CVE List - 2023 / February
Showing 1101 - 1200 of 2164 CVEs for February 2023 (Page 12 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-21718 | 2023-02-14 | Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21720 | 2023-02-14 | Microsoft Edge (Chromium-based) Tampering Vulnerability |
| CVE-2023-21721 | 2023-02-14 | Microsoft OneNote Elevation of Privilege Vulnerability |
| CVE-2023-21568 | 2023-02-14 | Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability |
| CVE-2023-21570 | 2023-02-14 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-21571 | 2023-02-14 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-21572 | 2023-02-14 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-21573 | 2023-02-14 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-23374 | 2023-02-14 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| CVE-2023-23378 | 2023-02-14 | Print 3D Remote Code Execution Vulnerability |
| CVE-2023-23379 | 2023-02-14 | Microsoft Defender for IoT Elevation of Privilege Vulnerability |
| CVE-2023-23382 | 2023-02-14 | Azure Machine Learning Compute Instance Information Disclosure Vulnerability |
| CVE-2023-21529 | 2023-02-14 | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2023-21797 | 2023-02-14 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2023-21798 | 2023-02-14 | Microsoft ODBC Driver Remote Code Execution Vulnerability |
| CVE-2023-21799 | 2023-02-14 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21800 | 2023-02-14 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2023-21801 | 2023-02-14 | Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
| CVE-2023-21802 | 2023-02-14 | Windows Media Remote Code Execution Vulnerability |
| CVE-2023-21803 | 2023-02-14 | Windows iSCSI Discovery Service Remote Code Execution Vulnerability |
| CVE-2023-21804 | 2023-02-14 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2023-21805 | 2023-02-14 | Windows MSHTML Platform Remote Code Execution Vulnerability |
| CVE-2023-21809 | 2023-02-14 | Microsoft Defender for Endpoint Security Feature Bypass Vulnerability |
| CVE-2023-21811 | 2023-02-14 | Windows iSCSI Service Denial of Service Vulnerability |
| CVE-2023-21812 | 2023-02-14 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2023-21813 | 2023-02-14 | Windows Secure Channel Denial of Service Vulnerability |
| CVE-2023-21816 | 2023-02-14 | Windows Active Directory Domain Services API Denial of Service Vulnerability |
| CVE-2023-21817 | 2023-02-14 | Windows Kerberos Elevation of Privilege Vulnerability |
| CVE-2023-21818 | 2023-02-14 | Windows Secure Channel Denial of Service Vulnerability |
| CVE-2023-21819 | 2023-02-14 | Windows Secure Channel Denial of Service Vulnerability |
| CVE-2023-21820 | 2023-02-14 | Windows Distributed File System (DFS) Remote Code Execution Vulnerability |
| CVE-2023-21822 | 2023-02-14 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2023-21685 | 2023-02-14 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21686 | 2023-02-14 | Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21687 | 2023-02-14 | HTTP.sys Information Disclosure Vulnerability |
| CVE-2023-21688 | 2023-02-14 | NT OS Kernel Elevation of Privilege Vulnerability |
| CVE-2023-21689 | 2023-02-14 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability |
| CVE-2023-21690 | 2023-02-14 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability |
| CVE-2023-21691 | 2023-02-14 | Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability |
| CVE-2023-21692 | 2023-02-14 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability |
| CVE-2023-21693 | 2023-02-14 | Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability |
| CVE-2023-21694 | 2023-02-14 | Windows Fax Service Remote Code Execution Vulnerability |
| CVE-2023-21695 | 2023-02-14 | Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability |
| CVE-2023-21697 | 2023-02-14 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability |
| CVE-2023-21699 | 2023-02-14 | Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability |
| CVE-2023-21700 | 2023-02-14 | Windows iSCSI Discovery Service Denial of Service Vulnerability |
| CVE-2023-21701 | 2023-02-14 | Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability |
| CVE-2023-21702 | 2023-02-14 | Windows iSCSI Service Denial of Service Vulnerability |
| CVE-2023-21703 | 2023-02-14 | Azure Data Box Gateway Remote Code Execution Vulnerability |
| CVE-2023-21710 | 2023-02-14 | Microsoft Exchange Server Remote Code Execution Vulnerability |
| CVE-2023-21713 | 2023-02-14 | Microsoft SQL Server Remote Code Execution Vulnerability |
| CVE-2023-21714 | 2023-02-14 | Microsoft Office Information Disclosure Vulnerability |
| CVE-2023-21715 | 2023-02-14 | Microsoft Publisher Security Feature Bypass Vulnerability |
| CVE-2023-21716 | 2023-02-14 | Microsoft Word Remote Code Execution Vulnerability |
| CVE-2023-21717 | 2023-02-14 | Microsoft SharePoint Server Elevation of Privilege Vulnerability |
| CVE-2023-21722 | 2023-02-14 | .NET Framework Denial of Service Vulnerability |
| CVE-2023-21564 | 2023-02-14 | Azure DevOps Server Cross-Site Scripting Vulnerability |
| CVE-2023-23376 | 2023-02-14 | Windows Common Log File System Driver Elevation of Privilege Vulnerability |
| CVE-2023-23377 | 2023-02-14 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2023-23390 | 2023-02-14 | 3D Builder Remote Code Execution Vulnerability |
| CVE-2022-27672 | 2023-02-14 | When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure. |
| CVE-2023-22490 | 2023-02-14 | Git vulnerable to local clone-based data exfiltration with non-local transports |
