CVE List - 2023 / November
Showing 1401 - 1500 of 2443 CVEs for November 2023 (Page 15 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-47003 | 2023-11-16 | An issue in RedisGraph v.2.12.10 allows an attacker to execute arbitrary code and cause a denial of service via a crafted string in DataBlock_ItemIsDeleted. |
| CVE-2023-47025 | 2023-11-16 | An issue in Free5gc v.3.3.0 allows a local attacker to cause a denial of service via the free5gc-compose component. |
| CVE-2023-47263 | 2023-11-16 | Certain WithSecure products allow a Denial of Service (DoS) in the antivirus engine when scanning a fuzzed PE32 file. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure... |
| CVE-2023-47264 | 2023-11-16 | Certain WithSecure products have a buffer over-read whereby processing certain fuzz file types may cause a denial of service (DoS). This affects WithSecure Client Security 15, WithSecure Server Security 15,... |
| CVE-2023-47470 | 2023-11-16 | Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the... |
| CVE-2023-47471 | 2023-11-16 | Buffer Overflow vulnerability in strukturag libde265 v1.10.12 allows a local attacker to cause a denial of service via the slice_segment_header function in the slice.cc component. |
| CVE-2023-48052 | 2023-11-16 | Missing SSL certificate validation in HTTPie v3.2.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack. |
| CVE-2023-48053 | 2023-11-16 | Archery v1.10.0 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications. |
| CVE-2023-48054 | 2023-11-16 | Missing SSL certificate validation in localstack v2.3.2 allows attackers to eavesdrop on communications between the host and server via a man-in-the-middle attack. |
| CVE-2023-48055 | 2023-11-16 | SuperAGI v0.0.13 was discovered to use a hardcoded key for encryption operations. This vulnerability can lead to the disclosure of information and communications. |
| CVE-2023-48056 | 2023-11-16 | PyPinkSign v0.5.1 uses a non-random or static IV for Cipher Block Chaining (CBC) mode in AES encryption. This vulnerability can lead to the disclosure of information and communications. |
| CVE-2023-48078 | 2023-11-16 | SQL Injection vulnerability in add.php in Simple CRUD Functionality v1.0 allows attackers to run arbitrary SQL commands via the 'title' parameter. |
| CVE-2023-48134 | 2023-11-16 | nagayama_copabowl Line 13.6.1 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. |
| CVE-2023-47335 | 2023-11-16 | Insecure permissions in the setNFZEnable function of Autel Robotics EVO Nano drone v1.6.5 allows attackers to breach the geo-fence and fly into no-fly zones. |
| CVE-2023-43757 | 2023-11-16 | Inadequate encryption strength vulnerability in multiple routers provided by ELECOM CO.,LTD. and LOGITEC CORPORATION allows a network-adjacent unauthenticated attacker to guess the encryption key used for wireless LAN communication and... |
| CVE-2023-43752 | 2023-11-16 | OS command injection vulnerability in WRC-X3000GS2-W v1.05 and earlier, WRC-X3000GS2-B v1.05 and earlier, and WRC-X3000GS2A-B v1.05 and earlier allows a network-adjacent authenticated user to execute an arbitrary OS command by... |
| CVE-2023-47674 | 2023-11-16 | Missing authentication for critical function vulnerability in First Corporation's DVRs allows a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are... |
| CVE-2023-47213 | 2023-11-16 | First Corporation's DVRs use a hard-coded password, which may allow a remote unauthenticated attacker to rewrite or obtain the configuration information of the affected device. Note that updates are provided... |
| CVE-2023-44296 | 2023-11-16 | Dell ELab-Navigator, version 3.1.9 contains a hard-coded credential vulnerability. A local attacker could potentially exploit this vulnerability, leading to unauthorized access to sensitive data. Successful exploitation may result in the... |
| CVE-2023-32469 | 2023-11-16 | Dell Precision Tower BIOS contains an Improper Input Validation vulnerability. A locally authenticated malicious user with admin privileges could potentially exploit this vulnerability to perform arbitrary code execution. |
| CVE-2023-26031 | 2023-11-16 | Privilege escalation in Apache Hadoop Yarn container-executor binary on Linux systems |
