVE-2023-24435 | 2023-01-24 | A missing permission check in Jenkins GitHub Pull Request Builder... |
| CVE-2023-24436 | 2023-01-24 | A missing permission check in Jenkins GitHub Pull Request Builder... |
| CVE-2023-24437 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins JIRA Pipeline... |
| CVE-2023-24438 | 2023-01-24 | A missing permission check in Jenkins JIRA Pipeline Steps Plugin... |
| CVE-2023-24439 | 2023-01-24 | Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier stores the... |
| CVE-2023-24440 | 2023-01-24 | Jenkins JIRA Pipeline Steps Plugin 2.0.165.v8846cf59f3db and earlier transmits the... |
| CVE-2023-24441 | 2023-01-24 | Jenkins MSTest Plugin 1.0.0 and earlier does not configure its... |
| CVE-2023-24442 | 2023-01-24 | Jenkins GitHub Pull Request Coverage Status Plugin 2.2.0 and earlier... |
| CVE-2023-24443 | 2023-01-24 | Jenkins TestComplete support Plugin 2.8.1 and earlier does not configure... |
| CVE-2023-24444 | 2023-01-24 | Jenkins OpenID Plugin 2.4 and earlier does not invalidate the... |
| CVE-2023-24445 | 2023-01-24 | Jenkins OpenID Plugin 2.4 and earlier improperly determines that a... |
| CVE-2023-24446 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins OpenID Plugin... |
| CVE-2023-24447 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins RabbitMQ Consumer... |
| CVE-2023-24448 | 2023-01-24 | A missing permission check in Jenkins RabbitMQ Consumer Plugin 2.8... |
| CVE-2023-24449 | 2023-01-24 | Jenkins PWauth Security Realm Plugin 0.4 and earlier does not... |
| CVE-2023-24450 | 2023-01-24 | Jenkins view-cloner Plugin 1.1 and earlier stores passwords unencrypted in... |
| CVE-2023-24452 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins TestQuality Updater... |
| CVE-2023-24453 | 2023-01-24 | A missing check in Jenkins TestQuality Updater Plugin 1.3 and... |
| CVE-2023-24454 | 2023-01-24 | Jenkins TestQuality Updater Plugin 1.3 and earlier stores the TestQuality... |
| CVE-2023-24455 | 2023-01-24 | Jenkins visualexpert Plugin 1.3 and earlier does not restrict the... |
| CVE-2023-24456 | 2023-01-24 | Jenkins Keycloak Authentication Plugin 2.3.0 and earlier does not invalidate... |
| CVE-2023-24457 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins Keycloak Authentication... |
| CVE-2023-24458 | 2023-01-24 | A cross-site request forgery (CSRF) vulnerability in Jenkins BearyChat Plugin... |
| CVE-2023-24459 | 2023-01-24 | A missing permission check in Jenkins BearyChat Plugin 3.0.2 and... |
| CVE-2023-22485 | 2023-01-24 | cmark-gfm out-of-bounds read in validate_protocol |
| CVE-2023-22486 | 2023-01-24 | cmark-gfm Quadratic complexity bug in handle_close_bracket may lead to a denial of service |
| CVE-2023-23608 | 2023-01-24 | spotipy Path traversal vulnerability that may lead to type confusion in URI handling code |
| CVE-2022-25350 | 2023-01-24 | All versions of the package puppet-facter are vulnerable to Command... |
| CVE-2022-25908 | 2023-01-24 | All versions of the package create-choo-electron are vulnerable to Command... |
| CVE-2022-25860 | 2023-01-24 | Versions of the package simple-git before 3.16.0 are vulnerable to... |
| CVE-2022-47615 | 2023-01-24 | WordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to Local File Inclusion |
| CVE-2022-45808 | 2023-01-24 | WordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to SQL Injection |
| CVE-2022-45820 | 2023-01-24 | WordPress LearnPress Plugin <= 4.1.7.3.2 is vulnerable to SQL Injection |
| CVE-2023-0284 | 2023-01-24 | Improper validation of LDAP user IDs |
| CVE-2023-24022 | 2023-01-24 | Hard Coded Credential Crypt Vulnerability |
| CVE-2023-0463 | 2023-01-24 | The force offline MFA prompt setting is not respected when... |
| CVE-2023-0356 | 2023-01-24 | SOCOMEC MODULYS GP Netvision versions 7.20 and prior lack strong... |
| CVE-2023-23613 | 2023-01-24 | Field-level security issue with .keyword fields in OpenSearch |
| CVE-2023-23612 | 2023-01-24 | Issue with whitespace in JWT roles in OpenSearch |
