CVE List - 2023 / August
Showing 1301 - 1400 of 2479 CVEs for August 2023 (Page 14 of 25)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-28199 | 2023-08-14 | An out-of-bounds read issue existed that led to the disclosure... |
| CVE-2023-27939 | 2023-08-14 | An out-of-bounds read was addressed with improved input validation. This... |
| CVE-2022-32876 | 2023-08-14 | A logic issue was addressed with improved restrictions. This issue... |
| CVE-2022-46706 | 2023-08-14 | A type confusion issue was addressed with improved state handling.... |
| CVE-2022-22646 | 2023-08-14 | This issue was addressed by removing the vulnerable code. This... |
| CVE-2020-36615 | 2023-08-14 | An out-of-bounds read was addressed with improved bounds checking. This... |
| CVE-2022-48503 | 2023-08-14 | The issue was addressed with improved bounds checks. This issue... |
| CVE-2023-27948 | 2023-08-14 | An out-of-bounds read was addressed with improved input validation. This... |
| CVE-2023-28479 | 2023-08-15 | An issue was discovered in Tigergraph Enterprise 3.7.0. The TigerGraph... |
| CVE-2023-38840 | 2023-08-15 | Bitwarden Desktop 2023.7.0 and below allows an attacker with local... |
| CVE-2023-38850 | 2023-08-15 | Buffer Overflow vulnerability in Michaelrsweet codedoc v.3.7 allows an attacker... |
| CVE-2023-38851 | 2023-08-15 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to... |
| CVE-2023-38852 | 2023-08-15 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to... |
| CVE-2023-38853 | 2023-08-15 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to... |
| CVE-2023-38854 | 2023-08-15 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to... |
| CVE-2023-38855 | 2023-08-15 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to... |
| CVE-2023-38856 | 2023-08-15 | Buffer Overflow vulnerability in libxlsv.1.6.2 allows a remote attacker to... |
| CVE-2023-38857 | 2023-08-15 | Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to... |
| CVE-2023-38858 | 2023-08-15 | Buffer Overflow vulnerability infaad2 v.2.10.1 allows a remote attacker to... |
| CVE-2023-38860 | 2023-08-15 | An issue in LangChain v.0.0.231 allows a remote attacker to... |
| CVE-2023-38861 | 2023-08-15 | An issue in Wavlink WL_WNJ575A3 v.R75A3_V1410_220513 allows a remote attacker... |
| CVE-2023-38862 | 2023-08-15 | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to... |
| CVE-2023-38863 | 2023-08-15 | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to... |
| CVE-2023-38864 | 2023-08-15 | An issue in COMFAST CF-XR11 v.2.7.2 allows an attacker to... |
| CVE-2023-38865 | 2023-08-15 | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at... |
| CVE-2023-38866 | 2023-08-15 | COMFAST CF-XR11 V2.7.2 has a command injection vulnerability detected at... |
| CVE-2023-38889 | 2023-08-15 | An issue in Alluxio v.2.9.3 and before allows an attacker... |
| CVE-2023-38896 | 2023-08-15 | An issue in Harrison Chase langchain v.0.0.194 and before allows... |
| CVE-2023-38898 | 2023-08-15 | An issue in Python cpython v.3.7 allows an attacker to... |
| CVE-2023-38915 | 2023-08-15 | File Upload vulnerability in Wolf-leo EasyAdmin8 v.1.0 allows a remote... |
| CVE-2023-38916 | 2023-08-15 | SQL Injection vulnerability in eVotingSystem-PHP v.1.0 allows a remote attacker... |
| CVE-2023-39659 | 2023-08-15 | An issue in langchain langchain-ai v.0.0.232 and before allows a... |
| CVE-2023-39661 | 2023-08-15 | An issue in pandas-ai v.0.9.1 and before allows a remote... |
| CVE-2023-39662 | 2023-08-15 | An issue in llama_index v.0.7.13 and before allows a remote... |
| CVE-2023-39841 | 2023-08-15 | Missing encryption in the RFID tag of Etekcity 3-in-1 Smart... |
| CVE-2023-39842 | 2023-08-15 | Missing encryption in the RFID tag of Digoo DG-HAMB Smart... |
| CVE-2023-39843 | 2023-08-15 | Missing encryption in the RFID tag of Suleve 5-in-1 Smart... |
| CVE-2023-39850 | 2023-08-15 | Schoolmate v1.3 was discovered to contain multiple SQL injection vulnerabilities... |
| CVE-2023-39851 | 2023-08-15 | webchess v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-39852 | 2023-08-15 | Doctormms v1.0 was discovered to contain a SQL injection vulnerability... |
| CVE-2023-4347 | 2023-08-15 | Cross-site Scripting (XSS) - Reflected in librenms/librenms |
| CVE-2023-4308 | 2023-08-15 | User Submitted Posts <= 20230809 - Unauthenticated Stored Cross-Site Scripting via 'user-submitted-content' |
| CVE-2023-2916 | 2023-08-15 | The InfiniteWP Client plugin for WordPress is vulnerable to Sensitive... |
| CVE-2023-30747 | 2023-08-15 | WordPress WooCommerce Easy Duplicate Product Plugin <= 0.3.0.0 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-30778 | 2023-08-15 | WordPress PowerPress Podcasting Plugin <= 10.0.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-24478 | 2023-08-15 | Use of insufficiently random values for some Intel Agilex(R) software... |
| CVE-2023-30498 | 2023-08-15 | WordPress Vimeotheque Plugin <= 2.2.1 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-4371 | 2023-08-15 | phpRecDB index.php cross site scripting |
| CVE-2023-32006 | 2023-08-15 | The use of `module.constructor.createRequire()` can bypass the policy mechanism and... |
| CVE-2023-32004 | 2023-08-15 | A vulnerability has been discovered in Node.js version 20, specifically... |
| CVE-2023-32003 | 2023-08-15 | `fs.mkdtemp()` and `fs.mkdtempSync()` can be used to bypass the permission... |
| CVE-2023-35082 | 2023-08-15 | An authentication bypass vulnerability in Ivanti EPMM 11.10 and older,... |