| CVE-2023-39246 | 2023-11-16 | Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user... |
| CVE-2023-39259 | 2023-11-16 | Dell OS Recovery Tool, versions 2.2.4013, 2.3.7012.0, and 2.3.7515.0 contain an Improper Access Control Vulnerability. A local authenticated non-administrator user could potentially exploit this vulnerability, leading to the elevation of... |
| CVE-2023-44282 | 2023-11-16 | Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. A local low-privileged attacker could potentially exploit this vulnerability, leading to gaining escalated privileges. |
| CVE-2023-44292 | 2023-11-16 | Dell Repository Manager, 3.4.3 and prior, contains an Improper Access Control vulnerability in its installation module. A local low-privileged attacker could potentially exploit this vulnerability, leading to gaining escalated privileges. |
| CVE-2023-6119 | 2023-11-16 | An Improper Privilege Management vulnerability in Trellix GetSusp prior to version 5.0.0.27 allows a local, low privilege attacker to gain access to files that usually require a higher privilege level.... |
| CVE-2023-44372 | 2023-11-16 | TALOS-2023-1842 - Adobe Acrobat Reader U3D page event use-after-free vulnerability |
| CVE-2023-44337 | 2023-11-16 | ZDI-CAN-21509: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-44367 | 2023-11-16 | ZDI-CAN-21929: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-44365 | 2023-11-16 | ZDI-CAN-21931: Adobe Acrobat Reader DC Font Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| CVE-2023-44336 | 2023-11-16 | TALOS-2023-1794 - Adobe Acrobat Reader Thermometer use-after-free vulnerability |
| CVE-2023-44339 | 2023-11-16 | ZDI-CAN-21422: Adobe Acrobat Reader DC AcroForm value Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44358 | 2023-11-16 | ZDI-CAN-21971: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44371 | 2023-11-16 | ZDI-CAN-21998: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-44361 | 2023-11-16 | ZDI-CAN-22041: Adobe Acrobat Reader DC AcroForm Doc Object Use-After-Free Information Disclosure Vulnerability |
| CVE-2023-44338 | 2023-11-16 | ZDI-CAN-21493: Adobe Acrobat Reader DC Annotation Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-44340 | 2023-11-16 | ZDI-CAN-21424: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44366 | 2023-11-16 | ZDI-CAN-21928: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-44359 | 2023-11-16 | ZDI-CAN-21936: Adobe Acrobat Reader DC Font Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-44360 | 2023-11-16 | ZDI-CAN-21882: Adobe Acrobat Reader DC PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44356 | 2023-11-16 | ZDI-CAN-21956: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44348 | 2023-11-16 | ZDI-CAN-21925: (bypass of VULN-24891) Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44357 | 2023-11-16 | ZDI-CAN-21930: Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-44342 | 2023-11-16 | Adobe InDesign CC 2023 Memory Corruption Vulnerability II. |
| CVE-2023-44343 | 2023-11-16 | Adobe InDesign CC 2023 Memory Corruption Vulnerability III. |
| CVE-2023-44347 | 2023-11-16 | Adobe InDesign CC 2023 Memory Corruption Vulnerability IX. |
| CVE-2023-44346 | 2023-11-16 | Adobe InDesign CC 2023 Memory Corruption Vulnerability VIII. |
| CVE-2023-44341 | 2023-11-16 | Adobe InDesign CC 2023 Memory Corruption Vulnerability I |
| CVE-2023-44344 | 2023-11-16 | Adobe InDesign CC 2023 Memory Corruption Vulnerability V. |
| CVE-2023-44345 | 2023-11-16 | Adobe InDesign CC 2023 Memory Corruption Vulnerability VII. |
| CVE-2023-6174 | 2023-11-16 | Out-of-bounds Read in Wireshark |
| CVE-2023-4771 | 2023-11-16 | Cross-Site Scripting vulnerability in CKSource CKEditor |
| CVE-2023-44330 | 2023-11-16 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability III. |
| CVE-2023-44334 | 2023-11-16 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability VI. |
| CVE-2023-44335 | 2023-11-16 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability I. |
| CVE-2023-44331 | 2023-11-16 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability IV. |
| CVE-2023-44333 | 2023-11-16 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability V. |
| CVE-2023-44332 | 2023-11-16 | Adobe Photoshop 2023 CC 24.7 Memory Corruption Vulnerability II. |
