CVE List - 2023 / January

Showing 601 - 700 of 2351 CVEs for January 2023 (Page 7 of 24)

Back to List Previous Next

CVE ID	Date	Title
CVE-2023-21678	2023-01-10	Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21679	2023-01-10	Windows Layer 2 Tunneling Protocol (L2TP) Remote Code Execution Vulnerability
CVE-2023-21680	2023-01-10	Windows Win32k Elevation of Privilege Vulnerability
CVE-2023-21681	2023-01-10	Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-21682	2023-01-10	Windows Point-to-Point Protocol (PPP) Information Disclosure Vulnerability
CVE-2023-21683	2023-01-10	Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2023-21724	2023-01-10	Microsoft DWM Core Library Elevation of Privilege Vulnerability
CVE-2023-21725	2023-01-10	Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability
CVE-2023-21726	2023-01-10	Windows Credential Manager User Interface Elevation of Privilege Vulnerability
CVE-2023-21728	2023-01-10	Windows Netlogon Denial of Service Vulnerability
CVE-2023-21730	2023-01-10	Microsoft Cryptographic Services Elevation of Privilege Vulnerability
CVE-2023-21733	2023-01-10	Windows Bind Filter Driver Elevation of Privilege Vulnerability
CVE-2023-21736	2023-01-10	Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-21739	2023-01-10	Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2023-21741	2023-01-10	Microsoft Office Visio Information Disclosure Vulnerability
CVE-2023-21746	2023-01-10	Windows NTLM Elevation of Privilege Vulnerability
CVE-2023-21747	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21749	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21750	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21752	2023-01-10	Windows Backup Service Elevation of Privilege Vulnerability
CVE-2023-21753	2023-01-10	Event Tracing for Windows Information Disclosure Vulnerability
CVE-2023-21755	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21757	2023-01-10	Windows Layer 2 Tunneling Protocol (L2TP) Denial of Service Vulnerability
CVE-2023-21758	2023-01-10	Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
CVE-2023-21759	2023-01-10	Windows Smart Card Resource Management Server Security Feature Bypass Vulnerability
CVE-2023-21760	2023-01-10	Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21761	2023-01-10	Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2023-21763	2023-01-10	Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2023-21764	2023-01-10	Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2023-21765	2023-01-10	Windows Print Spooler Elevation of Privilege Vulnerability
CVE-2023-21766	2023-01-10	Windows Overlay Filter Information Disclosure Vulnerability
CVE-2023-21767	2023-01-10	Windows Overlay Filter Elevation of Privilege Vulnerability
CVE-2023-21768	2023-01-10	Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability
CVE-2023-21772	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21773	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21774	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21776	2023-01-10	Windows Kernel Information Disclosure Vulnerability
CVE-2023-21779	2023-01-10	Visual Studio Code Remote Code Execution Vulnerability
CVE-2023-21780	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21781	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21782	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21783	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21784	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21785	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21786	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21787	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21788	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21789	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21790	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21791	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21792	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2023-21793	2023-01-10	3D Builder Remote Code Execution Vulnerability
CVE-2017-20166	2023-01-10	Ecto 2.2.0 lacks a certain protection mechanism associated with the interaction between is_nil and raise.
CVE-2021-46871	2023-01-10	tag.ex in Phoenix Phoenix.HTML (aka phoenix_html) before 3.0.4 allows XSS in HEEx class attributes.
CVE-2022-30332	2023-01-10	In Talend Administration Center 7.3.1.20200219 before TAC-15950, the Forgot Password feature provides different error messages for invalid reset attempts depending on whether the email address is associated with any account....
CVE-2022-36441	2023-01-10	An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The Gboard used by different applications can be used to launch and use several other applications that are restricted by...
CVE-2022-36442	2023-01-10	An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install an unauthorized application via a downloaded APK.
CVE-2022-36443	2023-01-10	An issue was discovered in Zebra Enterprise Home Screen 4.1.19. The device allows the administrator to lock some communication channels (wireless and SD card) but it is still possible to...
CVE-2022-3792	2023-01-10	SQL Injection in GullsEye Terminal Operating System
