CVE List - 2023 / December
Showing 801 - 900 of 2674 CVEs for December 2023 (Page 9 of 27)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-49796 | 2023-12-11 | MindsDB Arbitrary File Write vulnerability |
| CVE-2023-49802 | 2023-12-11 | MantisBT LinkedCustomFields Cross-site Scripting vulnerability |
| CVE-2023-45292 | 2023-12-11 | Captcha verification bypass in github.com/mojocn/base64Captcha |
| CVE-2023-49804 | 2023-12-11 | Uptime Kuma Password Change Vulnerability |
| CVE-2023-49805 | 2023-12-11 | Uptime Kuma Missing Origin Validation in WebSockets |
| CVE-2023-50245 | 2023-12-11 | OpenEXR-viewer memory overflow vulnerability |
| CVE-2023-49803 | 2023-12-11 | @koa/cors has overly permissive origin policy |
| CVE-2009-4123 | 2023-12-12 | The jruby-openssl gem before 0.6 for JRuby mishandles SSL certificate... |
| CVE-2013-2513 | 2023-12-12 | The flash_tool gem through 0.6.0 for Ruby allows command execution... |
| CVE-2015-2179 | 2023-12-12 | The xaviershay-dm-rails gem 0.10.3.8 for Ruby allows local users to... |
| CVE-2020-10676 | 2023-12-12 | In Rancher 2.x before 2.6.13 and 2.7.x before 2.7.4, an... |
| CVE-2020-12612 | 2023-12-12 | An issue was discovered in BeyondTrust Privilege Management for Windows... |
| CVE-2020-12614 | 2023-12-12 | An issue was discovered in BeyondTrust Privilege Management for Windows... |
| CVE-2020-12615 | 2023-12-12 | An issue was discovered in BeyondTrust Privilege Management for Windows... |
| CVE-2020-28369 | 2023-12-12 | In BeyondTrust Privilege Management for Windows (aka PMfW) through 5.7,... |
| CVE-2022-44543 | 2023-12-12 | The femanager extension before 5.5.2, 6.x before 6.3.3, and 7.x... |
| CVE-2023-26920 | 2023-12-12 | fast-xml-parser before 4.1.2 allows __proto__ for Prototype Pollution. |
| CVE-2023-28604 | 2023-12-12 | The fluid_components (aka Fluid Components) extension before 3.5.0 for TYPO3... |
| CVE-2023-31048 | 2023-12-12 | The OPC UA .NET Standard Reference Server before 1.4.371.86. places... |
| CVE-2023-36647 | 2023-12-12 | A hard-coded cryptographic private key used to sign JWT authentication... |
| CVE-2023-36648 | 2023-12-12 | Missing authentication in the internal data streaming system in ProLion... |
| CVE-2023-36649 | 2023-12-12 | Insertion of sensitive information in the centralized (Grafana) logging system... |
| CVE-2023-36650 | 2023-12-12 | A missing integrity check in the update system in ProLion... |
| CVE-2023-36651 | 2023-12-12 | Hidden and hard-coded credentials in ProLion CryptoSpike 3.0.15P2 allow remote... |
| CVE-2023-36654 | 2023-12-12 | Directory traversal in the log-download REST API endpoint in ProLion... |
| CVE-2023-41113 | 2023-12-12 | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS)... |
| CVE-2023-41114 | 2023-12-12 | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS)... |
| CVE-2023-41115 | 2023-12-12 | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS)... |
| CVE-2023-41116 | 2023-12-12 | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS)... |
| CVE-2023-41118 | 2023-12-12 | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS)... |
| CVE-2023-41119 | 2023-12-12 | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS)... |
| CVE-2023-41120 | 2023-12-12 | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS)... |
| CVE-2023-41623 | 2023-12-12 | Emlog version pro2.1.14 was discovered to contain a SQL injection... |
| CVE-2023-43364 | 2023-12-12 | main.py in Searchor before 2.4.2 uses eval on CLI input,... |
| CVE-2023-46454 | 2023-12-12 | In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible... |
| CVE-2023-46455 | 2023-12-12 | In GL.iNET GL-AR300M routers with firmware v4.3.7 it is possible... |
| CVE-2023-46456 | 2023-12-12 | In GL.iNET GL-AR300M routers with firmware 3.216 it is possible... |
| CVE-2023-48641 | 2023-12-12 | Archer Platform 6.x before 6.14 P1 HF2 (6.14.0.1.2) contains an... |
| CVE-2023-48642 | 2023-12-12 | Archer Platform 6.x before 6.13 P2 (6.13.0.2) contains an authenticated... |
| CVE-2023-49563 | 2023-12-12 | Cross Site Scripting (XSS) in Voltronic Power SNMP Web Pro... |
| CVE-2023-49990 | 2023-12-12 | Espeak-ng 1.52-dev was discovered to contain a buffer-overflow via the... |
| CVE-2023-49991 | 2023-12-12 | Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Underflow... |
| CVE-2023-49992 | 2023-12-12 | Espeak-ng 1.52-dev was discovered to contain a Stack Buffer Overflow... |
| CVE-2023-49993 | 2023-12-12 | Espeak-ng 1.52-dev was discovered to contain a Buffer Overflow via... |
| CVE-2023-49994 | 2023-12-12 | Espeak-ng 1.52-dev was discovered to contain a Floating Point Exception... |
| CVE-2023-50495 | 2023-12-12 | NCurse v6.4-20230418 was discovered to contain a segmentation fault via... |
| CVE-2015-8314 | 2023-12-12 | The Devise gem before 3.5.4 for Ruby mishandles Remember Me... |
