CVE List - 2023 / February
Showing 1901 - 2000 of 2164 CVEs for February 2023 (Page 20 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-1044 | 2023-02-26 | MuYuCMS index.php path traversal |
| CVE-2023-1045 | 2023-02-26 | MuYuCMS filesdel.html path traversal |
| CVE-2023-1046 | 2023-02-26 | MuYuCMS getFile.html server-side request forgery |
| CVE-2023-1047 | 2023-02-26 | TechPowerUp RealTemp WinRing0x64.sys initialization |
| CVE-2023-1048 | 2023-02-26 | TechPowerUp Ryzen DRAM Calculator WinRing0x64.sys initialization |
| CVE-2022-46705 | 2023-02-27 | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1,... |
| CVE-2023-23155 | 2023-02-27 | Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the username parameter in the Admin Login. |
| CVE-2023-23156 | 2023-02-27 | Art Gallery Management System Project in PHP 1.0 was discovered to contain a SQL injection vulnerability via the pid parameter in the single-product page. |
| CVE-2023-23157 | 2023-02-27 | A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fullname... |
| CVE-2023-23158 | 2023-02-27 | A stored cross-site scripting (XSS) vulnerability in Art Gallery Management System Project v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the message... |
| CVE-2023-23513 | 2023-02-27 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Mounting a maliciously crafted Samba... |
| CVE-2023-26257 | 2023-02-27 | An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c. |
| CVE-2020-9846 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.0.1. A malicious application may be able to access local users' Apple IDs. |
| CVE-2021-32302 | 2023-02-27 | Cross Site Scripting vulnerability in IRZ Electronics RUH2 GSM router allows attacker to obtain sensitive information via the Upload File parameter. |
| CVE-2021-46841 | 2023-02-27 | This issue was addressed by using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.5.0 for Android. An attacker in a privileged network position... |
| CVE-2022-22582 | 2023-02-27 | A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in Security Update 2022-003 Catalina, macOS Big Sur... |
| CVE-2022-22668 | 2023-02-27 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. A malicious application may be able to leak sensitive... |
| CVE-2022-26760 | 2023-02-27 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 15.5 and iPadOS 15.5. A malicious application may be able to elevate privileges. |
| CVE-2022-31405 | 2023-02-27 | MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext. |
| CVE-2022-32784 | 2023-02-27 | The issue was addressed with improved UI handling. This issue is fixed in Safari 15.6, iOS 15.6 and iPadOS 15.6. Visiting a maliciously crafted website may leak sensitive data. |
| CVE-2022-32824 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app may be able to disclose kernel... |
| CVE-2022-32830 | 2023-02-27 | An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to... |
| CVE-2022-32836 | 2023-02-27 | This issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. |
| CVE-2022-32844 | 2023-02-27 | A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.6, watchOS 8.7, iOS 15.6 and iPadOS 15.6. An app with arbitrary kernel read and... |
| CVE-2022-32846 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in Apple Music 3.9.10 for Android. An app may be able to access user-sensitive data. |
| CVE-2022-32855 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in iOS 15.6 and iPadOS 15.6. A user may be able to view restricted content from the... |
| CVE-2022-32891 | 2023-02-27 | The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead... |
| CVE-2022-32896 | 2023-02-27 | This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. A user may be able to view sensitive user information. |
| CVE-2022-32900 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to gain elevated privileges. |
| CVE-2022-32902 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6, macOS Big Sur 11.7. An app may be able to... |
| CVE-2022-32906 | 2023-02-27 | This issue was addressed with using HTTPS when sending information over the network. This issue is fixed in Apple Music 3.9.10 for Android. A user in a privileged network position... |
| CVE-2022-32949 | 2023-02-27 | This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16. An app may be able to execute arbitrary code with kernel... |
| CVE-2022-34908 | 2023-02-27 | An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It possesses an authentication mechanism; however, some features do not require any token or cookie in... |
| CVE-2022-34909 | 2023-02-27 | An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It allows SQL Injection, by which an attacker can bypass authentication and retrieve data that is... |
