CVE List - 2023 / February
Showing 1001 - 1100 of 2164 CVEs for February 2023 (Page 11 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-23855 | 2023-02-14 | SAP Solution Manager - version 720, allows an authenticated attacker to redirect users to a malicious site due to insufficient URL validation. A successful attack could lead an attacker to... |
| CVE-2023-23856 | 2023-02-14 | In SAP BusinessObjects Business Intelligence (Web Intelligence user interface) - version 430, some calls return json with wrong content type in the header of the response. As a result, a... |
| CVE-2023-23858 | 2023-02-14 | Due to insufficient input validation, SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker... |
| CVE-2023-23859 | 2023-02-14 | SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a malicious link,... |
| CVE-2023-23860 | 2023-02-14 | SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 789, 790, allows an unauthenticated attacker to craft a link, which... |
| CVE-2023-24521 | 2023-02-14 | Due to insufficient input sanitization, SAP NetWeaver AS ABAP (BSP Framework) - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an unauthenticated user... |
| CVE-2023-24522 | 2023-02-14 | Due to insufficient input sanitization, SAP NetWeaver AS ABAP (Business Server Pages) - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the... |
| CVE-2023-24523 | 2023-02-14 | An attacker authenticated as a non-admin user with local access to a server port assigned to the SAP Host Agent (Start Service) - versions 7.21, 7.22, can submit a crafted... |
| CVE-2023-24524 | 2023-02-14 | SAP S/4 HANA Map Treasury Correspondence Format Data does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to delete... |
| CVE-2023-24525 | 2023-02-14 | SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. On successful exploitation an authenticated... |
| CVE-2023-24528 | 2023-02-14 | SAP Fiori apps for Travel Management in SAP ERP (My Travel Requests) - version 600, allows an authenticated attacker to exploit a certain misconfigured application endpoint to view sensitive data.... |
| CVE-2023-24529 | 2023-02-14 | Due to lack of proper input validation, BSP application (CRM_BSP_FRAME) - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H, allow malicious inputs from... |
| CVE-2023-24530 | 2023-02-14 | SAP BusinessObjects Business Intelligence Platform (CMC) - versions 420, 430, allows an authenticated admin user to upload malicious code that can be executed by the application over the network. On... |
| CVE-2023-25614 | 2023-02-14 | SAP NetWeaver AS ABAP (BSP Framework) application - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allow an unauthenticated attacker to inject the code... |
| CVE-2022-43469 | 2023-02-14 | WordPress Corona Virus (COVID-19) Banner & Live Data Plugin <= 1.7.0.6 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-25066 | 2023-02-14 | WordPress FV Flowplayer Video Player Plugin <= 7.5.30.7212 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-31808 | 2023-02-14 | A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V2.85.44), SiPass integrated ACC-AP (All versions < V2.85.43). Affected devices improperly sanitize user input on the telnet... |
| CVE-2022-35868 | 2023-02-14 | A vulnerability has been identified in TIA Multiuser Server V14 (All versions), TIA Multiuser Server V15 (All versions < V15.1 Update 8), TIA Project-Server (All versions < V1.1), TIA Project-Server... |
| CVE-2022-47936 | 2023-02-14 | A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242),... |
| CVE-2022-47977 | 2023-02-14 | A vulnerability has been identified in JT Open (All versions < V11.2.3.0), JT Utilities (All versions < V13.2.3.0). The affected application contains a memory corruption vulnerability while parsing specially crafted... |
| CVE-2023-23835 | 2023-02-14 | A vulnerability has been identified in Mendix Applications using Mendix 7 (All versions < V7.23.34), Mendix Applications using Mendix 8 (All versions < V8.18.23), Mendix Applications using Mendix 9 (All... |
| CVE-2023-24482 | 2023-02-14 | A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4... |
| CVE-2023-24549 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to stack-based buffer while parsing... |
| CVE-2023-24550 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to heap-based buffer while parsing... |
| CVE-2023-24551 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to heap-based buffer underflow while... |
| CVE-2023-24552 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds read past... |
| CVE-2023-24553 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past... |
| CVE-2023-24554 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past... |
| CVE-2023-24555 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past... |
| CVE-2023-24556 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past... |
| CVE-2023-24557 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past... |
| CVE-2023-24558 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past... |
| CVE-2023-24559 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds read past... |
| CVE-2023-24560 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds write past... |
| CVE-2023-24561 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while... |
| CVE-2023-24562 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while... |
| CVE-2023-24563 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable to uninitialized pointer access while... |
| CVE-2023-24564 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains a... |
| CVE-2023-24565 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an... |
| CVE-2023-24566 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application is vulnerable... |