CVE-2022-38481	2023-01-10	An issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP2. The application is prone to reflected Cross-site Scripting (XSS) in several features.
CVE-2022-38482	2023-01-10	A link-manipulation issue was discovered in Mega HOPEX 15.2.0.6110 before V5CP4.
CVE-2022-38489	2023-01-10	An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03 It is prone to stored Cross-site Scripting (XSS). Version 2022.1.110.1.02 fixes the vulnerably.
CVE-2022-38490	2023-01-10	An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Some parameters allow SQL injection. Version 2022.1.110.1.02 corrects this issue.
CVE-2022-38491	2023-01-10	An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. Part of the application does not implement protection against brute-force attacks. Version 2022.1.133.0 corrects this issue.
CVE-2022-38492	2023-01-10	An issue was discovered in EasyVista 2020.2.125.3 and 2022.1.109.0.03. One parameter allows SQL injection. Version 2022.1.110.1.02 fixes the vulnerability.
CVE-2022-4379	2023-01-10	A use-after-free vulnerability was found in __nfs42_ssc_open() in fs/nfs/nfs4file.c in the Linux kernel. This flaw allows an attacker to conduct a remote denial
CVE-2022-4382	2023-01-10	A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running...
CVE-2022-4422	2023-01-10	SQLi in Bulutdesk Callcenter
CVE-2022-45164	2023-01-10	An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to cancel (delete) a booking, created by someone else - even...
CVE-2022-45165	2023-01-10	An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a user-controlled parameter that is used to create an SQL query. It causes this...
CVE-2022-45166	2023-01-10	An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application accepts a set of user-controlled parameters that are used to act on the data returned...
CVE-2022-45167	2023-01-10	An issue was discovered in Archibus Web Central 2022.03.01.107. A service exposed by the application allows a basic user to access the profile information of all connected users.
CVE-2022-46449	2023-01-10	An issue in MPD (Music Player Daemon) v0.23.10 allows attackers to cause a Denial of Service (DoS) via a crafted input.
CVE-2022-46610	2023-01-10	72crm v9 was discovered to contain an arbitrary file upload vulnerability via the avatar upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2023-0128	2023-01-10	Use after free in Overview Mode in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed a remote attacker who convinced a user to engage in specific UI interactions to...
CVE-2023-0129	2023-01-10	Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via...
CVE-2023-0130	2023-01-10	Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted...
CVE-2023-0131	2023-01-10	Inappropriate implementation in in iframe Sandbox in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to bypass file download restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2023-0132	2023-01-10	Inappropriate implementation in in Permission prompts in Google Chrome on Windows prior to 109.0.5414.74 allowed a remote attacker to force acceptance of a permission prompt via a crafted HTML page....
CVE-2023-0133	2023-01-10	Inappropriate implementation in in Permission prompts in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to bypass main origin permission delegation via a crafted HTML page. (Chromium...
CVE-2023-0134	2023-01-10	Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database...
CVE-2023-0135	2023-01-10	Use after free in Cart in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via database...
CVE-2023-0136	2023-01-10	Inappropriate implementation in in Fullscreen API in Google Chrome on Android prior to 109.0.5414.74 allowed a remote attacker to execute incorrect security UI via a crafted HTML page. (Chromium security...
CVE-2023-0137	2023-01-10	Heap buffer overflow in Platform Apps in Google Chrome on Chrome OS prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit...
CVE-2023-0138	2023-01-10	Heap buffer overflow in libphonenumber in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-0141	2023-01-10	Insufficient policy enforcement in CORS in Google Chrome prior to 109.0.5414.74 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Low)
CVE-2023-21524	2023-01-10	Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability
CVE-2023-21674	2023-01-10	Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability
CVE-2023-21676	2023-01-10	Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVE-2023-21732	2023-01-10	Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21734	2023-01-10	Microsoft Office Remote Code Execution Vulnerability
CVE-2023-21735	2023-01-10	Microsoft Office Remote Code Execution Vulnerability
CVE-2023-21737	2023-01-10	Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-21738	2023-01-10	Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-21742	2023-01-10	Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-21743	2023-01-10	Microsoft SharePoint Server Security Feature Bypass Vulnerability
CVE-2023-21744	2023-01-10	Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2023-21745	2023-01-10	Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-21748	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-21754	2023-01-10	Windows Kernel Elevation of Privilege Vulnerability