| CVE-2023-39438 | 2023-08-15 | Missing Authorization check allows certain operations on CLA Assistant data |
| CVE-2023-2312 | 2023-08-15 | Use after free in Offline in Google Chrome on Android... |
| CVE-2023-4349 | 2023-08-15 | Use after free in Device Trust Connectors in Google Chrome... |
| CVE-2023-4350 | 2023-08-15 | Inappropriate implementation in Fullscreen in Google Chrome on Android prior... |
| CVE-2023-4351 | 2023-08-15 | Use after free in Network in Google Chrome prior to... |
| CVE-2023-4352 | 2023-08-15 | Type confusion in V8 in Google Chrome prior to 116.0.5845.96... |
| CVE-2023-4353 | 2023-08-15 | Heap buffer overflow in ANGLE in Google Chrome prior to... |
| CVE-2023-4354 | 2023-08-15 | Heap buffer overflow in Skia in Google Chrome prior to... |
| CVE-2023-4355 | 2023-08-15 | Out of bounds memory access in V8 in Google Chrome... |
| CVE-2023-4356 | 2023-08-15 | Use after free in Audio in Google Chrome prior to... |
| CVE-2023-4357 | 2023-08-15 | Insufficient validation of untrusted input in XML in Google Chrome... |
| CVE-2023-4358 | 2023-08-15 | Use after free in DNS in Google Chrome prior to... |
| CVE-2023-4359 | 2023-08-15 | Inappropriate implementation in App Launcher in Google Chrome on iOS... |
| CVE-2023-4360 | 2023-08-15 | Inappropriate implementation in Color in Google Chrome prior to 116.0.5845.96... |
| CVE-2023-4361 | 2023-08-15 | Inappropriate implementation in Autofill in Google Chrome on Android prior... |
| CVE-2023-4362 | 2023-08-15 | Heap buffer overflow in Mojom IDL in Google Chrome prior... |
| CVE-2023-4363 | 2023-08-15 | Inappropriate implementation in WebShare in Google Chrome on Android prior... |
| CVE-2023-4364 | 2023-08-15 | Inappropriate implementation in Permission Prompts in Google Chrome prior to... |
| CVE-2023-4365 | 2023-08-15 | Inappropriate implementation in Fullscreen in Google Chrome prior to 116.0.5845.96... |
| CVE-2023-4366 | 2023-08-15 | Use after free in Extensions in Google Chrome prior to... |
| CVE-2023-4367 | 2023-08-15 | Insufficient policy enforcement in Extensions API in Google Chrome prior... |
| CVE-2023-4368 | 2023-08-15 | Insufficient policy enforcement in Extensions API in Google Chrome prior... |
| CVE-2023-4369 | 2023-08-15 | Insufficient data validation in Systems Extensions in Google Chrome on... |
| CVE-2023-40028 | 2023-08-15 | Arbitrary file read via symlinks in Ghost |
| CVE-2023-40027 | 2023-08-15 | Conditionally missing authorization in @keystone-6/core |
| CVE-2023-4345 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable client-side control bypass |
| CVE-2023-38401 | 2023-08-15 | Local Privilege Escalation in HPE Aruba Networking Virtual Intranet Access (VIA) Microsoft Windows Client |
| CVE-2023-4323 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable to improper session management of active sessions on Gateway setup |
| CVE-2023-4344 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable to insufficient randomness due to improper use of ssl.rnd to setup CIM connection |
| CVE-2023-4343 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable due to exposure of sensitive password information in the URL as a URL search parameter |
| CVE-2023-4342 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP strict-transport-security policy |
| CVE-2023-4341 | 2023-08-15 | Broadcom RAID Controller is vulnerable to Privilege escalation to root due to creation of insecure folders by Web GUI |
| CVE-2023-4340 | 2023-08-15 | Broadcom RAID Controller is vulnerable to Privilege escalation by taking advantage of the Session prints in the log file |
| CVE-2023-4339 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable to exposure of private keys used for CIM stored with insecure file permissions |
| CVE-2023-4338 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not provide X-Content-Type-Options Headers |
| CVE-2023-4337 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable to improper session handling of managed servers on Gateway installation |
| CVE-2023-4336 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard cookies with Secure attribute |
| CVE-2023-4335 | 2023-08-15 | Broadcom RAID Controller Web server (nginx) is serving private server-side files without any authentication on Linux |
| CVE-2023-4334 | 2023-08-15 | Broadcom RAID Controller Web server (nginx) is serving private files without any authentication |
| CVE-2023-4333 | 2023-08-15 | Broadcom RAID Controller web interface doesn’t enforce SSL cipher ordering by server |
| CVE-2023-4332 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file |
| CVE-2023-4331 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that support obsolete and vulnerable TLS protocols |
| CVE-2023-4329 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable due to insecure default of HTTP configuration that does not safeguard SESSIONID cookie with SameSite attribute |
| CVE-2023-4328 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux |
| CVE-2023-4327 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable to exposure of sensitive data and the keys used for encryption are accessible to any local user on Linux |
| CVE-2023-4326 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable has an insecure default TLS configuration that supports obsolete SHA1-based ciphersuites |
| CVE-2023-4325 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities |
| CVE-2023-4324 | 2023-08-15 | Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers |