CVE ID | CVSS | Vendor | Exploit | Patch | Trends |
---|---|---|---|---|---|
CVE-2023-39456Improper Input Validation vulnerability in Apache Traffic Server with malformed HTTP/2 frames.This issue affects Apache Traffic Server: from 9.0.0 through 9.2.2.
Users are recommended to upgrade to version 9.2.3, which fixes the issue.
| CVSS 7.5 | Apache, et al | - | Patched | |
CVE-2023-39411Improper input validationation for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. | CVSS 4.4 | - | Patched | ||
CVE-2023-39410When deserializing untrusted or corrupted data, it is possible for a reader to consume memory beyond the allowed constraints and thus lead to out of memory on the system.
This issue affects Java applications using Apache Avro Java SDK up to and including 1.11.2. Users should update to apache-avro version 1.11.3 which addresses this issue.
| CVSS MEDIUM | Apache | - | Patched | |
CVE-2023-39390Vulnerability of input parameter verification in certain APIs in the window management module. Successful exploitation of this vulnerability may cause the device to restart. | CVSS 7.5 | Huawei | - | Patched | |
CVE-2023-39389Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability. | CVSS 7.5 | Huawei | - | Patched | |
CVE-2023-39388Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause home screen unavailability. | CVSS 7.5 | Huawei | - | Patched | |
CVE-2023-39386Vulnerability of input parameters being not strictly verified in the PMS module. Successful exploitation of this vulnerability may cause newly installed apps to fail to restart. | CVSS 7.5 | Huawei | - | Patched | |
CVE-2023-39382 Input verification vulnerability in the audio module. Successful exploitation of this vulnerability may cause virtual machines (VMs) to restart. | CVSS 7.5 | Huawei | - | Patched | |
CVE-2023-39381 Input verification vulnerability in the storage module. Successful exploitation of this vulnerability may cause the device to restart. | CVSS 7.5 | Huawei | - | Patched | |
CVE-2023-39357Cacti is an open source operational monitoring and fault management framework. A defect in the sql_save function was discovered. When the column type is numeric, the sql_save function directly utilizes user input. Many files and functions calling the sql_save function do not perform prior validation of user input, leading to the existence of multiple SQL injection vulnerabilities in Cacti. This allows authenticated users to exploit these SQL injection vulnerabilities to perform privilege escalation and remote code execution. This issue has been addressed in version 1.2.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS 8.8 | Fedoraproject, et al | Exploit | Patched | |
CVE-2023-39265Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using database imports. This could allow for unexpected file creation on Superset webservers. Additionally, if Apache Superset is using a SQLite database for its metadata (not advised for production use) it could result in more severe vulnerabilities related to confidentiality and integrity. This vulnerability exists in Apache Superset versions up to and including 2.1.0. | CVSS 6.5 | Apache | Exploit | Patched | |
CVE-2023-39251
Dell BIOS contains an Improper Input Validation vulnerability. A local malicious user with high privileges could potentially exploit this vulnerability in order to corrupt memory on the system.
| CVSS 6.7 | Dell | - | Patched | |
CVE-2023-39209
Improper input validation in Zoom Desktop Client for Windows before 5.15.5 may allow an authenticated user to enable an information disclosure via network access.
| CVSS 6.5 | Zoom | - | Patched | |
CVE-2023-39208Improper input validation in Zoom Desktop Client for Linux before version 5.15.10 may allow an unauthenticated user to conduct a denial of service via network access. | CVSS 7.5 | Zoom | - | Patched | |
CVE-2023-39191An improper input validation flaw was found in the eBPF subsystem in the Linux kernel. The issue occurs due to a lack of proper validation of dynamic pointers within user-supplied eBPF programs prior to executing them. This may allow an attacker with CAP_BPF privileges to escalate privileges and execute arbitrary code in the context of the kernel. | CVSS 8.2 | Fedoraproject, et al | Exploit | Patched | |
CVE-2023-39137An issue in Archive v3.3.7 allows attackers to spoof zip filenames which can lead to inconsistent filename parsing. | CVSS 7.8 | Archive project | Exploit | Patched | |
CVE-2023-3894Those using jackson-dataformats-text to parse TOML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
| CVSS 7.5 | Fasterxml | - | Patched | |
CVE-2023-3893A security issue was discovered in Kubernetes where a user that can
create pods on Windows nodes running kubernetes-csi-proxy may be able to
escalate to admin privileges on those nodes. Kubernetes clusters are
only affected if they include Windows nodes running
kubernetes-csi-proxy.
