CVE List - 2023 / November
Showing 1201 - 1300 of 2443 CVEs for November 2023 (Page 13 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-46646 | 2023-11-14 | Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2022-46301 | 2023-11-14 | Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2022-41659 | 2023-11-14 | Improper access control for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2022-46298 | 2023-11-14 | Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2023-32279 | 2023-11-14 | Improper access control in user mode driver for some Intel(R) Connectivity Performance Suite before version 2.1123.214.2 may allow unauthenticated user to potentially enable information disclosure via network access. |
| CVE-2023-25075 | 2023-11-14 | Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-34997 | 2023-11-14 | Insecure inherited permissions in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-32283 | 2023-11-14 | Insertion of sensitive information into log file in some Intel(R) On Demand software before versions 1.16.2, 2.1.1, 3.1.0 may allow an authenticated user to potentially enable information disclosure via local... |
| CVE-2023-28737 | 2023-11-14 | Improper initialization in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2022-36396 | 2023-11-14 | Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2023-28397 | 2023-11-14 | Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated to potentially enable escalation of privileges via local access. |
| CVE-2022-36374 | 2023-11-14 | Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privileged user to potentially enable escalation of privilege via local... |
| CVE-2023-32661 | 2023-11-14 | Improper authentication in some Intel(R) NUC Kits NUC7PJYH and NUC7CJYH Realtek* SD Card Reader Driver installation software before version 10.0.19041.29098 may allow an authenticated user to potentially enable escalation of... |
| CVE-2022-33898 | 2023-11-14 | Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before version 2.0.21.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2022-27229 | 2023-11-14 | Path transversal in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2022-41700 | 2023-11-14 | Insecure inherited permissions in some Intel(R) NUC Pro Software Suite installation software before version 2.0.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-32658 | 2023-11-14 | Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege... |
| CVE-2023-33874 | 2023-11-14 | Uncontrolled search path in some Intel(R) NUC 12 Pro Kits & Mini PCs - NUC12WS Intel(R) HID Event Filter Driver installation software before version 2.2.2.1 for Windows may allow an... |
| CVE-2023-32660 | 2023-11-14 | Uncontrolled search path in some Intel(R) NUC Kit NUC6i7KYK Thunderbolt(TM) 3 Firmware Update Tool installation software before version 46 may allow an authenticated user to potentially enable escalation of privilege... |
| CVE-2023-33878 | 2023-11-14 | Path transversal in some Intel(R) NUC P14E Laptop Element Audio Install Package software before version 156 for Windows may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2023-28377 | 2023-11-14 | Improper authentication in some Intel(R) NUC Kit NUC11PH USB firmware installation software before version 1.1 for Windows may allow an authenticated user to potentially enable escalation of privilege via local... |
| CVE-2023-32278 | 2023-11-14 | Path transversal in some Intel(R) NUC Uniwill Service Driver for Intel(R) NUC M15 Laptop Kits - LAPRC510 & LAPRC710 Uniwill Service Driver installation software before version 1.0.1.7 for Intel(R) NUC... |
| CVE-2023-32655 | 2023-11-14 | Path transversal in some Intel(R) NUC Kits & Mini PCs - NUC8i7HVK & NUC8HNK USB Type C power delivery controller installatio software before version 1.0.10.3 for Windows may allow an... |
| CVE-2023-22310 | 2023-11-14 | Race condition in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2023-26589 | 2023-11-14 | Use after free in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allowed an authenticated user to potentially enable denial of service via local access. |
| CVE-2023-22305 | 2023-11-14 | Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2023-25949 | 2023-11-14 | Uncontrolled resource consumption in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2023-28723 | 2023-11-14 | Exposure of sensitive information to an unauthorized actor in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2023-22327 | 2023-11-14 | Out-of-bounds write in firmware for some Intel(R) FPGA products before version 2.8.1 may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2023-32641 | 2023-11-14 | Improper input validation in firmware for Intel(R) QAT before version QAT20.L.1.0.40-00004 may allow escalation of privilege and denial of service via adjacent access. |