| CVE-2023-44327 | 2023-11-16 | ZDI-CAN-21793: Adobe Bridge MP4 File Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2023-44328 | 2023-11-16 | ZDI-CAN-21797: Adobe Bridge MP4 File Parsing Use-After-Free Information Disclosure Vulnerability |
| CVE-2023-44329 | 2023-11-16 | ZDI-CAN-21798: Adobe Bridge MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2023-47043 | 2023-11-16 | ZDI-CAN-21699: Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47041 | 2023-11-16 | ZDI-CAN-21697: Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-47042 | 2023-11-16 | ZDI-CAN-21696: Adobe Media Encoder MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-47040 | 2023-11-16 | ZDI-CAN-21698: Adobe Media Encoder MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47044 | 2023-11-16 | ZDI-CAN-21789: Adobe Media Encoder MP4 File Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2023-6121 | 2023-11-16 | Kernel: nvme: info leak due to out-of-bounds read in nvmet_ctrl_find_get |
| CVE-2023-47052 | 2023-11-16 | ZDI-CAN-21687: Adobe Audition MP4 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2023-47051 | 2023-11-16 | ZDI-CAN-21683: Adobe Audition MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-47054 | 2023-11-16 | ZDI-CAN-21782: Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2023-47050 | 2023-11-16 | ZDI-CAN-21686: Adobe Audition M4A File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47048 | 2023-11-16 | ZDI-CAN-21688: Adobe Audition MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47049 | 2023-11-16 | ZDI-CAN-21690: Adobe Audition MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47046 | 2023-11-16 | ZDI-CAN-21684: Adobe Audition MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-47053 | 2023-11-16 | ZDI-CAN-21689: Adobe Audition MP4 File Parsing Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2023-47047 | 2023-11-16 | ZDI-CAN-21685: Adobe Audition MP4 File Parsing Uninitialized Variable Remote Code Execution Vulnerability |
| CVE-2023-26368 | 2023-11-16 | Adobe InCopy Out-of-Bounds Read Vulnerability v1.0 |
| CVE-2023-6023 | 2023-11-16 | ModelDB Local File Include |
| CVE-2023-6018 | 2023-11-16 | MLflow Arbitrary File Write |
| CVE-2023-6015 | 2023-11-16 | MLflow Arbitrary File Upload |
| CVE-2023-6016 | 2023-11-16 | H2O Remote Code Execution via POJO Model Import |
| CVE-2023-6038 | 2023-11-16 | Local File Inclusion in h2oai/h2o-3 |
| CVE-2023-6017 | 2023-11-16 | H2O S3 Bucket Takeover |
| CVE-2023-6013 | 2023-11-16 | H2O Local File Include |
| CVE-2023-6022 | 2023-11-16 | Cross-Site Request Forgery (CSRF) in prefecthq/prefect |
| CVE-2023-6021 | 2023-11-16 | Ray Log File Local File Include |
| CVE-2023-6019 | 2023-11-16 | Ray Command Injection in cpu_profile Parameter |
| CVE-2023-47057 | 2023-11-16 | ZDI-CAN-21764: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
| CVE-2023-47055 | 2023-11-16 | ZDI-CAN-21765: Adobe Premiere Pro M4A File Parsing Use-After-Free Remote Code Execution Vulnerability |
| CVE-2023-47059 | 2023-11-16 | ZDI-CAN-21767: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47058 | 2023-11-16 | ZDI-CAN-21766: Adobe Premiere Pro MP4 File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability |
| CVE-2023-47060 | 2023-11-16 | ZDI-CAN-21792: Adobe Premiere Pro MP4 File Uninitialized Variable Information Disclosure Vulnerability |
| CVE-2023-47056 | 2023-11-16 | ZDI-CAN-21763: Adobe Premiere Pro MP4 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
| CVE-2023-6176 | 2023-11-16 | Kernel: local dos vulnerability in scatterwalk_copychunks |
| CVE-2023-47514 | 2023-11-16 | WordPress Star CloudPRNT for WooCommerce Plugin <= 2.0.3 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47512 | 2023-11-16 | WordPress Product Enquiry for WooCommerce Plugin <= 3.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47511 | 2023-11-16 | WordPress Pinyin Slugs Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47509 | 2023-11-16 | WordPress Edit WooCommerce Templates Plugin <= 1.1.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47508 | 2023-11-16 | WordPress Master Slider Pro Plugin <= 3.6.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-47245 | 2023-11-16 | WordPress ANAC XML Viewer Plugin <= 1.7 is vulnerable to Cross Site Scripting (XSS) |