CVE List - 2023 / March
Showing 2101 - 2200 of 2488 CVEs for March 2023 (Page 22 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-0465 | 2023-03-28 | Invalid certificate policies in leaf certificates are silently ignored |
| CVE-2023-0466 | 2023-03-28 | Certificate policy check not enabled |
| CVE-2023-0775 | 2023-03-28 | Bluetooth LE Invalid prepare write request command leads to denial of service |
| CVE-2023-28395 | 2023-03-28 | CVE-2023-28395 |
| CVE-2023-28375 | 2023-03-28 | CVE-2023-28375 |
| CVE-2023-28637 | 2023-03-28 | DataEase AWS redshift data source exists for remote code execution vulnerability |
| CVE-2023-28654 | 2023-03-28 | CVE-2023-28654 |
| CVE-2023-27886 | 2023-03-28 | CVE-2023-27886 |
| CVE-2023-27394 | 2023-03-28 | CVE-2023-27394 |
| CVE-2023-28648 | 2023-03-28 | CVE-2023-28648 |
| CVE-2023-27284 | 2023-03-28 | IBM Aspera code execution |
| CVE-2023-28447 | 2023-03-28 | Cross site scripting vulnerability in Javascript escaping in smarty/smarty |
| CVE-2023-27286 | 2023-03-28 | IBM Aspera code execution |
| CVE-2023-28398 | 2023-03-28 | CVE-2023-28398 |
| CVE-2023-28718 | 2023-03-28 | CVE-2023-28718 |
| CVE-2023-28712 | 2023-03-28 | CVE-2023-28712 |
| CVE-2023-28626 | 2023-03-28 | Quadratic runtime when parsing Markdown in comrak |
| CVE-2023-28631 | 2023-03-28 | Attacker controlled data in AST nodes is not validated in comrak |
| CVE-2023-1674 | 2023-03-28 | SourceCodester School Registration and Fee System POST Parameter login.php sql injection |
| CVE-2022-36059 | 2023-03-28 | Prototype pollution in matrix-js-sdk |
| CVE-2023-28427 | 2023-03-28 | Prototype pollution in matrix-js-sdk |
| CVE-2023-1516 | 2023-03-28 | RoboDK versions 5.5.3 and prior contain an insecure permission assignment to critical directories vulnerability, which could allow a local user to escalate privileges and write files to the RoboDK process... |
| CVE-2023-28103 | 2023-03-28 | Prototype pollution in matrix-react-sdk |
| CVE-2022-36060 | 2023-03-28 | Prototype pollution in matrix-react-sdk |
| CVE-2023-1518 | 2023-03-28 | CP Plus KVMS Pro versions 2.01.0.T.190521 and prior are vulnerable to sensitive credentials being leaked because they are insufficiently protected. |
| CVE-2023-1675 | 2023-03-28 | SourceCodester School Registration and Fee System GET Parameter edit_stud.php sql injection |
| CVE-2023-1676 | 2023-03-28 | DriverGenius IOCTL mydrivers64.sys 0x9C402088 memory corruption |
| CVE-2023-1677 | 2023-03-28 | DriverGenius IOCTL mydrivers64.sys 0x9c402084 denial of service |
| CVE-2023-1678 | 2023-03-28 | DriverGenius IOCTL mydrivers64.sys 0x9C40A0E0 memory corruption |
| CVE-2023-1679 | 2023-03-28 | DriverGenius IOCTL mydrivers64.sys 0x9C40A108 memory corruption |
| CVE-2023-1681 | 2023-03-28 | Xunrui CMS test.php information disclosure |
| CVE-2023-1682 | 2023-03-28 | Xunrui CMS Install.txt direct request |
| CVE-2021-41526 | 2023-03-29 | A vulnerability has been reported in the windows installer (MSI) built with InstallScript custom action. This vulnerability may allow privilege escalation when invoked ‘repair’ of the MSI which has an... |
| CVE-2022-1274 | 2023-03-29 | A flaw was found in Keycloak in the execute-actions-email endpoint. This issue allows arbitrary HTML to be injected into emails sent to Keycloak users and can be misused to perform... |
| CVE-2022-44370 | 2023-03-29 | NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 |
| CVE-2022-48434 | 2023-03-29 | libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale hwaccel state in worker threads, which allows attackers to trigger a use-after-free and execute arbitrary code... |
| CVE-2023-28892 | 2023-03-29 | Malwarebytes AdwCleaner 8.4.0 runs as Administrator and performs an insecure file delete operation on C:\AdwCleaner\Logs\AdwCleaner_Debug.log in which the target location is user-controllable, allowing a non-admin user to escalate privileges to... |
| CVE-2017-6894 | 2023-03-29 | A vulnerability exists in FlexNet Manager Suite releases 2015 R2 SP3 and earlier (including FlexNet Manager Platform 9.2 and earlier) that affects the inventory gathering components and can be exploited... |
| CVE-2019-8963 | 2023-03-29 | A Denial of Service (DoS) vulnerability was discovered in FlexNet Publisher's lmadmin 11.16.5, when doing a crafted POST request on lmadmin using the web-based tool. |
| CVE-2020-14140 | 2023-03-29 | When Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal WIFI password vulnerability. This vulnerability is caused by the lack of access control policies... |
| CVE-2022-2560 | 2023-03-29 | This vulnerability allows remote attackers to delete arbitrary files on affected installations of EnterpriseDT CompleteFTP 22.1.0 Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within... |
| CVE-2022-2561 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of OPC Labs QuickOPC 2022.1. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-27597 | 2023-03-29 | QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) |
| CVE-2022-27598 | 2023-03-29 | QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) |
| CVE-2022-27641 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within... |
| CVE-2022-27642 | 2023-03-29 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the... |
| CVE-2022-27643 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within... |
