CVE List - 2023 / August
Showing 1701 - 1800 of 2479 CVEs for August 2023 (Page 18 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-40735 | 2023-08-21 | Butterfly Button Project - Sensitive Information Disclosure |
| CVE-2023-3667 | 2023-08-21 | Bit Assist < 1.1.9 - Admin+ Stored Cross-Site Scripting |
| CVE-2023-3954 | 2023-08-21 | MultiParcels Shipping For WooCommerce 1.15.2-1.15.3 - Reflected XSS |
| CVE-2023-3936 | 2023-08-21 | Blog2Social < 7.2.1 - Reflected XSS |
| CVE-2023-3366 | 2023-08-21 | MultiParcels Shipping For WooCommerce < 1.15.2 - Arbitrary Shipment Deletion via CSRF |
| CVE-2023-3604 | 2023-08-21 | Change WP Admin < 1.1.4 - Secret Login Page Disclosure |
| CVE-2023-4456 | 2023-08-21 | Openshift-logging: lokistack authorisation is cached too broadly |
| CVE-2023-38035 | 2023-08-21 | A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to... |
| CVE-2023-32002 | 2023-08-21 | The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module. This vulnerability affects all users using the experimental policy... |
| CVE-2023-4373 | 2023-08-21 | Inadequate validation of permissions when employing remote tools and macros within Devolutions Remote Desktop Manager versions 2023.2.19 and earlier permits a user to initiate a connection without proper execution rights... |
| CVE-2023-4417 | 2023-08-21 | Improper access controls in the entry duplication component in Devolutions Remote Desktop Manager 2023.2.19 and earlier versions on Windows allows an authenticated user, under specific circumstances, to inadvertently share their... |
| CVE-2023-4459 | 2023-08-21 | Kernel: vmxnet3: null pointer dereference in vmxnet3_rq_cleanup() |
| CVE-2023-38158 | 2023-08-21 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| CVE-2023-36787 | 2023-08-21 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2023-25915 | 2023-08-21 | Authenticated Remote Command Execution in Danfoss AK-SM800A |
| CVE-2023-25914 | 2023-08-21 | Authneticated Path Traversal in Danfoss AK-SM800A |
| CVE-2023-25913 | 2023-08-21 | Authentication Bypass in Danfoss AK-SM800A |
| CVE-2023-4303 | 2023-08-21 | HTML injection vulnerability in Fortify Plugin |
| CVE-2023-4302 | 2023-08-21 | Missing permission checks in Fortify Plugin allow capturing credentials |
| CVE-2023-4301 | 2023-08-21 | CSRF vulnerability in Fortify Plugin allow capturing credentials |
| CVE-2020-18232 | 2023-08-22 | Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. |
| CVE-2020-18378 | 2023-08-22 | A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-as. |
| CVE-2020-18382 | 2023-08-22 | Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-opt. |
| CVE-2020-18494 | 2023-08-22 | Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. |
| CVE-2020-18651 | 2023-08-22 | Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame. |
| CVE-2020-18652 | 2023-08-22 | Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file. |
| CVE-2020-18768 | 2023-08-22 | There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file. |
| CVE-2020-18770 | 2023-08-22 | An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. |
| CVE-2020-18780 | 2023-08-22 | A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command. |
| CVE-2020-18781 | 2023-08-22 | Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert. |
| CVE-2020-18831 | 2023-08-22 | Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file. |
| CVE-2020-18839 | 2023-08-22 | Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. |
| CVE-2020-19185 | 2023-08-22 | Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. |
| CVE-2020-19186 | 2023-08-22 | Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. |
| CVE-2020-19187 | 2023-08-22 | Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. |
| CVE-2020-19188 | 2023-08-22 | Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. |
| CVE-2020-19189 | 2023-08-22 | Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. |
| CVE-2020-19190 | 2023-08-22 | Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. |
| CVE-2020-19724 | 2023-08-22 | A memory consumption issue in get_data function in binutils/nm.c in GNU nm before 2.34 allows attackers to cause a denial of service via crafted command. |
| CVE-2020-19725 | 2023-08-22 | There is a use-after-free vulnerability in file pdd_simplifier.cpp in Z3 before 4.8.8. It occurs when the solver attempt to simplify the constraints and causes unexpected memory access. It can cause... |
