CVE List - 2023 / May
Showing 701 - 800 of 2420 CVEs for May 2023 (Page 8 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-31139 | 2023-05-09 | DHIS2 Core unrestricted session cookies with Personal Access Tokens |
| CVE-2023-32060 | 2023-05-09 | DHIS2 Core Improper Access Control with Category Option Combination sharing in /api/trackedEntityInstance and /api/events |
| CVE-2023-31143 | 2023-05-09 | Mage terminal user authentication not working properly |
| CVE-2023-31144 | 2023-05-09 | Craft CMS vulnerable to cross site scripting in RSS feed widget |
| CVE-2023-32066 | 2023-05-09 | Time Tracker has Stored XSS vulnerability in Week View plugin |
| CVE-2023-32069 | 2023-05-09 | XWiki Platform privilege escalation (PR)/RCE from account through class sheet |
| CVE-2023-32071 | 2023-05-09 | XWiki Platform vulnerable to RXSS via editor parameter - importinline template |
| CVE-2023-25829 | 2023-05-09 | BUG-000155001 - Unvalidated redirect in Portal for ArcGIS. |
| CVE-2023-25830 | 2023-05-09 | BUG-000154662 Reflected XSS vulnerability in Portal for ArcGIS |
| CVE-2023-28283 | 2023-05-09 | Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability |
| CVE-2023-24898 | 2023-05-09 | Windows SMB Denial of Service Vulnerability |
| CVE-2023-24899 | 2023-05-09 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2023-24939 | 2023-05-09 | Server for NFS Denial of Service Vulnerability |
| CVE-2023-24900 | 2023-05-09 | Windows NTLM Security Support Provider Information Disclosure Vulnerability |
| CVE-2023-24940 | 2023-05-09 | Windows Pragmatic General Multicast (PGM) Denial of Service Vulnerability |
| CVE-2023-24901 | 2023-05-09 | Windows NFS Portmapper Information Disclosure Vulnerability |
| CVE-2023-24941 | 2023-05-09 | Windows Network File System Remote Code Execution Vulnerability |
| CVE-2023-24902 | 2023-05-09 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-24942 | 2023-05-09 | Remote Procedure Call Runtime Denial of Service Vulnerability |
| CVE-2023-24903 | 2023-05-09 | Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability |
| CVE-2023-24943 | 2023-05-09 | Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| CVE-2023-24905 | 2023-05-09 | Remote Desktop Client Remote Code Execution Vulnerability |
| CVE-2023-24944 | 2023-05-09 | Windows Bluetooth Driver Information Disclosure Vulnerability |
| CVE-2023-24945 | 2023-05-09 | Windows iSCSI Target Service Information Disclosure Vulnerability |
| CVE-2023-24946 | 2023-05-09 | Windows Backup Service Elevation of Privilege Vulnerability |
| CVE-2023-24947 | 2023-05-09 | Windows Bluetooth Driver Remote Code Execution Vulnerability |
| CVE-2023-24948 | 2023-05-09 | Windows Bluetooth Driver Elevation of Privilege Vulnerability |
| CVE-2023-24949 | 2023-05-09 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2023-24950 | 2023-05-09 | Microsoft SharePoint Server Spoofing Vulnerability |
| CVE-2023-24953 | 2023-05-09 | Microsoft Excel Remote Code Execution Vulnerability |
| CVE-2023-24954 | 2023-05-09 | Microsoft SharePoint Server Information Disclosure Vulnerability |
| CVE-2023-24955 | 2023-05-09 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2023-29324 | 2023-05-09 | Windows MSHTML Platform Security Feature Bypass Vulnerability |
| CVE-2023-29335 | 2023-05-09 | Microsoft Word Security Feature Bypass Vulnerability |