| CVE-2023-24581 | 2023-02-14 | A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains a... |
| CVE-2023-24978 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted SPP files. An attacker... |
| CVE-2023-24979 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24980 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24981 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24982 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24983 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24984 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24985 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24986 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24987 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24988 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24989 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24990 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24991 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24992 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24993 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24994 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24995 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-24996 | 2023-02-14 | A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while... |
| CVE-2023-25140 | 2023-02-14 | A vulnerability has been identified in Parasolid V34.0 (All versions < V34.0.254), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Parasolid V35.1 (All versions < V35.1.150),... |
| CVE-2023-25065 | 2023-02-14 | WordPress WP Tabs Plugin <= 2.1.14 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-24377 | 2023-02-14 | WordPress Ecwid Shopping Cart Plugin <= 6.11.3 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-46862 | 2023-02-14 | WordPress Quiz And Survey Master Plugin <= 8.0.7 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-24382 | 2023-02-14 | WordPress Material Design Icons for Page Builders Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2023-25141 | 2023-02-14 | JNDI injection into Apache sling-org-apache-sling-jcr-base |
| CVE-2023-25149 | 2023-02-14 | TimescaleDB has incorrect access control |
| CVE-2022-4286 | 2023-02-14 | Reflected Cross-Site Scripting Vulnerabilities in Automation Runtime |
| CVE-2023-25576 | 2023-02-14 | @fastify/multipart vulnerable to DoS due to unlimited number of parts |
| CVE-2022-22564 | 2023-02-14 | Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. |
| CVE-2023-0830 | 2023-02-14 | EasyNAS backup.pl system os command injection |
| CVE-2023-25571 | 2023-02-14 | Backstage has XSS Vulnerability in Software Catalog |
| CVE-2023-22940 | 2023-02-14 | SPL Command Safeguards Bypass via the ‘collect’ SPL Command Aliases in Splunk Enterprise |
| CVE-2023-22934 | 2023-02-14 | SPL Command Safeguards Bypass via the ‘pivot’ SPL Command in Splunk Enterprise |
| CVE-2023-22935 | 2023-02-14 | SPL Command Safeguards Bypass via the ‘display.page.search.patterns.sensitivity’ Search Parameter in Splunk Enterprise |
| CVE-2023-22931 | 2023-02-14 | ‘createrss’ External Search Command Overwrites Existing RSS Feeds in Splunk Enterprise |
| CVE-2023-22941 | 2023-02-14 | Improperly Formatted ‘INGEST_EVAL’ Parameter Crashes Splunk Daemon |
| CVE-2023-22936 | 2023-02-14 | Authenticated Blind Server Side Request Forgery via the ‘search_listener’ Search Parameter in Splunk Enterprise |
| CVE-2023-22932 | 2023-02-14 | Persistent Cross-Site Scripting through a Base64-encoded Image in a View in Splunk Enterprise |
| CVE-2023-22942 | 2023-02-14 | Cross-Site Request Forgery in the ‘ssg/kvstore_client’ REST Endpoint in Splunk Enterprise |
| CVE-2023-22933 | 2023-02-14 | Persistent Cross-Site Scripting through the ‘module’ Tag in a View in Splunk Enterprise |
| CVE-2023-22943 | 2023-02-14 | Modular Input REST API Requests Connect via HTTP after Certificate Validation Failure in Splunk Add-on Builder and Splunk CloudConnect SDK |
| CVE-2023-22937 | 2023-02-14 | Unnecessary File Extensions Allowed by Lookup Table Uploads in Splunk Enterprise |
| CVE-2023-22938 | 2023-02-14 | Permissions Validation Failure in the ‘sendemail’ REST API Endpoint in Splunk Enterprise |
| CVE-2023-22939 | 2023-02-14 | SPL Command Safeguards Bypass via the ‘map’ SPL Command in Splunk Enterprise |
| CVE-2023-25563 | 2023-02-14 | GSS-NTLMSSP vulnerable to multiple out-of-bounds reads when decoding NTLM fields |
| CVE-2023-25564 | 2023-02-14 | GSS-NTLMSSP vulnerable to memory corruption when decoding UTF16 strings |
| CVE-2023-25565 | 2023-02-14 | GSS-NTLMSSP vulnerable to incorrect free when decoding target information |
| CVE-2023-25566 | 2023-02-14 | GSS-NTLMSSP vulnerable to memory leak when parsing usernames |
| CVE-2023-25567 | 2023-02-14 | GSS-NTLMSSP vulnerable to out-of-bounds read when decoding target information |
| CVE-2023-21528 | 2023-02-14 | Microsoft SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21684 | 2023-02-14 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
| CVE-2023-21777 | 2023-02-14 | Azure App Service on Azure Stack Hub Elevation of Privilege Vulnerability |
| CVE-2023-21794 | 2023-02-14 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2023-21806 | 2023-02-14 | Power BI Report Server Spoofing Vulnerability |
| CVE-2023-21807 | 2023-02-14 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-21704 | 2023-02-14 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21705 | 2023-02-14 | Microsoft SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21706 | 2023-02-14 | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2023-21707 | 2023-02-14 | Microsoft Exchange Server Remote Code Execution Vulnerability |