CVE List - 2023 / October
Showing 2101 - 2200 of 2690 CVEs for October 2023 (Page 22 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-46659 | 2023-10-25 | Jenkins Edgewall Trac Plugin 1.13 and earlier does not escape... |
| CVE-2023-46660 | 2023-10-25 | Jenkins Zanata Plugin 0.6 and earlier uses a non-constant time... |
| CVE-2023-41255 | 2023-10-25 | The vulnerability allows an unprivileged user with access to the... |
| CVE-2023-41960 | 2023-10-25 | The vulnerability allows an unprivileged(untrusted) third-party application to interact with... |
| CVE-2023-41372 | 2023-10-25 | The vulnerability allows an unprivileged (untrusted) third- party application to... |
| CVE-2023-45220 | 2023-10-25 | The Android Client application, when enrolled with the define method... |
| CVE-2023-45321 | 2023-10-25 | The Android Client application, when enrolled with the define method... |
| CVE-2023-45851 | 2023-10-25 | The Android Client application, when enrolled to the AppHub server,connects... |
| CVE-2023-46102 | 2023-10-25 | The Android Client application, when enrolled to the AppHub server,... |
| CVE-2023-42491 | 2023-10-25 | EisBaer Scada - CWE-285: Improper Authorization |
| CVE-2023-42488 | 2023-10-25 | EisBaer Scada - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') |
| CVE-2023-30912 | 2023-10-25 | A remote code execution issue exists in HPE OneView. |
| CVE-2023-42489 | 2023-10-25 | EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource |
| CVE-2023-42490 | 2023-10-25 | EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor |
| CVE-2023-42492 | 2023-10-25 | EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key |
| CVE-2023-42493 | 2023-10-25 | EisBaer Scada - CWE-256: Plaintext Storage of a Password |
| CVE-2023-42494 | 2023-10-25 | EisBaer Scada - CWE-749: Exposed Dangerous Method or Function |
| CVE-2023-34446 | 2023-10-25 | iTop XSS vulnerability on pages/preferences.php |
| CVE-2023-34447 | 2023-10-25 | iTop XSS vulnerability on pages/UI.php |
| CVE-2023-5472 | 2023-10-25 | Use after free in Profiles in Google Chrome prior to... |
| CVE-2023-37908 | 2023-10-25 | org.xwiki.rendering:xwiki-rendering-xml Improper Neutralization of Invalid Characters in Identifiers in Web Pages vulnerability |
| CVE-2023-37909 | 2023-10-25 | Privilege escalation (PR)/remote code execution from account through Menu.UIExtensionSheet |
| CVE-2023-5671 | 2023-10-25 | HP Print and Scan Doctor for Windows may potentially be... |
| CVE-2023-37910 | 2023-10-25 | org.xwiki.platform:xwiki-platform-attachment-api vulnerable to Missing Authorization on Attachment Move |
| CVE-2023-37911 | 2023-10-25 | org.xwiki.platform:xwiki-platform-oldcore may leak data through deleted and re-created documents |
| CVE-2023-37912 | 2023-10-25 | XWiki Rendering's footnote macro vulnerable to privilege escalation via the footnote macro |
| CVE-2023-37913 | 2023-10-25 | org.xwiki.platform:xwiki-platform-office-importer vulnerable to arbitrary server side file writing from account through office converter |
| CVE-2023-42847 | 2023-10-25 | A logic issue was addressed with improved checks. This issue... |
| CVE-2023-40401 | 2023-10-25 | The issue was addressed with additional permissions checks. This issue... |
| CVE-2023-40421 | 2023-10-25 | A permissions issue was addressed with additional restrictions. This issue... |
| CVE-2023-32359 | 2023-10-25 | This issue was addressed with improved redaction of sensitive information.... |
| CVE-2023-40416 | 2023-10-25 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42846 | 2023-10-25 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2023-42850 | 2023-10-25 | The issue was addressed with improved permissions logic. This issue... |
| CVE-2023-42861 | 2023-10-25 | A logic issue was addressed with improved state management. This... |
| CVE-2023-41975 | 2023-10-25 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2023-42857 | 2023-10-25 | A privacy issue was addressed with improved private data redaction... |
| CVE-2023-42841 | 2023-10-25 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-41997 | 2023-10-25 | This issue was addressed by restricting options offered on a... |
| CVE-2023-40447 | 2023-10-25 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42856 | 2023-10-25 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-41077 | 2023-10-25 | An app may be able to access protected user data.... |
| CVE-2023-41977 | 2023-10-25 | The issue was addressed with improved handling of caches. This... |
| CVE-2023-40425 | 2023-10-25 | A privacy issue was addressed with improved private data redaction... |
| CVE-2023-40405 | 2023-10-25 | A privacy issue was addressed with improved private data redaction... |
| CVE-2023-42438 | 2023-10-25 | An inconsistent user interface issue was addressed with improved state... |
| CVE-2023-40444 | 2023-10-25 | A permissions issue was addressed with additional restrictions. This issue... |
| CVE-2023-41982 | 2023-10-25 | This issue was addressed by restricting options offered on a... |
| CVE-2023-40413 | 2023-10-25 | The issue was addressed with improved handling of caches. This... |
| CVE-2023-42854 | 2023-10-25 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2023-42842 | 2023-10-25 | The issue was addressed with improved checks. This issue is... |
| CVE-2023-41983 | 2023-10-25 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-41254 | 2023-10-25 | A privacy issue was addressed with improved private data redaction... |
| CVE-2023-40445 | 2023-10-25 | The issue was addressed with improved UI handling. This issue... |
| CVE-2023-40404 | 2023-10-25 | A use-after-free issue was addressed with improved memory management. This... |
| CVE-2023-40449 | 2023-10-25 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-41976 | 2023-10-25 | A use-after-free issue was addressed with improved memory management. This... |
| CVE-2023-40408 | 2023-10-25 | An inconsistent user interface issue was addressed with improved state... |
| CVE-2023-42845 | 2023-10-25 | An authentication issue was addressed with improved state management. This... |
| CVE-2023-41072 | 2023-10-25 | A privacy issue was addressed with improved private data redaction... |
| CVE-2023-41988 | 2023-10-25 | This issue was addressed by restricting options offered on a... |
| CVE-2023-42849 | 2023-10-25 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-40423 | 2023-10-25 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-41989 | 2023-10-25 | The issue was addressed by restricting options offered on a... |
| CVE-2023-42852 | 2023-10-25 | A logic issue was addressed with improved checks. This issue... |
| CVE-2023-42844 | 2023-10-25 | This issue was addressed with improved handling of symlinks. This... |
| CVE-2023-45134 | 2023-10-25 | XWiki Platform XSS vulnerability from account in the create page form via template provider |
| CVE-2022-4886 | 2023-10-25 | Ingress-nginx `path` sanitization can be bypassed with `log_format` directive |
| CVE-2023-5043 | 2023-10-25 | Ingress nginx annotation injection causes arbitrary command execution |
| CVE-2023-5044 | 2023-10-25 | Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation |
| CVE-2023-45135 | 2023-10-25 | XWiki users can be tricked to execute scripts as the create page action doesn't display the page's title |
| CVE-2023-45136 | 2023-10-25 | XWiki Platform web templates vulnerable to reflected XSS in the create document form if name validation is enabled |
| CVE-2023-5367 | 2023-10-25 | Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty |
| CVE-2023-5380 | 2023-10-25 | Xorg-x11-server: use-after-free bug in destroywindow |
| CVE-2023-5574 | 2023-10-25 | Xorg-x11-server: use-after-free bug in damagedestroy |
| CVE-2023-45137 | 2023-10-25 | XWiki Platform XSS with edit right in the create document form for existing pages |
| CVE-2023-46133 | 2023-10-25 | crypto-es PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard |
| CVE-2023-46233 | 2023-10-25 | crypto-js PBKDF2 1,000 times weaker than specified in 1993 and 1.3M times weaker than current standard |
| CVE-2023-46134 | 2023-10-25 | D-Tale vulnerable to Remote Code Execution through the Custom Filter Input |
| CVE-2023-46137 | 2023-10-25 | twisted.web has disordered HTTP pipeline response |
| CVE-2023-46232 | 2023-10-25 | era-compiler-vyper First Immutable Variable Initialization vulnerability |
| CVE-2023-30969 | 2023-10-25 | Palantir Tiles missing authentication on API endpoints |
| CVE-2023-30967 | 2023-10-25 | Gotham Orbital Simulator path traversal |
| CVE-2023-46668 | 2023-10-25 | Elastic Endpoint Insertion of Sensitive Information into Log File |
| CVE-2018-16739 | 2023-10-26 | An issue was discovered on certain ABUS TVIP devices. Due... |
| CVE-2018-17558 | 2023-10-26 | Hardcoded manufacturer credentials and an OS command injection vulnerability in... |
| CVE-2018-17559 | 2023-10-26 | Due to incorrect access control, unauthenticated remote attackers can view... |
| CVE-2018-17878 | 2023-10-26 | Buffer Overflow vulnerability in certain ABUS TVIP cameras allows attackers... |
| CVE-2018-17879 | 2023-10-26 | An issue was discovered on certain ABUS TVIP cameras. The... |
| CVE-2020-17477 | 2023-10-26 | Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow... |
| CVE-2023-27170 | 2023-10-26 | Xpand IT Write-back manager v2.3.1 allows attackers to perform a... |
| CVE-2023-33558 | 2023-10-26 | An information disclosure vulnerability in the component users-grid-data.php of Ocomon... |
| CVE-2023-33559 | 2023-10-26 | A local file inclusion vulnerability via the lang parameter in... |
| CVE-2023-38328 | 2023-10-26 | An issue was discovered in eGroupWare 17.1.20190111. An Improper Password... |
| CVE-2023-39726 | 2023-10-26 | An issue in Mintty v.3.6.4 and before allows a remote... |
| CVE-2023-42188 | 2023-10-26 | IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery (CSRF). |
| CVE-2023-42406 | 2023-10-26 | SQL injection vulnerability in D-Link Online behavior audit gateway DAR-7000... |
| CVE-2023-43352 | 2023-10-26 | An issue in CMSmadesimple v.2.2.18 allows a local attacker to... |
| CVE-2023-45867 | 2023-10-26 | ILIAS (2013-09-12 release) contains a medium-criticality Directory Traversal local file... |
| CVE-2023-45868 | 2023-10-26 | The Learning Module in ILIAS 7.25 (2023-09-12 release) allows an... |