CVE List - 2023 / December
Showing 901 - 1000 of 2674 CVEs for December 2023 (Page 10 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-50424 | 2023-12-12 | Escalation of Privileges in SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) |
| CVE-2023-6709 | 2023-12-12 | Improper Neutralization of Special Elements Used in a Template Engine in mlflow/mlflow |
| CVE-2022-48615 | 2023-12-12 | An improper access control vulnerability exists in a Huawei datacom... |
| CVE-2022-48616 | 2023-12-12 | A Huawei data communication product has a command injection vulnerability.... |
| CVE-2023-45847 | 2023-12-12 | Playbook Plugin Crash via Run Checklist |
| CVE-2023-49874 | 2023-12-12 | IDOR when updating the tasks of a private playbook run |
| CVE-2023-46701 | 2023-12-12 | Inaccessible Post Information Leak via Run Timeline IDOR |
| CVE-2023-49809 | 2023-12-12 | Todo plugin gets crashed and disabled by member |
| CVE-2023-49607 | 2023-12-12 | Playbook plugin crash via missing interface type assertion |
| CVE-2023-6547 | 2023-12-12 | Playbooks access/modification by removed team member |
| CVE-2023-45316 | 2023-12-12 | Reflected client side path traversal leading to CSRF in Playbooks |
| CVE-2023-48677 | 2023-12-12 | Local privilege escalation due to DLL hijacking vulnerability. The following... |
| CVE-2023-49695 | 2023-12-12 | OS command injection vulnerability in WRC-X3000GSN v1.0.2, WRC-X3000GS v1.0.24 and... |
| CVE-2023-41963 | 2023-12-12 | Denial-of-service (DoS) vulnerability exists in FTP service of HMI GC-A2... |
| CVE-2023-49140 | 2023-12-12 | Denial-of-service (DoS) vulnerability exists in commplex-link service of HMI GC-A2... |
| CVE-2023-49143 | 2023-12-12 | Denial-of-service (DoS) vulnerability exists in rfe service of HMI GC-A2... |
| CVE-2023-49713 | 2023-12-12 | Denial-of-service (DoS) vulnerability exists in NetBIOS service of HMI GC-A2... |
| CVE-2023-4932 | 2023-12-12 | Reflected Cross-Site Scripting in SAS 9.4 |
| CVE-2023-4958 | 2023-12-12 | Stackrox: missing http security headers allows for clickjacking in web ui |
| CVE-2022-42784 | 2023-12-12 | A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All... |
| CVE-2023-6727 | 2023-12-12 | Leak Inaccessible Playbook Information via Channel Action IDOR |
| CVE-2022-46141 | 2023-12-12 | A vulnerability has been identified in SIMATIC STEP 7 (TIA... |
| CVE-2022-47374 | 2023-12-12 | A vulnerability has been identified in SIMATIC PC-Station Plus (All... |
| CVE-2022-47375 | 2023-12-12 | A vulnerability has been identified in SIMATIC PC-Station Plus (All... |
| CVE-2023-38380 | 2023-12-12 | A vulnerability has been identified in SIMATIC CP 1242-7 V2... |
| CVE-2023-46156 | 2023-12-12 | Affected devices improperly handle specially crafted packets sent to port... |
| CVE-2023-46281 | 2023-12-12 | A vulnerability has been identified in Opcenter Execution Foundation (All... |
| CVE-2023-46282 | 2023-12-12 | A vulnerability has been identified in Opcenter Execution Foundation (All... |
| CVE-2023-46283 | 2023-12-12 | A vulnerability has been identified in Opcenter Execution Foundation (All... |
| CVE-2023-46284 | 2023-12-12 | A vulnerability has been identified in Opcenter Execution Foundation (All... |
| CVE-2023-46285 | 2023-12-12 | A vulnerability has been identified in Opcenter Execution Foundation (All... |
| CVE-2023-48427 | 2023-12-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2023-48428 | 2023-12-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2023-48429 | 2023-12-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2023-48430 | 2023-12-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2023-48431 | 2023-12-12 | A vulnerability has been identified in SINEC INS (All versions... |
| CVE-2023-49691 | 2023-12-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2023-49692 | 2023-12-12 | A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU... |
| CVE-2023-6193 | 2023-12-12 | Unbounded queuing of path validation messages in cloudflare-quiche |
| CVE-2023-6593 | 2023-12-12 | Client side permission bypass in Devolutions Remote Desktop Manager 2023.3.4.0... |
| CVE-2023-4421 | 2023-12-12 | The NSS code used for checking PKCS#1 v1.5 was leaking... |
| CVE-2023-38694 | 2023-12-12 | Umbraco CMS vulnerable to possible injection of HTML in an unintended form |
| CVE-2023-48227 | 2023-12-12 | Umbraco CMS Backoffice User can bypass "Publish" restriction |
| CVE-2023-48313 | 2023-12-12 | Umbraco contains a DOM-XSS |
| CVE-2023-49923 | 2023-12-12 | Enterprise Search Insertion of Sensitive Information into Log File |
| CVE-2023-20275 | 2023-12-12 | A vulnerability in the AnyConnect SSL VPN feature of Cisco... |
| CVE-2023-36696 | 2023-12-12 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2023-36391 | 2023-12-12 | Local Security Authority Subsystem Service Elevation of Privilege Vulnerability |