| CVE-2023-23946 | 2023-02-14 | Git's `git apply` overwriting paths outside the working tree |
| CVE-2022-27677 | 2023-02-14 | Failure to validate privileges during installation of AMD Ryzen™ Master may allow an attacker with low privileges to modify files potentially leading to privilege escalation and code execution by the... |
| CVE-2023-23934 | 2023-02-14 | Wrkzeug's incorrect parsing of nameless cookies leads to __Host- cookies bypass |
| CVE-2023-25577 | 2023-02-14 | Werkzeug may allow high resource usage when parsing multipart form data with many fields |
| CVE-2023-21566 | 2023-02-14 | Visual Studio Elevation of Privilege Vulnerability |
| CVE-2023-21567 | 2023-02-14 | Visual Studio Denial of Service Vulnerability |
| CVE-2023-21553 | 2023-02-14 | Azure DevOps Server Remote Code Execution Vulnerability |
| CVE-2023-21808 | 2023-02-14 | .NET and Visual Studio Remote Code Execution Vulnerability |
| CVE-2023-21815 | 2023-02-14 | Visual Studio Remote Code Execution Vulnerability |
| CVE-2023-21823 | 2023-02-14 | Windows Graphics Component Remote Code Execution Vulnerability |
| CVE-2023-23381 | 2023-02-14 | Visual Studio Remote Code Execution Vulnerability |
| CVE-2023-21778 | 2023-02-14 | Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability |
| CVE-2023-23618 | 2023-02-14 | gitk can inadvertently call executables in the worktree |
| CVE-2023-22743 | 2023-02-14 | Git for Windows' installer is susceptible to DLL side loading attacks |
| CVE-2020-19825 | 2023-02-15 | Cross Site Scripting (XSS) vulnerability in kevinpapst kimai2 1.30.0 in /src/Twig/Runtime/MarkdownExtension.php, allows attackers to gain escalated privileges. |
| CVE-2020-21119 | 2023-02-15 | SQL Injection vulnerability in Kliqqi-CMS 2.0.2 in admin/admin_update_module_widgets.php in recordIDValue parameter, allows attackers to gain escalated privileges and execute arbitrary code. |
| CVE-2020-21120 | 2023-02-15 | SQL Injection vulnerability in file home\controls\cart.class.php in UQCMS 2.1.3, allows attackers execute arbitrary commands via the cookie_cart parameter to /index.php/cart/num. |
| CVE-2021-33304 | 2023-02-15 | Double Free vulnerability in virtualsquare picoTCP v1.7.0 and picoTCP-NG v2.1 in modules/pico_fragments.c in function pico_fragments_reassemble, allows attackers to execute arbitrary code. |
| CVE-2021-33396 | 2023-02-15 | Cross Site Request Forgery (CSRF) vulnerability in baijiacms 4.1.4, allows attackers to change the password or other information of an arbitrary account via index.php. |
| CVE-2021-33925 | 2023-02-15 | SQL Injection vulnerability in nitinparashar30 cms-corephp through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021) allows unauthenticated attackers to gain escilated privledges via a crafted login. |
| CVE-2021-34117 | 2023-02-15 | SQL Injection vulnerability in SEO Panel 4.9.0 in api/user.api.php in function getUserName in the username parameter, allows attackers to gain sensitive information. |
| CVE-2021-38239 | 2023-02-15 | SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10. |
| CVE-2022-32469 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the PnpSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues... |
| CVE-2022-32470 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FwBlockServiceSmm shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues... |
| CVE-2022-32471 | 2023-02-15 | An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. The IhisiDxe driver uses the command buffer to pass input and output data. By modifying the... |
| CVE-2022-32473 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the HddPassword shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues... |
| CVE-2022-32474 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the StorageSecurityCommandDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues... |
| CVE-2022-32475 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the VariableRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues... |
| CVE-2022-32476 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the AhciBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues... |
| CVE-2022-32477 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the FvbServicesRuntimeDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues... |
| CVE-2022-32478 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the IdeBusDxe shared buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues... |
| CVE-2022-32953 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the SdHostDriver buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that... |
| CVE-2022-32954 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.1 through 5.5. DMA attacks on the SdMmcDevice buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that... |
| CVE-2022-32955 | 2023-02-15 | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. DMA attacks on the NvmExpressDxe buffer used by SMM and non-SMM code could cause TOCTOU race-condition issues that... |
| CVE-2022-38111 | 2023-02-15 | SolarWinds Platform Deserialization of Untrusted Data Vulnerability |
| CVE-2022-38867 | 2023-02-15 | SQL Injection vulnerability in rttys versions 4.0.0, 4.0.1, 4.0.2, and 4.4.x in api.go, allows attackers to execute arbitrary code. |
| CVE-2022-38868 | 2023-02-15 | SQL Injection vulnerability in Ehoney version 2.0.0 in models/protocol.go and models/images.go, allows attackers to execute arbitrary code. |
| CVE-2022-38935 | 2023-02-15 | An issue was discovered in NiterForum version 2.5.0-beta in /src/main/java/cn/niter/forum/api/SsoApi.java and /src/main/java/cn/niter/forum/controller/AdminController.java, allows attackers to gain escalated privileges. |