| CVE-2020-19726 | 2023-08-22 | An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service. |
| CVE-2020-19909 | 2023-08-22 | Integer overflow vulnerability in tool_operate.c in curl 7.65.2 via a large value as the retry delay. NOTE: many parties report that this has no direct security impact on the curl... |
| CVE-2020-20813 | 2023-08-22 | Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet. |
| CVE-2020-21047 | 2023-08-22 | The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193)... |
| CVE-2020-21426 | 2023-08-22 | Buffer Overflow vulnerability in function C_IStream::read in PluginEXR.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. |
| CVE-2020-21469 | 2023-08-22 | An issue was discovered in PostgreSQL 12.2 allows attackers to cause a denial of service via repeatedly sending SIGHUP signals. NOTE: this is disputed by the vendor because untrusted users... |
| CVE-2020-21490 | 2023-08-22 | An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled. |
| CVE-2020-21528 | 2023-08-22 | A Segmentation Fault issue discovered in in ieee_segment function in outieee.c in nasm 2.14.03 and 2.15 allows remote attackers to cause a denial of service via crafted assembly file. |
| CVE-2020-21583 | 2023-08-22 | An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date. |
| CVE-2020-21679 | 2023-08-22 | Buffer Overflow vulnerability in WritePCXImage function in pcx.c in GraphicsMagick 1.4 allows remote attackers to cause a denial of service via converting of crafted image file to pcx format. |
| CVE-2020-21685 | 2023-08-22 | Buffer Overflow vulnerability in hash_findi function in hashtbl.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. |
| CVE-2020-21686 | 2023-08-22 | A stack-use-after-scope issue discovered in expand_mmac_params function in preproc.c in nasm before 2.15.04 allows remote attackers to cause a denial of service via crafted asm file. |
| CVE-2020-21687 | 2023-08-22 | Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. |
| CVE-2020-21699 | 2023-08-22 | The web server Tengine 2.2.2 developed in the Nginx version from 0.5.6 thru 1.13.2 is vulnerable to an integer overflow vulnerability in the nginx range filter module, resulting in the... |
| CVE-2020-21710 | 2023-08-22 | A divide by zero issue discovered in eps_print_page in gdevepsn.c in Artifex Software GhostScript 9.50 allows remote attackers to cause a denial of service via opening of crafted PDF file. |
| CVE-2020-21722 | 2023-08-22 | Buffer Overflow vulnerability in oggvideotools 0.9.1 allows remote attackers to run arbitrary code via opening of crafted ogg file. |
| CVE-2020-21723 | 2023-08-22 | A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file. |
| CVE-2020-21724 | 2023-08-22 | Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via opening of crafted ogg file. |
| CVE-2020-21890 | 2023-08-22 | Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF... |
| CVE-2020-22181 | 2023-08-22 | A reflected cross site scripting (XSS) vulnerability was discovered on Samsung sww-3400rw Router devices via the m2 parameter of the sess-bin/command.cgi |
| CVE-2020-22217 | 2023-08-22 | Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. |
| CVE-2020-22218 | 2023-08-22 | An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. |
| CVE-2020-22219 | 2023-08-22 | Buffer Overflow vulnerability in function bitwriter_grow_ in flac before 1.4.0 allows remote attackers to run arbitrary code via crafted input to the encoder. |
| CVE-2020-22570 | 2023-08-22 | Memcached 1.6.0 before 1.6.3 allows remote attackers to cause a denial of service (daemon crash) via a crafted meta command. |
| CVE-2020-22628 | 2023-08-22 | Buffer Overflow vulnerability in LibRaw::stretch() function in libraw\src\postprocessing\aspect_ratio.cpp. |
| CVE-2020-22916 | 2023-08-22 | An issue discovered in XZ 5.2.5 allows attackers to cause a denial of service via decompression of a crafted file. NOTE: the vendor disputes the claims of "endless output" and... |
| CVE-2020-23793 | 2023-08-22 | An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product. There is a security vulnerablility that can restart KVMvirtual machine without any authorization. It is not yet known if... |
| CVE-2020-23804 | 2023-08-22 | Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input. |
| CVE-2020-23992 | 2023-08-22 | Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request. |
