CVE List - 2023 / February
Showing 601 - 700 of 2164 CVEs for February 2023 (Page 7 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-43761 | 2023-02-08 | Lack of authentication when managing APROL database |
| CVE-2022-43762 | 2023-02-08 | Memory leak when receiving messages in APROL Tbase server |
| CVE-2022-43763 | 2023-02-08 | Lack of checking preconditions in APROL |
| CVE-2022-43764 | 2023-02-08 | Buffer overflow when changing configuration on Tbase Server |
| CVE-2022-43765 | 2023-02-08 | DoS in APROLs Tbase server |
| CVE-2022-41620 | 2023-02-08 | WordPress SeoSamba for WordPress Webmasters Plugin <= 1.0.5 is vulnerable to Cross Site Request Forgery (CSRF) |
| CVE-2022-45085 | 2023-02-08 | Server-Side Request Forgery in Smartpower Web |
| CVE-2023-0001 | 2023-02-08 | Cortex XDR Agent: Cleartext Exposure of Agent Admin Password |
| CVE-2023-0002 | 2023-02-08 | Cortex XDR Agent: Product Disruption by Local Windows User |
| CVE-2023-0003 | 2023-02-08 | Cortex XSOAR: Local File Disclosure Vulnerability in the Cortex XSOAR Server |
| CVE-2023-23475 | 2023-02-08 | IBM Infosphere Information Server cross-site scripting |
| CVE-2022-35720 | 2023-02-08 | IBM Sterling External Authentication Server information disclosure |
| CVE-2022-45086 | 2023-02-08 | Cross-site Scripting in Smartpower Web |
| CVE-2023-0690 | 2023-02-08 | Boundary Workers Store Rotated Credentials in Plaintext Even When a Key Management Service Configured |
| CVE-2022-34362 | 2023-02-08 | IBM Sterling Secure Proxy HOST header injection |
| CVE-2022-45087 | 2023-02-08 | Cross-site Scripting in Smartpower Web |
| CVE-2022-43869 | 2023-02-08 | IBM Spectrum Scale denial of service |
| CVE-2022-45088 | 2023-02-08 | Local File Inclusion in Smartpower Web |
| CVE-2023-25152 | 2023-02-08 | Symbolic Link (Symlink) Following in github.com/pterodactyl/wings |
| CVE-2022-42438 | 2023-02-08 | IBM Cloud Pak for Multicloud Management Monitoring privilege escalation |
| CVE-2023-0401 | 2023-02-08 | NULL dereference during PKCS7 data verification |
| CVE-2023-0286 | 2023-02-08 | X.400 address type confusion in X.509 GeneralName |
| CVE-2023-0217 | 2023-02-08 | NULL dereference validating DSA public key |
| CVE-2023-0216 | 2023-02-08 | Invalid pointer dereference in d2i_PKCS7 functions |
| CVE-2023-0215 | 2023-02-08 | Use-after-free following BIO_new_NDEF |
| CVE-2022-4450 | 2023-02-08 | Double free after calling PEM_read_bio_ex |
| CVE-2022-4304 | 2023-02-08 | Timing Oracle in RSA Decryption |
| CVE-2023-25165 | 2023-02-08 | getHostByName Function Information Disclosure |
| CVE-2022-34350 | 2023-02-08 | IBM API Connect security bypass |
| CVE-2023-25150 | 2023-02-08 | Document content of files can be obtained through Collabora for files of other users |
| CVE-2022-45089 | 2023-02-08 | SQL Injection in Smartpower Web |
| CVE-2022-45090 | 2023-02-08 | SQL Injection in Smartpower Web |
| CVE-2023-25151 | 2023-02-08 | DoS vulnerability for high cardinality metrics in opentelemetry-go-contrib |
| CVE-2023-0751 | 2023-02-08 | GELI silently omits the keyfile if read from stdin |
| CVE-2023-25164 | 2023-02-08 | Sensitive Information leak via Script File in TinaCMS |
| CVE-2022-45091 | 2023-02-08 | Cross-site Scripting in Smartpower Web |
| CVE-2023-25166 | 2023-02-08 | Regular Expression Denial of Service (ReDoS) Vulnerability |