| CVSS 8.8 | Kubernetes | - | Patched | |
CVE-2023-38802FRRouting FRR 7.5.1 through 9.0 and Pica8 PICOS 4.3.3.2 allow a remote attacker to cause a denial of service via a crafted BGP update with a corrupted attribute 23 (Tunnel Encapsulation). | CVSS 7.5 | Fedoraproject, et al | Exploit | Patched | |
CVE-2023-38745Pandoc before 3.1.6 allows arbitrary file write: this can be triggered by providing a crafted image element in the input when generating files via the --extract-media option or outputting to PDF format. This allows an attacker to create or overwrite arbitrary files, depending on the privileges of the process running Pandoc. It only affects systems that pass untrusted user input to Pandoc and allow Pandoc to be used to produce a PDF or with the --extract-media option. NOTE: this issue exists because of an incomplete fix for CVE-2023-35936 (failure to properly account for double encoded path names). | CVSS 6.3 | Pandoc, et al | - | Patched | |
CVE-2023-38740IBM Db2 for Linux, UNIX, and Windows (includes Db2 Connect Server) 11.5 is vulnerable to a denial of service with a specially crafted SQL statement. IBM X-Force ID: 262613. | CVSS 7.5 | Ibm | - | Patched | |
CVE-2023-38728IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted XML query statement. IBM X-Force ID: 262258. | CVSS 7.5 | Ibm | - | Patched | |
CVE-2023-38727IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257. | CVSS 5.3 | Ibm | - | Patched | |
CVE-2023-38720IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 and 11.5 is vulnerable to denial of service with a specially crafted ALTER TABLE statement. IBM X-Force ID: 261616. | CVSS 7.5 | Ibm | - | Patched | |
CVE-2023-38719IBM Db2 11.5 could allow a local user with special privileges to cause a denial of service during database deactivation on DPF. IBM X-Force ID: 261607. | CVSS 4.4 | Ibm | - | Patched | |
CVE-2023-38709Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses.
This issue affects Apache HTTP Server: through 2.4.58.
| CVSS 7.3 | Apache | Exploit | Patched | |
CVE-2023-38704import-in-the-middle is a module loading interceptor specifically for ESM modules. The import-in-the-middle loader works by generating a wrapper module on the fly. The wrapper uses the module specifier to load the original module and add some wrapping code. Prior to version 1.4.2, it allows for remote code execution in cases where an application passes user-supplied input directly to the `import()` function. This vulnerability has been patched in import-in-the-middle version 1.4.2.
Some workarounds are available. Do not pass any user-supplied input to `import()`. Instead, verify it against a set of allowed values. If using import-in-the-middle, directly or indirectly, and support for EcmaScript Modules is not needed, ensure that no options are set, either via command-line or the `NODE_OPTIONS` environment variable, that would enable loader hooks. | CVSS 9.8 | Datadoghq | - | Patched | |
CVE-2023-38701Hydra is the layer-two scalability solution for Cardano. Users of the Hydra head protocol send the UTxOs they wish to commit into the Hydra head first to the `commit` validator, where they remain until they are either collected into the `head` validator or the protocol initialisation is aborted and the value in the committed UTxOs is returned to the users who committed them. Prior to version 0.12.0, the `commit` validator contains a flawed check when the `ViaAbort` redeemer is used, which allows any user to spend any UTxO which is at the validator arbitrarily, meaning an attacker can steal the funds that users are trying to commit into the head validator. The intended behavior is that the funds must be returned to the user which committed the funds and can only be performed by a participant of the head. The `initial` validator also is similarly affected as the same flawed check is performed for the `ViaAbort` redeemer. Due to this issue, an attacker can steal any funds that user's try to commit into a Hydra head. Also, an attacker can prevent any Hydra head from being successfully opened. It does not allow an attacker to take funds which have been successfully collected into and currently reside in the `head` validator. Version 0.12.0 contains a fix for this issue. | CVSS 9.1 | Iohk | Exploit | - | |
CVE-2023-38690matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it is possible to craft a command with newlines which would not be properly parsed. This would mean you could pass a string of commands as a channel name, which would then be run by the IRC bridge bot. Versions 1.0.1 and above are patched. There are no robust workarounds to the bug. One may disable dynamic channels in the config to disable the most common execution method but others may exist. | CVSS 9.8 | Matrix | - | Patched | |
CVE-2023-38654Improper input validation for some some Intel(R) PROSet/Wireless WiFi software for Windows before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | CVSS 8.2 | Intel | - | - | |
CVE-2023-38587Improper input validation in some Intel NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | CVSS 7.8 | Intel | - | Patched | |
CVE-2023-38522Apache Traffic Server accepts characters that are not allowed for HTTP field names and forwards malformed requests to origin servers. This can be utilized for request smuggling and may also lead cache poisoning if the origin servers are vulnerable.