| CVE-2023-29336 | 2023-05-09 | Win32k Elevation of Privilege Vulnerability |
| CVE-2023-29338 | 2023-05-09 | Visual Studio Code Spoofing Vulnerability |
| CVE-2023-29340 | 2023-05-09 | AV1 Video Extension Remote Code Execution Vulnerability |
| CVE-2023-29341 | 2023-05-09 | AV1 Video Extension Remote Code Execution Vulnerability |
| CVE-2023-29343 | 2023-05-09 | SysInternals Sysmon for Windows Elevation of Privilege Vulnerability |
| CVE-2023-24932 | 2023-05-09 | Secure Boot Security Feature Bypass Vulnerability |
| CVE-2023-28251 | 2023-05-09 | Windows Driver Revocation List Security Feature Bypass Vulnerability |
| CVE-2023-28290 | 2023-05-09 | Microsoft Remote Desktop app for Windows Information Disclosure Vulnerability |
| CVE-2023-24904 | 2023-05-09 | Windows Installer Elevation of Privilege Vulnerability |
| CVE-2023-29325 | 2023-05-09 | Windows OLE Remote Code Execution Vulnerability |
| CVE-2023-29333 | 2023-05-09 | Microsoft Access Denial of Service Vulnerability |
| CVE-2021-26379 | 2023-05-09 | Insufficient input validation of mailbox data in the SMU may... |
| CVE-2021-26397 | 2023-05-09 | Insufficient address validation, may allow an attacker with a compromised... |
| CVE-2021-46762 | 2023-05-09 | Insufficient input validation in the SMU may allow an attacker... |
| CVE-2021-46763 | 2023-05-09 | Insufficient input validation in the SMU may enable a privileged... |
| CVE-2021-46764 | 2023-05-09 | Improper validation of DRAM addresses in SMU may allow an... |
| CVE-2021-46769 | 2023-05-09 | Insufficient syscall input validation in the ASP Bootloader may allow... |
| CVE-2021-46775 | 2023-05-09 | Improper input validation in ABL may enable an attacker with... |
| CVE-2022-23818 | 2023-05-09 | Insufficient input validation on the model specific register: VM_HSAVE_PA may... |
| CVE-2023-20520 | 2023-05-09 | Improper access control settings in ASP Bootloader may allow an... |
| CVE-2023-20524 | 2023-05-09 | An attacker with a compromised ASP could possibly send malformed... |
| CVE-2021-26354 | 2023-05-09 | Insufficient bounds checking in ASP may allow an attacker to... |
| CVE-2021-26356 | 2023-05-09 | A TOCTOU in ASP bootloader may allow an attacker to... |
| CVE-2021-26365 | 2023-05-09 | Certain size values in firmware binary headers could trigger out... |
| CVE-2021-26371 | 2023-05-09 | A compromised or malicious ABL or UApp could send a... |
| CVE-2021-26406 | 2023-05-09 | Insufficient validation in parsing Owner's Certificate Authority (OCA) certificates in... |
| CVE-2021-46749 | 2023-05-09 | Insufficient bounds checking in ASP (AMD Secure Processor) may allow... |
| CVE-2021-46753 | 2023-05-09 | Failure to validate the length fields of the ASP (AMD... |
| CVE-2021-46754 | 2023-05-09 | Insufficient input validation in the ASP (AMD Secure Processor) bootloader... |
| CVE-2021-46755 | 2023-05-09 | Failure to unmap certain SysHub mappings in error paths of... |
| CVE-2021-46756 | 2023-05-09 | Insufficient validation of inputs in SVC_MAP_USER_STACK in the ASP (AMD... |
| CVE-2021-46759 | 2023-05-09 | Improper syscall input validation in AMD TEE (Trusted Execution Environment)... |
| CVE-2021-46760 | 2023-05-09 | A malicious or compromised UApp or ABL can send a... |
| CVE-2021-46765 | 2023-05-09 | Insufficient input validation in ASP may allow an attacker with... |
| CVE-2021-46773 | 2023-05-09 | Insufficient input validation in ABL may enable a privileged attacker... |
