CVE List - 2023 / October
Showing 801 - 900 of 2690 CVEs for October 2023 (Page 9 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-36790 | 2023-10-10 | Windows RDP Encoder Mirror Driver Elevation of Privilege Vulnerability |
| CVE-2023-36789 | 2023-10-10 | Skype for Business Remote Code Execution Vulnerability |
| CVE-2023-36786 | 2023-10-10 | Skype for Business Remote Code Execution Vulnerability |
| CVE-2023-36785 | 2023-10-10 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-36780 | 2023-10-10 | Skype for Business Remote Code Execution Vulnerability |
| CVE-2023-36778 | 2023-10-10 | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2023-36776 | 2023-10-10 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-36743 | 2023-10-10 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-36566 | 2023-10-10 | Microsoft Common Data Model SDK Denial of Service Vulnerability |
| CVE-2023-36565 | 2023-10-10 | Microsoft Office Graphics Elevation of Privilege Vulnerability |
| CVE-2023-36436 | 2023-10-10 | Windows MSHTML Platform Remote Code Execution Vulnerability |
| CVE-2023-36418 | 2023-10-10 | Azure RTOS GUIX Studio Remote Code Execution Vulnerability |
| CVE-2023-36416 | 2023-10-10 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-36415 | 2023-10-10 | Azure Identity SDK Remote Code Execution Vulnerability |
| CVE-2023-36414 | 2023-10-10 | Azure Identity SDK Remote Code Execution Vulnerability |
| CVE-2023-42794 | 2023-10-10 | Apache Tomcat: FileUpload: DoS due to accumulation of temporary files on Windows |
| CVE-2023-45129 | 2023-10-10 | matrix-synapse vulnerable to denial of service due to malicious server ACL events |
| CVE-2023-4309 | 2023-10-10 | Election Services Co. (ESC) Internet Election Service is vulnerable to... |
| CVE-2023-5497 | 2023-10-10 | Tongda OA 2017 delete.php sql injection |
| CVE-2023-42795 | 2023-10-10 | Apache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests |
| CVE-2023-45648 | 2023-10-10 | Apache Tomcat: Trailer header parsing too lenient |
| CVE-2023-26220 | 2023-10-10 | TIBCO Spotfire Stored Cross-site Scripting (XSS) vulnerability |
| CVE-2023-38817 | 2023-10-11 | An issue in Inspect Element Ltd Echo.ac v.5.2.1.0 allows a... |
| CVE-2023-43960 | 2023-10-11 | An issue in DLINK DPH-400SE FRU 2.2.15.8 allows a remote... |
| CVE-2023-44961 | 2023-10-11 | SQL Injection vulnerability in Koha Library Software 23.0.5.04 and before... |
| CVE-2023-44962 | 2023-10-11 | File Upload vulnerability in Koha Library Software 23.05.04 and before... |
| CVE-2023-45396 | 2023-10-11 | An Insecure Direct Object Reference (IDOR) vulnerability leads to events... |
| CVE-2023-5511 | 2023-10-11 | Cross-Site Request Forgery (CSRF) in snipe/snipe-it |
| CVE-2023-44689 | 2023-10-11 | e-Gov Client Application (Windows version) versions prior to 2.1.1.0 and... |
| CVE-2023-45194 | 2023-10-11 | Use of default credentials vulnerability in MR-GM2 firmware Ver. 3.00.03... |
| CVE-2022-42451 | 2023-10-11 | HCL BigFix Patch Management is vulnerable to insecurely stored credentials |
| CVE-2022-44758 | 2023-10-11 | HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to improper credential handling |
| CVE-2022-44757 | 2023-10-11 | HCL BigFix Insights for Vulnerability Remediation (IVR) is vulnerable to weak cryptography |
| CVE-2023-26318 | 2023-10-11 | Xiaomi router web interface post-authorization stack overflow |
| CVE-2023-26319 | 2023-10-11 | Xiaomi Router administration interface vulnerability leads command injection and stack overflow |
| CVE-2023-37536 | 2023-10-11 | HCL BigFix Platform is vulnerable to an integer overflow in xerces-c++ 3.2.3 |
| CVE-2023-26320 | 2023-10-11 | Xiaomi Router external request interface vulnerability leads to stack overflow |
| CVE-2023-4990 | 2023-10-11 | Directory traversal vulnerability in MCL-Net versions prior to 4.6 Update... |
| CVE-2023-44997 | 2023-10-11 | WordPress WP Forms Puzzle Captcha Plugin <= 4.1 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-42138 | 2023-10-11 | Out-of-bounds read vulnerability exists in KV STUDIO Ver. 11.62 and... |
| CVE-2023-44093 | 2023-10-11 | Vulnerability of package names' public keys not being verified in... |
| CVE-2023-44096 | 2023-10-11 | Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... |
| CVE-2023-44109 | 2023-10-11 | Clone vulnerability in the huks ta module.Successful exploitation of this... |
| CVE-2023-44094 | 2023-10-11 | Type confusion vulnerability in the distributed file module.Successful exploitation of... |
| CVE-2023-38216 | 2023-10-11 | ZDI-CAN-21404: Adobe Bridge Font Parsing Use-After-Free Information Disclosure Vulnerability |
| CVE-2023-38217 | 2023-10-11 | ZDI-CAN-21403: Adobe Bridge Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44095 | 2023-10-11 | Use-After-Free (UAF) vulnerability in the surfaceflinger module.Successful exploitation of this... |
| CVE-2023-44097 | 2023-10-11 | Vulnerability of the permission to access device SNs being improperly... |
| CVE-2023-44100 | 2023-10-11 | Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of... |
| CVE-2023-44101 | 2023-10-11 | The Bluetooth module has a vulnerability in permission control for... |