| CVE-2023-28376 | 2023-11-14 | Out-of-bounds read in the firmware for some Intel(R) E810 Ethernet Controllers and Adapters before version 1.7.1 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
| CVE-2023-24587 | 2023-11-14 | Insufficient control flow management in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable denial of service via local access. |
| CVE-2023-27519 | 2023-11-14 | Improper input validation in firmware for some Intel(R) Optane(TM) SSD products may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2023-27879 | 2023-11-14 | Improper access control in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access. |
| CVE-2023-27306 | 2023-11-14 | Improper Initialization in firmware for some Intel(R) Optane(TM) SSD products may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2023-24588 | 2023-11-14 | Exposure of sensitive information to an unauthorized actor in firmware for some Intel(R) Optane(TM) SSD products may allow an unauthenticated user to potentially enable information disclosure via physical access. |
| CVE-2023-33872 | 2023-11-14 | Improper access control in the Intel Support android application all verions may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2023-31273 | 2023-11-14 | Protection mechanism failure in some Intel DCM software before version 5.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. |
| CVE-2023-25080 | 2023-11-14 | Protection mechanism failure in some Intel(R) Distribution of OpenVINO toolkit software before version 2023.0.0 may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2023-31203 | 2023-11-14 | Improper input validation in some OpenVINO Model Server software before version 2022.3 for Intel Distribution of OpenVINO toolkit may allow an unauthenticated user to potentially enable denial of service via... |
| CVE-2023-32204 | 2023-11-14 | Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-29157 | 2023-11-14 | Improper access control in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-29161 | 2023-11-14 | Uncontrolled search path in some Intel(R) OFU software before version 14.1.31 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-38411 | 2023-11-14 | Improper access control in the Intel Smart Campus android application before version 9.4 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-34430 | 2023-11-14 | Uncontrolled search path in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-32662 | 2023-11-14 | Improper authorization in some Intel Battery Life Diagnostic Tool installation software before version 2.2.1 may allow a privilaged user to potentially enable escalation of privilege via local access. |
| CVE-2022-38786 | 2023-11-14 | Improper access control in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-24592 | 2023-11-14 | Path traversal in the some Intel(R) oneAPI Toolkits and Component software before version 2023.1 may allow authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-27383 | 2023-11-14 | Protection mechanism failure in some Intel(R) oneAPI HPC Toolkit 2023.1 and Intel(R)MPI Library software before version 2021.9 may allow a privileged user to potentially enable escalation of privilege via adjacent... |
| CVE-2023-40220 | 2023-11-14 | Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2023-40540 | 2023-11-14 | Non-Transparent Sharing of Microarchitectural Resources in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2023-25756 | 2023-11-14 | Out-of-bounds read in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via adjacent access. |
| CVE-2023-22329 | 2023-11-14 | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via adjacent access. |
| CVE-2023-34431 | 2023-11-14 | Improper input validation in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access |
| CVE-2022-33945 | 2023-11-14 | Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2022-29262 | 2023-11-14 | Improper buffer restrictions in some Intel(R) Server Board BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2022-24379 | 2023-11-14 | Improper input validation in some Intel(R) Server System M70KLP Family BIOS firmware before version 01.04.0029 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2022-29510 | 2023-11-14 | Improper buffer restrictions in some Intel(R) Server Board M10JNP2SB BIOS firmware before version 7.219 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2023-27513 | 2023-11-14 | Uncontrolled search path element in some Intel(R) Server Information Retrieval Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-29504 | 2023-11-14 | Uncontrolled search path element in some Intel(R) RealSense(TM) Dynamic Calibration software before version 2.13.1.