| CVE-2021-46792 | 2023-05-09 | Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an... |
| CVE-2021-46794 | 2023-05-09 | Insufficient bounds checking in ASP (AMD Secure Processor) may allow... |
| CVE-2023-25831 | 2023-05-09 | BUG-000154236 There is a reflected cross-site scripting (XSS) vulnerability in Portal for ArcGIS. |
| CVE-2022-36330 | 2023-05-09 | Buffer Overflow Vulnerability in Western Digital My Cloud Home and ibi devices |
| CVE-2023-25833 | 2023-05-10 | BUG-000155004 HTML injection issue in Portal for ArcGIS. |
| CVE-2021-45345 | 2023-05-10 | Buffer Overflow vulnerability found in En3rgy WebcamServer v.0.5.2 allows a... |
| CVE-2022-4008 | 2023-05-10 | In affected versions of Octopus Deploy it is possible to... |
| CVE-2023-22361 | 2023-05-10 | Improper privilege management vulnerability in SkyBridge MB-A100/110 firmware Ver. 4.2.0... |
| CVE-2023-22441 | 2023-05-10 | Missing authentication for critical function exists in Seiko Solutions SkyBridge... |
| CVE-2023-23578 | 2023-05-10 | Improper access control vulnerability in SkyBridge MB-A200 firmware Ver. 01.00.05... |
| CVE-2023-23901 | 2023-05-10 | Improper following of a certificate's chain of trust exists in... |
| CVE-2023-23906 | 2023-05-10 | Missing authentication for critical function exists in SkyBridge MB-A100/110 firmware... |
| CVE-2023-24586 | 2023-05-10 | Cleartext storage of sensitive information exists in SkyBridge MB-A100/110 firmware... |
| CVE-2023-25070 | 2023-05-10 | Cleartext transmission of sensitive information exists in SkyBridge MB-A100/110 firmware... |
| CVE-2023-25072 | 2023-05-10 | Use of weak credentials exists in SkyBridge MB-A100/110 firmware Ver.... |
| CVE-2023-25184 | 2023-05-10 | Use of weak credentials exists in Seiko Solutions SkyBridge and... |
| CVE-2023-25568 | 2023-05-10 | Boxo bitswap/server: DOS unbounded persistent memory leak |
| CVE-2023-2614 | 2023-05-10 | Cross-site Scripting (XSS) - DOM in pimcore/pimcore |
| CVE-2023-2615 | 2023-05-10 | Cross-site Scripting (XSS) - Reflected in pimcore/pimcore |
| CVE-2023-2616 | 2023-05-10 | Cross-site Scripting (XSS) - Generic in pimcore/pimcore |
| CVE-2023-2629 | 2023-05-10 | Improper Neutralization of Formula Elements in a CSV File in pimcore/customer-data-framework |
| CVE-2023-2630 | 2023-05-10 | Cross-site Scripting (XSS) - Stored in pimcore/pimcore |
| CVE-2023-27385 | 2023-05-10 | Heap-based buffer overflow vulnerability exists in CX-Drive All models all... |
| CVE-2023-27510 | 2023-05-10 | JB Inquiry form contains an exposure of private personal information... |
| CVE-2023-27527 | 2023-05-10 | Shinseiyo Sogo Soft (7.9A) and earlier improperly restricts XML external... |
| CVE-2023-27562 | 2023-05-10 | The n8n package 0.218.0 for Node.js allows Directory Traversal. |
| CVE-2023-27563 | 2023-05-10 | The n8n package 0.218.0 for Node.js allows Escalation of Privileges. |
| CVE-2023-27564 | 2023-05-10 | The n8n package 0.218.0 for Node.js allows Information Disclosure. |
| CVE-2023-27888 | 2023-05-10 | Cross-site scripting vulnerability in Joruri Gw Ver 3.2.5 and earlier... |
| CVE-2023-27889 | 2023-05-10 | Cross-site request forgery (CSRF) vulnerability in LIQUID SPEECH BALLOON versions... |
| CVE-2023-27918 | 2023-05-10 | Cross-site scripting vulnerability in Appointment and Event Booking Calendar for... |