| CVE-2018-16153 | 2023-12-12 | An issue was discovered in Apereo Opencast 4.x through 10.x... |
| CVE-2023-28465 | 2023-12-12 | The package-decompression feature in HL7 (Health Level 7) FHIR Core... |
| CVE-2023-36652 | 2023-12-12 | A SQL Injection in the users searching REST API endpoint... |
| CVE-2023-41117 | 2023-12-12 | An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS)... |
| CVE-2023-42914 | 2023-12-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42902 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42884 | 2023-12-12 | This issue was addressed with improved redaction of sensitive information.... |
| CVE-2023-42922 | 2023-12-12 | This issue was addressed with improved redaction of sensitive information.... |
| CVE-2023-42923 | 2023-12-12 | This issue was addressed through improved state management. This issue... |
| CVE-2023-42919 | 2023-12-12 | A privacy issue was addressed with improved private data redaction... |
| CVE-2023-42903 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42908 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42924 | 2023-12-12 | A logic issue was addressed with improved checks. This issue... |
| CVE-2023-42898 | 2023-12-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42932 | 2023-12-12 | A logic issue was addressed with improved checks. This issue... |
| CVE-2023-42912 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42904 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42882 | 2023-12-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42894 | 2023-12-12 | This issue was addressed with improved redaction of sensitive information.... |
| CVE-2023-42883 | 2023-12-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42905 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42899 | 2023-12-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42909 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42926 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42906 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42910 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42911 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42907 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42897 | 2023-12-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2023-42874 | 2023-12-12 | This issue was addressed with improved state management. This issue... |
| CVE-2023-42890 | 2023-12-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42886 | 2023-12-12 | An out-of-bounds read was addressed with improved bounds checking. This... |
| CVE-2023-42900 | 2023-12-12 | The issue was addressed with improved checks. This issue is... |
| CVE-2023-42901 | 2023-12-12 | Multiple memory corruption issues were addressed with improved input validation.... |
| CVE-2023-42891 | 2023-12-12 | An authentication issue was addressed with improved state management. This... |
| CVE-2023-40446 | 2023-12-12 | The issue was addressed with improved memory handling. This issue... |
| CVE-2023-42476 | 2023-12-12 | Cross Site Scripting vulnerability in SAP BusinessObjects Web Intelligence |
| CVE-2023-42478 | 2023-12-12 | Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform |
| CVE-2023-42479 | 2023-12-12 | Cross-Site Scripting (XSS) vulnerability in SAP Biller Direct |
| CVE-2023-42481 | 2023-12-12 | Improper Access Control vulnerability in SAP Commerce Cloud |
| CVE-2023-49058 | 2023-12-12 | Directory Traversal vulnerability in SAP Master Data Governance |
| CVE-2023-49577 | 2023-12-12 | Cross-Site Scripting (XSS) vulnerability in the SAP HCM (SMART PAYE solution) |
| CVE-2023-49578 | 2023-12-12 | Denial of service (DOS) in SAP Cloud Connector |
| CVE-2023-49580 | 2023-12-12 | Information disclosure in SAP GUI for Windows and SAP GUI for Java |
| CVE-2023-49581 | 2023-12-12 | SQL Injection vulnerability in SAP NetWeaver Application Server ABAP and ABAP Platform |
| CVE-2023-49583 | 2023-12-12 | Escalation of Privileges in SAP BTP Security Services Integration Library ([Node.js] @sap/xssec) |
| CVE-2023-50422 | 2023-12-12 | Escalation of Privileges in SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) |
| CVE-2023-49584 | 2023-12-12 | Client-Side Desynchronization vulnerability in SAP Fiori Launchpad |
| CVE-2023-49587 | 2023-12-12 | Command Injection vulnerability in SAP Solution Manager |
| CVE-2023-6542 | 2023-12-12 | Improper Export of Android Application Components in SAP EMARSYS SDK ANDROID |
| CVE-2023-46219 | 2023-12-12 | When saving HSTS data to an excessively long file name,... |
| CVE-2023-5536 | 2023-12-12 | A feature in LXD (LP#1829071), affects the default configuration of... |
| CVE-2023-50423 | 2023-12-12 | Escalation of Privileges in SAP BTP Security Services Integration Library ([Python] cloud-pysec) |