| CVE-2023-24508 | 2023-01-24 | Remote Code Execution in Baicells RTS Platform |
| CVE-2018-25078 | 2023-01-25 | man-db before 2.8.5 on Gentoo allows local users (with access... |
| CVE-2020-18329 | 2023-01-25 | An issue was discovered in Rehau devices that use a... |
| CVE-2020-18330 | 2023-01-25 | An issue was discovered in the default configuration of ChinaMobile... |
| CVE-2020-18331 | 2023-01-25 | Directory traversal vulnerability in ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN... |
| CVE-2020-36657 | 2023-01-25 | uptimed before 0.4.6-r1 on Gentoo allows local users (with access... |
| CVE-2022-29843 | 2023-01-25 | Western Digital My Cloud OS 5 devices Command Injection Vulnerability |
| CVE-2022-29844 | 2023-01-25 | Western Digital My Cloud OS 5 arbitrary file read and write vulnerability via ftp |
| CVE-2022-31704 | 2023-01-25 | The vRealize Log Insight contains a broken access control vulnerability.... |
| CVE-2022-31706 | 2023-01-25 | The vRealize Log Insight contains a Directory Traversal Vulnerability. An... |
| CVE-2022-31710 | 2023-01-25 | vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious... |
| CVE-2022-31711 | 2023-01-25 | VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A... |
| CVE-2022-38758 | 2023-01-25 | XSS vulnerabilities in iManager |
| CVE-2022-40035 | 2023-01-25 | File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers... |
| CVE-2022-43997 | 2023-01-25 | Incorrect access control in Aternity agent in Riverbed Aternity before... |
| CVE-2022-44018 | 2023-01-25 | In Softing uaToolkit Embedded before 1.40.1, a malformed PubSub discovery... |
| CVE-2022-45730 | 2023-01-25 | A cross-site scripting (XSS) vulnerability in Doctor Appointment Management System... |
| CVE-2022-45920 | 2023-01-25 | In Softing uaToolkit Embedded before 1.41, a malformed CreateMonitoredItems request... |
| CVE-2022-46128 | 2023-01-25 | phpgurukul Doctor Appointment Management System V 1.0.0 is vulnerable to... |
| CVE-2022-46624 | 2023-01-25 | A cross-site scripting (XSS) vulnerability in Online Graduate Tracer System... |
| CVE-2022-46957 | 2023-01-25 | Sourcecodester.com Online Graduate Tracer System V 1.0.0 is vulnerable to... |
| CVE-2022-46998 | 2023-01-25 | An issue in the website background of taocms v3.0.2 allows... |
| CVE-2022-46999 | 2023-01-25 | Tuzicms v2.0.6 was discovered to contain a SQL injection vulnerability... |
| CVE-2022-47052 | 2023-01-25 | The web interface of the 'Nighthawk R6220 AC1200 Smart Wi-Fi... |
| CVE-2022-47073 | 2023-01-25 | A cross-site scripting (XSS) vulnerability in the Create Ticket page... |
| CVE-2022-47767 | 2023-01-25 | A backdoor in Solar-Log Gateway products allows remote access via... |
| CVE-2023-0229 | 2023-01-25 | A flaw was found in github.com/openshift/apiserver-library-go, used in OpenShift 4.12... |
| CVE-2023-0321 | 2023-01-25 | Disclosure of Sensitive Information on Campbell Scientific Products |
| CVE-2023-0468 | 2023-01-25 | A use-after-free flaw was found in io_uring/poll.c in io_poll_check_events in... |
| CVE-2023-0469 | 2023-01-25 | A use-after-free flaw was found in io_uring/filetable.c in io_install_fixed_file in... |
| CVE-2023-0476 | 2023-01-25 | A LDAP injection vulnerability exists in Tenable.sc due to improper... |
| CVE-2023-23151 | 2023-01-25 | bloofoxCMS v0.5.2.1 was discovered to contain an arbitrary file deletion... |
| CVE-2023-24493 | 2023-01-25 | A formula injection vulnerability exists in Tenable.sc due to improper... |
| CVE-2023-24494 | 2023-01-25 | A stored cross-site scripting (XSS) vulnerability exists in Tenable.sc due... |
| CVE-2023-24495 | 2023-01-25 | A Server Side Request Forgery (SSRF) vulnerability exists in Tenable.sc... |
| CVE-2022-25927 | 2023-01-25 | Versions of the package ua-parser-js from 0.7.30 and before 0.7.33,... |
| CVE-2022-25847 | 2023-01-25 | All versions of the package serve-lite are vulnerable to Cross-site... |