| CVE-2022-42436 | 2023-02-08 | IBM MQ information disclosure |
| CVE-2023-25167 | 2023-02-08 | Regular expression denial of service via installing themes via git in discourse |
| CVE-2023-25163 | 2023-02-08 | Argo CD leaks repository credentials in user-facing error messages and in logs |
| CVE-2023-0249 | 2023-02-08 | CVE-2023-0249 |
| CVE-2023-0250 | 2023-02-08 | CVE-2023-0250 |
| CVE-2023-0251 | 2023-02-08 | CVE-2023-0251 |
| CVE-2023-25168 | 2023-02-08 | Symbolic Link (Symlink) Following allowing the deletion of files and directories on the host system in wings |
| CVE-2022-43552 | 2023-02-09 | A use after free vulnerability exists in curl <7.87.0. Curl... |
| CVE-2022-44570 | 2023-02-09 | A denial of service vulnerability in the Range header parsing... |
| CVE-2022-44571 | 2023-02-09 | There is a denial of service vulnerability in the Content-Disposition... |
| CVE-2022-44572 | 2023-02-09 | A denial of service vulnerability in the multipart parsing component... |
| CVE-2023-0770 | 2023-02-09 | Stack-based Buffer Overflow in gpac/gpac |
| CVE-2023-22794 | 2023-02-09 | A vulnerability in ActiveRecord <6.0.6.1, v6.1.7.1 and v7.0.4.1 related to... |
| CVE-2023-22795 | 2023-02-09 | A regular expression based DoS vulnerability in Action Dispatch <6.1.7.1... |
| CVE-2023-22796 | 2023-02-09 | A regular expression based DoS vulnerability in Active Support <6.1.7.1... |
| CVE-2023-22799 | 2023-02-09 | A ReDoS based DoS vulnerability in the GlobalID <1.0.1 which... |
| CVE-2023-22953 | 2023-02-09 | In ExpressionEngine before 7.2.6, remote code execution can be achieved... |
| CVE-2022-30564 | 2023-02-09 | Some Dahua embedded products have a vulnerability of unauthorized modification... |
| CVE-2022-43550 | 2023-02-09 | A command injection vulnerability exists in Jitsi before commit 8aa7be58522f4264078d54752aae5483bfd854b2... |
| CVE-2022-44566 | 2023-02-09 | A denial of service vulnerability present in ActiveRecord's PostgreSQL adapter... |
| CVE-2022-48286 | 2023-02-09 | The multi-screen collaboration module has a privilege escalation vulnerability. Successful... |
| CVE-2022-48287 | 2023-02-09 | The HwContacts module has a logic bypass vulnerability. Successful exploitation... |
| CVE-2022-48288 | 2023-02-09 | The bundle management module lacks authentication and control mechanisms in... |
| CVE-2022-48289 | 2023-02-09 | The bundle management module lacks authentication and control mechanisms in... |
| CVE-2022-48290 | 2023-02-09 | The phone-PC collaboration module has a logic bypass vulnerability. Successful... |
| CVE-2022-48292 | 2023-02-09 | The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation... |
| CVE-2022-48293 | 2023-02-09 | The Bluetooth module has an OOM vulnerability. Successful exploitation of... |
| CVE-2022-48294 | 2023-02-09 | The IHwAttestationService interface has a defect in authentication. Successful exploitation... |
| CVE-2022-48295 | 2023-02-09 | The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this... |
| CVE-2022-48296 | 2023-02-09 | The SystemUI has a vulnerability in permission management. Successful exploitation... |
| CVE-2022-48297 | 2023-02-09 | The geofencing kernel code has a vulnerability of not verifying... |
| CVE-2022-48298 | 2023-02-09 | The geofencing kernel code does not verify the length of... |
| CVE-2022-48299 | 2023-02-09 | The WMS module lacks the authentication mechanism in some APIs.... |
| CVE-2022-48300 | 2023-02-09 | The WMS module lacks the authentication mechanism in some APIs.... |
| CVE-2022-48301 | 2023-02-09 | The bundle management module lacks permission verification in some APIs.... |
| CVE-2022-48302 | 2023-02-09 | The AMS module has a vulnerability of lacking permission verification... |
| CVE-2023-0624 | 2023-02-09 | OrangeScrum version 2.0.11 allows an external attacker to obtain arbitrary... |
| CVE-2023-0759 | 2023-02-09 | Privilege Chaining in cockpit-hq/cockpit |
| CVE-2023-0760 | 2023-02-09 | Heap-based Buffer Overflow in gpac/gpac |
| CVE-2023-21419 | 2023-02-09 | An improper implementation logic in Secure Folder prior to SMR... |
| CVE-2023-21420 | 2023-02-09 | Use of Externally-Controlled Format String vulnerabilities in STST TA prior... |
| CVE-2023-21421 | 2023-02-09 | Improper Handling of Insufficient Permissions or Privileges vulnerability in KnoxCustomManagerService... |
| CVE-2023-21422 | 2023-02-09 | Improper authorization vulnerability in semAddPublicDnsAddr in WifiSevice prior to SMR... |
| CVE-2023-21423 | 2023-02-09 | Improper authorization vulnerability in ChnFileShareKit prior to SMR Jan-2023 Release... |
| CVE-2023-21424 | 2023-02-09 | Improper Handling of Insufficient Permissions or Privileges vulnerability in SemChameleonHelper... |
| CVE-2023-21425 | 2023-02-09 | Improper access control vulnerability in telecom application prior to SMR... |
| CVE-2023-21426 | 2023-02-09 | Hardcoded AES key to encrypt cardemulation PINs in NFC prior... |
| CVE-2023-21427 | 2023-02-09 | Improper access control vulnerability in NfcTile prior to SMR Jan-2023... |
| CVE-2023-21428 | 2023-02-09 | Improper input validation vulnerability in TelephonyUI prior to SMR Jan-2023... |
| CVE-2023-21429 | 2023-02-09 | Improper usage of implict intent in ePDG prior to SMR... |
| CVE-2023-21430 | 2023-02-09 | An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library... |
| CVE-2023-21431 | 2023-02-09 | Improper input validation in Bixby Vision prior to version 3.7.70.17... |
| CVE-2023-21432 | 2023-02-09 | Improper access control vulnerabilities in Smart Things prior to 1.7.93... |
| CVE-2023-21433 | 2023-02-09 | Improper access control vulnerability in Galaxy Store prior to version... |
| CVE-2023-21434 | 2023-02-09 | Improper input validation vulnerability in Galaxy Store prior to version... |
| CVE-2023-21435 | 2023-02-09 | Exposure of Sensitive Information vulnerability in Fingerprint TA prior to... |
| CVE-2023-21436 | 2023-02-09 | Improper usage of implicit intent in Contacts prior to SMR... |
| CVE-2023-21437 | 2023-02-09 | Improper access control vulnerability in Phone application prior to SMR... |
| CVE-2023-21438 | 2023-02-09 | Improper logic in HomeScreen prior to SMR Feb-2023 Release 1... |
| CVE-2023-21439 | 2023-02-09 | Improper input validation vulnerability in UwbDataTxStatusEvent prior to SMR Feb-2023... |
| CVE-2023-21440 | 2023-02-09 | Improper access control vulnerability in WindowManagerService prior to SMR Feb-2023... |
| CVE-2023-21441 | 2023-02-09 | Insufficient Verification of Data Authenticity vulnerability in Routine prior to... |
| CVE-2023-21442 | 2023-02-09 | Improper access control vulnerability in Runestone application prior to version... |