| CVE-2023-36020 | 2023-12-12 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-36009 | 2023-12-12 | Microsoft Word Information Disclosure Vulnerability |
| CVE-2023-36011 | 2023-12-12 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-35625 | 2023-12-12 | Azure Machine Learning Compute Instance for SDK Users Information Disclosure Vulnerability |
| CVE-2023-21740 | 2023-12-12 | Windows Media Remote Code Execution Vulnerability |
| CVE-2023-36019 | 2023-12-12 | Microsoft Power Platform Connector Spoofing Vulnerability |
| CVE-2023-36010 | 2023-12-12 | Microsoft Defender Denial of Service Vulnerability |
| CVE-2023-36012 | 2023-12-12 | DHCP Server Service Information Disclosure Vulnerability |
| CVE-2023-36003 | 2023-12-12 | XAML Diagnostics Elevation of Privilege Vulnerability |
| CVE-2023-36004 | 2023-12-12 | Windows DPAPI (Data Protection Application Programming Interface) Spoofing Vulnerability |
| CVE-2023-36005 | 2023-12-12 | Windows Telephony Server Elevation of Privilege Vulnerability |
| CVE-2023-36006 | 2023-12-12 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-35638 | 2023-12-12 | DHCP Server Service Denial of Service Vulnerability |
| CVE-2023-35639 | 2023-12-12 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2023-35641 | 2023-12-12 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
| CVE-2023-35642 | 2023-12-12 | Internet Connection Sharing (ICS) Denial of Service Vulnerability |
| CVE-2023-35643 | 2023-12-12 | DHCP Server Service Information Disclosure Vulnerability |
| CVE-2023-35644 | 2023-12-12 | Windows Sysmain Service Elevation of Privilege Vulnerability |
| CVE-2023-35628 | 2023-12-12 | Windows MSHTML Platform Remote Code Execution Vulnerability |
| CVE-2023-35629 | 2023-12-12 | Microsoft USBHUB 3.0 Device Driver Remote Code Execution Vulnerability |
| CVE-2023-35630 | 2023-12-12 | Internet Connection Sharing (ICS) Remote Code Execution Vulnerability |
| CVE-2023-35631 | 2023-12-12 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-35632 | 2023-12-12 | Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability |
| CVE-2023-35633 | 2023-12-12 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-35634 | 2023-12-12 | Windows Bluetooth Driver Remote Code Execution Vulnerability |
| CVE-2023-35635 | 2023-12-12 | Windows Kernel Denial of Service Vulnerability |
| CVE-2023-35636 | 2023-12-12 | Microsoft Outlook Information Disclosure Vulnerability |
| CVE-2023-35619 | 2023-12-12 | Microsoft Outlook for Mac Spoofing Vulnerability |
| CVE-2023-35621 | 2023-12-12 | Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability |
| CVE-2023-35622 | 2023-12-12 | Windows DNS Spoofing Vulnerability |
| CVE-2023-35624 | 2023-12-12 | Azure Connected Machine Agent Elevation of Privilege Vulnerability |
| CVE-2023-49922 | 2023-12-12 | Beats Insertion of Sensitive Information into Log File |
| CVE-2023-6687 | 2023-12-12 | Elastic Agent Insertion of Sensitive Information into Log File |
| CVE-2023-49089 | 2023-12-12 | Umbraco CMS possible path traversal when creating packages from backoffice |
| CVE-2023-49273 | 2023-12-12 | Umbraco CMS vulnerable to Privilege Escalation using Spoofing |
| CVE-2023-49274 | 2023-12-12 | Umbraco CMS SMTP misconfiguration exposes potential registered user email |
| CVE-2023-49278 | 2023-12-12 | Umbraco CMS brute force exploit can be used to collect valid usernames |
| CVE-2023-49279 | 2023-12-12 | Umbraco CMS vulnerable to stored XSS via SVG File Upload |
| CVE-2023-41337 | 2023-12-12 | h2o vulnerable to TLS session resumption misdirection |
| CVE-2023-34064 | 2023-12-12 | Privilege Escalation Vulnerability |
| CVE-2023-50247 | 2023-12-12 | h2o QUIC state exhaustion DoS |
| CVE-2023-48225 | 2023-12-12 | Laf env causes sensitive information disclosure |
| CVE-2023-50251 | 2023-12-12 | php-svg-lib possible DoS caused by infinite recursion when parsing SVG document |
| CVE-2023-50252 | 2023-12-12 | php-svg-lib unsafe attributes merge when parsing `use` tag |
| CVE-2023-5379 | 2023-12-12 | Undertow: ajp request closes connection exceeding maxrequestsize |
| CVE-2023-5764 | 2023-12-12 | Ansible: template injection |
| CVE-2023-6710 | 2023-12-12 | Mod_cluster/mod_proxy_cluster: stored cross site scripting |
| CVE-2023-50263 | 2023-12-12 | Nautobot allows unauthenticated db-file-storage views |
| CVE-2023-3517 | 2023-12-12 | Hitachi Vantara Pentaho Data Integration & Analytics - Improper Control of Resource Identifiers ('Resource Injection') |
| CVE-2023-34194 | 2023-12-13 | StringEqual in TiXmlDeclaration::Parse in tinyxmlparser.cpp in TinyXML through 2.6.2 has... |
| CVE-2023-40921 | 2023-12-13 | SQL Injection vulnerability in functions/point_list.php in Common Services soliberte before... |
| CVE-2023-41618 | 2023-12-13 | Emlog Pro v2.1.14 was discovered to contain a reflective cross-site... |