| CVE-2022-34910 | 2023-02-27 | An issue was discovered in the A4N (Aremis 4 Nomad) application 1.5.0 for Android. It uses a local database to store data and accounts. However, the password is stored in... |
| CVE-2022-42797 | 2023-02-27 | An injection issue was addressed with improved input validation. This issue is fixed in Xcode 14.1. An app may be able to gain root privileges. |
| CVE-2022-42826 | 2023-02-27 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13, iOS 16.1 and iPadOS 16, Safari 16.1. Processing maliciously crafted web... |
| CVE-2022-42833 | 2023-02-27 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. |
| CVE-2022-42838 | 2023-02-27 | An issue with app access to camera data was addressed with improved logic. This issue is fixed in macOS Ventura 13. A camera extension may be able to continue receiving... |
| CVE-2022-45697 | 2023-02-27 | Arbitrary File Delete vulnerability in Razer Central before v7.8.0.381 when handling files in the Accounts directory. |
| CVE-2022-46704 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.1, macOS Big Sur 11.7.2, macOS Monterey 12.6.2. An app may be able to... |
| CVE-2022-46712 | 2023-02-27 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13. An app may be able to cause unexpected system termination or... |
| CVE-2022-46713 | 2023-02-27 | A race condition was addressed with additional validation. This issue is fixed in macOS Ventura 13, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. An app may be able to modify... |
| CVE-2022-46723 | 2023-02-27 | This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A remote user may be able to write arbitrary files. |
| CVE-2022-48230 | 2023-02-27 | There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to DoS. |
| CVE-2022-48254 | 2023-02-27 | There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation could bypass lock screen authentication. |
| CVE-2022-48255 | 2023-02-27 | There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to remote code execution. |
| CVE-2022-48259 | 2023-02-27 | There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges. |
| CVE-2022-48260 | 2023-02-27 | There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions. |
| CVE-2022-48261 | 2023-02-27 | There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation of this vulnerability may cause the printer service to be abnormal. |
| CVE-2022-48283 | 2023-02-27 | A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. |
| CVE-2022-48284 | 2023-02-27 | A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerability. Successful exploitation of this vulnerability could allow attackers to access restricted functions. |
| CVE-2022-48305 | 2023-02-27 | There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00) 1.1.1.274. Successful exploitation of this vulnerability may cause the access control function of specific applications to fail. |
| CVE-2023-1055 | 2023-02-27 | A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive... |
| CVE-2023-1067 | 2023-02-27 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-1070 | 2023-02-27 | External Control of File Name or Path in nilsteampassnet/teampass |
| CVE-2023-23080 | 2023-02-27 | Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11.10.00.2211041403 and Tenda CP3 v.10 Tenda CP3 v.10<=V20220906024_2025 and Tenda IT7-PCS Tenda IT7-PCS<=V2209020914 and Tenda IT7-LCS Tenda... |
| CVE-2023-23108 | 2023-02-27 | In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a NULL pointer dereference in the function Xasc. |
| CVE-2023-23109 | 2023-02-27 | In crasm 1.8-3, invalid input validation, specific files passed to the command line application, can lead to a divide by zero fault in the function opdiv. |
| CVE-2023-23493 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, macOS Monterey 12.6.3. An encrypted volume may be unmounted and remounted by a... |
| CVE-2023-23496 | 2023-02-27 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.2, watchOS 9.3, iOS 15.7.2 and iPadOS 15.7.2, Safari 16.3, tvOS 16.3, iOS 16.3 and iPadOS... |
| CVE-2023-23497 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to... |
| CVE-2023-23498 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in iOS 15.7.3 and iPadOS 15.7.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. The quoted original... |
| CVE-2023-23499 | 2023-02-27 | This issue was addressed by enabling hardened runtime. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, tvOS 16.3, iOS 16.3 and... |
| CVE-2023-23500 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS 9.3.... |
| CVE-2023-23501 | 2023-02-27 | The issue was addressed with improved memory handling This issue is fixed in macOS Ventura 13.2. An app may be able to disclose kernel memory. |