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-28388 | 2023-11-14 | Uncontrolled search path element in some Intel(R) Chipset Device Software before version 10.1.19444.8378 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-28378 | 2023-11-14 | Improper authorization in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-28740 | 2023-11-14 | Uncontrolled search path element in some Intel(R) QAT drivers for Windows - HW Version 2.0 before version 2.0.4 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2023-22313 | 2023-11-14 | Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to potentially enable information disclosure via local access. |
| CVE-2023-28741 | 2023-11-14 | Buffer overflow in some Intel(R) QAT drivers for Windows - HW Version 1.0 before version 1.10 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2023-47127 | 2023-11-14 | Weak Authentication in Session Handling in typo3/cms-core |
| CVE-2023-26222 | 2023-11-14 | TIBCO EBX Cross-site Scripting (XXS) Vulnerability |
| CVE-2023-47646 | 2023-11-14 | WordPress Recently viewed and most viewed products Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47554 | 2023-11-14 | WordPress Actueel Financieel Nieuws – Denk Internet Solutions Plugin <= 5.1.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47126 | 2023-11-14 | Information Disclosure in Install Tool in typo3/cms-install |
| CVE-2023-47550 | 2023-11-14 | WordPress Donations Made Easy – Smart Donations Plugin <= 4.0.12 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47125 | 2023-11-14 | By-passing Cross-Site Scripting Protection in HTML Sanitizer |
| CVE-2023-36437 | 2023-11-14 | Azure DevOps Server Remote Code Execution Vulnerability |
| CVE-2023-36007 | 2023-11-14 | Microsoft Send Customer Voice survey from Dynamics 365 Spoofing Vulnerability |
| CVE-2023-36049 | 2023-11-14 | .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability |
| CVE-2023-34060 | 2023-11-14 | VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud... |
| CVE-2023-46132 | 2023-11-14 | Crosslinking transaction attack in hyperledger/fabric |
| CVE-2023-47130 | 2023-11-14 | Unsafe deserialization of user data in yiisoft/yii |
| CVE-2023-5528 | 2023-11-14 | Kubernetes - Windows nodes - Insufficient input sanitization in in-tree storage plugin leads to privilege escalation |
| CVE-2023-47549 | 2023-11-14 | WordPress EazyDocs Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47641 | 2023-11-14 | Inconsistent interpretation of `Content-Length` vs. `Transfer-Encoding` in aiohttp |
| CVE-2023-47547 | 2023-11-14 | WordPress Products, Order & Customers Export for WooCommerce Plugin <= 2.0.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47627 | 2023-11-14 | Request smuggling in aiohttp |
| CVE-2023-47546 | 2023-11-14 | WordPress OneClick Chat to Order Plugin <= 1.0.4.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47640 | 2023-11-14 | Insecure Use of HMAC-SHA1 For Session Signing in datahub |
| CVE-2023-47545 | 2023-11-14 | WordPress Forms for Mailchimp by Optin Cat Plugin <= 2.5.4 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47630 | 2023-11-14 | Attacker can cause Kyverno user to unintentionally consume insecure image |
| CVE-2023-47544 | 2023-11-14 | WordPress Atarim Plugin <= 3.12 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47631 | 2023-11-14 | vantage6 Node accepts non-whitelisted algorithms from malicious server |
| CVE-2023-47533 | 2023-11-14 | WordPress Countdown and CountUp, WooCommerce Sales Timer Plugin <= 1.8.2 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47532 | 2023-11-14 | WordPress WP Crowdfunding Plugin <= 2.1.6 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47528 | 2023-11-14 | WordPress WP Edit Username Plugin <= 1.0.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-39535 | 2023-11-14 | Improper input validation in BIOS |
| CVE-2023-39536 | 2023-11-14 | Improper input validation in BIOS OFBD |
| CVE-2023-39537 | 2023-11-14 | Improper input validation in BIOS TCG2 |
| CVE-2023-47524 | 2023-11-14 | WordPress CodeBard's Patron Button and Widgets for Patreon Plugin <= 2.1.9 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-36558 | 2023-11-14 | ASP.NET Core Security Feature Bypass Vulnerability |
| CVE-2023-36038 | 2023-11-14 | ASP.NET Core Denial of Service Vulnerability |
| CVE-2023-47522 | 2023-11-14 | WordPress Photo Feed Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-48217 | 2023-11-14 | Remote code execution via form uploads in statamic/cms |