| CVE-2020-24113 | 2023-08-22 | Directory Traversal vulnerability in Contacts File Upload Interface in Yealink W60B version 77.83.0.85, allows attackers to gain sensitive information and cause a denial of service (DoS). |
| CVE-2020-24292 | 2023-08-22 | Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file. |
| CVE-2020-24293 | 2023-08-22 | Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file. |
| CVE-2020-24294 | 2023-08-22 | Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file. |
| CVE-2020-24295 | 2023-08-22 | Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file. |
| CVE-2020-25887 | 2023-08-22 | Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file. |
| CVE-2020-26652 | 2023-08-22 | An issue was discovered in function nl80211_send_chandef in rtl8812au v5.6.4.2 allows attackers to cause a denial of service. |
| CVE-2020-26683 | 2023-08-22 | A memory leak issue discovered in /pdf/pdf-font-add.c in Artifex Software MuPDF 1.17.0 allows attackers to obtain sensitive information. |
| CVE-2020-27418 | 2023-08-22 | A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function. |
| CVE-2020-35342 | 2023-08-22 | GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. |
| CVE-2020-35357 | 2023-08-22 | A buffer overflow can occur when calculating the quantile value using the Statistics Library of GSL (GNU Scientific Library), versions 2.5 and 2.6. Processing a maliciously crafted input data for... |
| CVE-2021-29390 | 2023-08-22 | libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c. |
| CVE-2021-30047 | 2023-08-22 | VSFTPD 3.0.3 allows attackers to cause a denial of service due to limited number of connections allowed. |
| CVE-2021-32292 | 2023-08-22 | An issue was discovered in json-c from 20200420 (post 0.14 unreleased code) through 0.15-20200726. A stack-buffer-overflow exists in the auxiliary sample program json_parse which is located in the function parseit. |
| CVE-2021-32420 | 2023-08-22 | dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y. |
| CVE-2021-32421 | 2023-08-22 | dpic 2021.01.01 has a Heap Use-After-Free in thedeletestringbox() function in dpic.y. |
| CVE-2021-32422 | 2023-08-22 | dpic 2021.01.01 has a Global buffer overflow in theyylex() function in main.c and reads out of the bound array. |
| CVE-2021-33388 | 2023-08-22 | dpic 2021.04.10 has a Heap Buffer Overflow in themakevar() function in dpic.y |
| CVE-2021-33390 | 2023-08-22 | dpic 2021.04.10 has a use-after-free in thedeletestringbox() function in dpic.y. A different vulnerablility than CVE-2021-32421. |
| CVE-2021-35309 | 2023-08-22 | An issue discovered in Samsung SyncThru Web Service SPL 5.93 06-09-2014 allows attackers to gain escalated privileges via MITM attacks. |
| CVE-2021-40211 | 2023-08-22 | An issue was discovered with ImageMagick 7.1.0-4 via Division by zero in function ReadEnhMetaFile of coders/emf.c. |
| CVE-2021-40262 | 2023-08-22 | A stack exhaustion issue was discovered in FreeImage before 1.18.0 via the Validate function in PluginRAW.cpp. |
| CVE-2021-40263 | 2023-08-22 | A heap overflow vulnerability in FreeImage 1.18.0 via the ofLoad function in PluginTIFF.cpp. |
| CVE-2021-40264 | 2023-08-22 | NULL pointer dereference vulnerability in FreeImage before 1.18.0 via the FreeImage_CloneTag function inFreeImageTag.cpp. |
| CVE-2021-40265 | 2023-08-22 | A heap overflow bug exists FreeImage before 1.18.0 via ofLoad function in PluginJPEG.cpp. |
| CVE-2021-40266 | 2023-08-22 | FreeImage before 1.18.0, ReadPalette function in PluginTIFF.cpp is vulnerabile to null pointer dereference. |
| CVE-2021-43171 | 2023-08-22 | Improper verification of applications' cryptographic signatures in the /e/OS app store client App Lounge before 0.19q allows attackers in control of the application server to install malicious applications on user's... |
| CVE-2021-46174 | 2023-08-22 | Heap-based Buffer Overflow in function bfd_getl32 in Binutils objdump 3.37. |
| CVE-2021-46179 | 2023-08-22 | Reachable Assertion vulnerability in upx before 4.0.0 allows attackers to cause a denial of service via crafted file passed to the the readx function. |
| CVE-2022-25024 | 2023-08-22 | The json2xml package through 3.12.0 for Python allows an error in typecode decoding enabling a remote attack that can lead to an exception, causing a denial of service. |
| CVE-2022-26592 | 2023-08-22 | Stack Overflow vulnerability in libsass 3.6.5 via the CompoundSelector::has_real_parent_ref function. |