| CVE-2023-23502 | 2023-02-27 | An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS... |
| CVE-2023-23503 | 2023-02-27 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, watchOS... |
| CVE-2023-23504 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, iOS 15.7.3 and iPadOS 15.7.3, tvOS 16.3, iOS 16.3... |
| CVE-2023-23505 | 2023-02-27 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3,... |
| CVE-2023-23506 | 2023-02-27 | A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access user-sensitive data. |
| CVE-2023-23507 | 2023-02-27 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2. An app may be able to execute arbitrary code with kernel... |
| CVE-2023-23508 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. An app may be able to bypass... |
| CVE-2023-23510 | 2023-02-27 | A permissions issue was addressed with improved validation. This issue is fixed in macOS Ventura 13.2. An app may be able to access a user’s Safari history. |
| CVE-2023-23511 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app... |
| CVE-2023-23512 | 2023-02-27 | The issue was addressed with improved handling of caches. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Visiting a website may... |
| CVE-2023-23514 | 2023-02-27 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1,... |
| CVE-2023-23517 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS... |
| CVE-2023-23518 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, watchOS 9.3, macOS Big Sur 11.7.3, Safari 16.3, tvOS 16.3, iOS... |
| CVE-2023-23519 | 2023-02-27 | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. Processing an image... |
| CVE-2023-23520 | 2023-02-27 | A race condition was addressed with additional validation. This issue is fixed in watchOS 9.3, tvOS 16.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. A user may be able... |
| CVE-2023-23522 | 2023-02-27 | A privacy issue was addressed with improved handling of temporary files. This issue is fixed in macOS Ventura 13.2.1. An app may be able to observe unprotected user data. |
| CVE-2023-23524 | 2023-02-27 | A denial-of-service issue was addressed with improved input validation. This issue is fixed in tvOS 16.3.2, iOS 16.3.1 and iPadOS 16.3.1, watchOS 9.3.1, macOS Ventura 13.2.1. Processing a maliciously crafted... |
| CVE-2023-23529 | 2023-02-27 | A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing... |
| CVE-2023-23530 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code... |
| CVE-2023-23531 | 2023-02-27 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3. An app may be able to execute arbitrary code... |
| CVE-2023-24206 | 2023-02-27 | Davinci v0.3.0-rc was discovered to contain a SQL injection vulnerability via the copyDisplay function. |
| CVE-2023-24249 | 2023-02-27 | An arbitrary file upload vulnerability in laravel-admin v1.8.19 allows attackers to execute arbitrary code via a crafted PHP file. |
| CVE-2023-24251 | 2023-02-27 | WangEditor v5 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /dist/index.js. |
| CVE-2023-24253 | 2023-02-27 | Domotica Labs srl Ikon Server before v2.8.6 was discovered to contain a SQL injection vulnerability. |
| CVE-2023-24258 | 2023-02-27 | SPIP v4.1.5 and earlier was discovered to contain a SQL injection vulnerability via the _oups parameter. This vulnerability allows attackers to execute arbitrary code via a crafted POST request. |
| CVE-2023-24364 | 2023-02-27 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter under the Admin Panel. |
| CVE-2023-24651 | 2023-02-27 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter on the registration page. |
| CVE-2023-24652 | 2023-02-27 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the Description parameter under the Create ticket function. |
| CVE-2023-24653 | 2023-02-27 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the oldpass parameter under the Change Password function. |
| CVE-2023-24654 | 2023-02-27 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the name parameter under the Request a Quote function. |
| CVE-2023-24656 | 2023-02-27 | Simple Customer Relationship Management System v1.0 was discovered to contain a SQL injection vulnerability via the subject parameter under the Create Ticket function. |
| CVE-2023-25231 | 2023-02-27 | Tenda Router W30E V1.0.1.25(633) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. |
| CVE-2023-25233 | 2023-02-27 | Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromRouteStatic via parameters entrys and mitInterface. |
| CVE-2023-25234 | 2023-02-27 | Tenda AC500 V2.0.1.9(1307) is vulnerable to Buffer Overflow in function fromAddressNat via parameters entrys and mitInterface. |