| CVE-2022-27644 | 2023-03-29 | This vulnerability allows network-adjacent attackers to compromise the integrity of downloaded information on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific... |
| CVE-2022-27645 | 2023-03-29 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700v3 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within readycloud_control.cgi. The... |
| CVE-2022-27646 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can... |
| CVE-2022-27647 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can... |
| CVE-2022-27648 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of KOYO Screen Creator 0.1.1.1. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-2825 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the... |
| CVE-2022-28300 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation 10.16.02.034 CONNECT. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28301 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28302 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28303 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2022-28304 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28305 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28306 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28307 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2022-28308 | 2023-03-29 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2022-28309 | 2023-03-29 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2022-28310 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28311 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28312 | 2023-03-29 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28313 | 2023-03-29 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28314 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28315 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28316 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28317 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28318 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28319 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28320 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.16.02.022. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2022-2848 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kepware KEPServerEX 6.11.718.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the... |
| CVE-2022-28641 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28642 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28643 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28644 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28645 | 2023-03-29 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28646 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.2.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28647 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.2.034. User interaction is required to exploit this vulnerability in that the target must... |
| CVE-2022-28685 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the... |
| CVE-2022-28686 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the... |
| CVE-2022-28687 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the... |
| CVE-2022-28688 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the... |
| CVE-2022-3093 | 2023-03-29 | This vulnerability allows physical attackers to execute arbitrary code on affected Tesla vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the ice_updater update mechanism.... |
| CVE-2022-3210 | 2023-03-29 | This vulnerability allows network-adjacent attackers to execute arbitrary commands on affected installations of D-Link DIR-2150 4.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within... |
| CVE-2022-36969 | 2023-03-29 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of AVEVA Edge 2020 SP2 Patch 0(4201.2111.1802.0000). User interaction is required to exploit this vulnerability in that the... |
| CVE-2022-36970 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of AVEVA Edge 20.0 Build: 4201.2111.1802.0000 Service Pack 2. User interaction is required to exploit this vulnerability in... |
| CVE-2022-36971 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be... |
| CVE-2022-36972 | 2023-03-29 | This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of... |
| CVE-2022-36973 | 2023-03-29 | This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.... |
| CVE-2022-36974 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be... |
| CVE-2022-36975 | 2023-03-29 | This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the ProfileDaoImpl class. A crafted request can trigger execution of... |
| CVE-2022-36976 | 2023-03-29 | This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. The specific flaw exists within the GroupDaoImpl class. A crafted request can trigger execution of... |
| CVE-2022-36977 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be... |
| CVE-2022-36978 | 2023-03-29 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be... |
| CVE-2022-36979 | 2023-03-29 | This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.... |
| CVE-2022-36980 | 2023-03-29 | This vulnerability allows remote attackers to bypass authentication on affected installations of Ivanti Avalanche 6.3.2.3490. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed.... |