| CVE-2023-26370 | 2023-10-11 | ZDI-CAN-21257: Adobe Photoshop PSD File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| CVE-2023-44102 | 2023-10-11 | Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of... |
| CVE-2023-44103 | 2023-10-11 | Out-of-bounds read vulnerability in the Bluetooth module.Successful exploitation of this... |
| CVE-2023-44104 | 2023-10-11 | Broadcast permission control vulnerability in the Bluetooth module.Successful exploitation of... |
| CVE-2023-44106 | 2023-10-11 | API permission management vulnerability in the Fwk-Display module.Successful exploitation of... |
| CVE-2023-44981 | 2023-10-11 | Apache ZooKeeper: Authorization bypass in SASL Quorum Peer Authentication |
| CVE-2023-5520 | 2023-10-11 | Out-of-bounds Read in gpac/gpac |
| CVE-2023-41304 | 2023-10-11 | Parameter verification vulnerability in the window module.Successful exploitation of this... |
| CVE-2023-44110 | 2023-10-11 | Out-of-bounds access vulnerability in the audio module.Successful exploitation of this... |
| CVE-2023-44111 | 2023-10-11 | Vulnerability of brute-force attacks on the device authentication module.Successful exploitation... |
| CVE-2023-5521 | 2023-10-11 | Incorrect Authorization in tiann/kernelsu |
| CVE-2023-44114 | 2023-10-11 | Out-of-bounds array vulnerability in the dataipa module.Successful exploitation of this... |
| CVE-2023-44116 | 2023-10-11 | Vulnerability of access permissions not being strictly verified in the... |
| CVE-2023-44118 | 2023-10-11 | Vulnerability of undefined permissions in the MeeTime module.Successful exploitation of... |
| CVE-2023-44119 | 2023-10-11 | Vulnerability of mutual exclusion management in the kernel module.Successful exploitation... |
| CVE-2023-44105 | 2023-10-11 | Vulnerability of permissions not being strictly verified in the window... |
| CVE-2023-44107 | 2023-10-11 | Vulnerability of defects introduced in the design process in the... |
| CVE-2023-44108 | 2023-10-11 | Type confusion vulnerability in the distributed file module.Successful exploitation of... |
| CVE-2023-37538 | 2023-10-11 | HCL Digital Experience is susceptible to cross site scripting (XSS) |
| CVE-2023-4957 | 2023-10-11 | Authentication Bypass on Zebra ZTC |
| CVE-2023-35967 | 2023-10-11 | Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality... |
| CVE-2023-35968 | 2023-10-11 | Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality... |
| CVE-2023-35965 | 2023-10-11 | Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post... |
| CVE-2023-35966 | 2023-10-11 | Two heap-based buffer overflow vulnerabilities exist in the httpd manage_post... |
| CVE-2023-32632 | 2023-10-11 | A command execution vulnerability exists in the validate.so diag_ping_start functionality... |
| CVE-2023-34426 | 2023-10-11 | A stack-based buffer overflow vulnerability exists in the httpd manage_request... |
| CVE-2023-31272 | 2023-10-11 | A stack-based buffer overflow vulnerability exists in the httpd do_wds... |
| CVE-2023-34346 | 2023-10-11 | A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi... |
| CVE-2023-34365 | 2023-10-11 | A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore... |
| CVE-2023-24479 | 2023-10-11 | An authentication bypass vulnerability exists in the httpd nvram.cgi functionality... |
| CVE-2023-35055 | 2023-10-11 | A buffer overflow vulnerability exists in the httpd next_page functionality... |
| CVE-2023-35056 | 2023-10-11 | A buffer overflow vulnerability exists in the httpd next_page functionality... |
| CVE-2023-32645 | 2023-10-11 | A leftover debug code vulnerability exists in the httpd debug... |
| CVE-2023-35193 | 2023-10-11 | An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write... |
| CVE-2023-35194 | 2023-10-11 | An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write... |
| CVE-2023-34354 | 2023-10-11 | A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi... |
| CVE-2023-27380 | 2023-10-11 | An OS command injection vulnerability exists in the admin.cgi USSD_send... |
| CVE-2023-28381 | 2023-10-11 | An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init... |
| CVE-2023-34356 | 2023-10-11 | An OS command injection vulnerability exists in the data.cgi xfer_dns... |
| CVE-2023-4936 | 2023-10-11 | Synaptics-DisplayLink-privilege escalation vulnerability via a dynamic library sideloading |
| CVE-2023-23930 | 2023-10-11 | vantage6's Pickle serialization is insecure |
| CVE-2023-35645 | 2023-10-11 | In tbd of tbd, there is a possible memory corruption... |
| CVE-2023-5535 | 2023-10-11 | Use After Free in vim/vim |
| CVE-2023-35646 | 2023-10-11 | In TBD of TBD, there is a possible stack buffer... |
| CVE-2023-35647 | 2023-10-11 | In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of... |
| CVE-2023-35648 | 2023-10-11 | In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out of... |
| CVE-2023-35649 | 2023-10-11 | In several functions of Exynos modem files, there is a... |
| CVE-2023-35652 | 2023-10-11 | In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of... |
| CVE-2023-35653 | 2023-10-11 | In TBD of TBD, there is a possible way to... |
| CVE-2023-28635 | 2023-10-11 | Defining resource name as integer in vantage6 may give unintended access |