This issue affects Apache Traffic Server: from 8.0.0 through 8.1.10, from 9.0.0 through 9.2.4.
Users are recommended to upgrade to version 8.1.11 or 9.2.5, which fixes the issue. | CVSS 7.5 | Apache | - | Patched | |
CVE-2023-38502TDengine is an open source, time-series database optimized for Internet of Things devices. Prior to version 3.0.7.1, TDengine DataBase crashes on UDF nested query. This issue affects TDengine Databases which let users connect and run arbitrary queries. Version 3.0.7.1 has a patch for this issue. | CVSS HIGH | - | - | ||
CVE-2023-38495Crossplane is a framework for building cloud native control planes without needing to write code. In versions prior to 1.11.5, 1.12.3, and 1.13.0, Crossplane's image backend does not validate the byte contents of Crossplane packages. As such, Crossplane does not detect if an attacker has tampered with a Package. The problem has been fixed in 1.11.5, 1.12.3 and 1.13.0. As a workaround, only use images from trusted sources and keep Package editing/creating privileges to administrators only. | CVSS 9.8 | Cncf | Exploit | Patched | |
CVE-2023-38417Improper input validation for some Intel(R) PROSet/Wireless WiFi software before version 23.20 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | CVSS 4.3 | Intel | - | - | |
CVE-2023-38293Certain software builds for the Nokia C200 and Nokia C100 Android devices contain a vulnerable, pre-installed app with a package name of com.tracfone.tfstatus (versionCode='31', versionName='12') that allows local third-party apps to execute arbitrary AT commands in its context (radio user) via AT command injection due to inadequate access control and inadequate input filtering. No permissions or special privileges are necessary to exploit the vulnerability in the com.tracfone.tfstatus app. No user interaction is required beyond installing and running a third-party app. The software build fingerprints for each confirmed vulnerable device are as follows: Nokia C200 (Nokia/Drake_02US/DRK:12/SP1A.210812.016/02US_1_080:user/release-keys and Nokia/Drake_02US/DRK:12/SP1A.210812.016/02US_1_040:user/release-keys) and Nokia C100 (Nokia/DrakeLite_02US/DKT:12/SP1A.210812.016/02US_1_270:user/release-keys, Nokia/DrakeLite_02US/DKT:12/SP1A.210812.016/02US_1_190:user/release-keys, Nokia/DrakeLite_02US/DKT:12/SP1A.210812.016/02US_1_130:user/release-keys, Nokia/DrakeLite_02US/DKT:12/SP1A.210812.016/02US_1_110:user/release-keys, Nokia/DrakeLite_02US/DKT:12/SP1A.210812.016/02US_1_080:user/release-keys, and Nokia/DrakeLite_02US/DKT:12/SP1A.210812.016/02US_1_050:user/release-keys). This malicious app sends a broadcast Intent to the receiver component named com.tracfone.tfstatus/.TFStatus. This broadcast receiver extracts a string from the Intent and uses it as an extra when it starts the com.tracfone.tfstatus/.TFStatusActivity activity component which uses the externally controlled string as an input to execute an AT command. There are two different injection techniques to successfully inject arbitrary AT commands to execute. | CVSS 7.3 | Nokia | - | - | |
CVE-2023-38254Microsoft Message Queuing Denial of Service Vulnerability | CVSS 6.5 | Microsoft | - | Patched | |
CVE-2023-38245
Impact: Security feature bypass
Severity: Critical
Impact: Application denial-of-service
Severity: Important
Impact: Memory leak
Severity: Important
Impact: Arbitrary code execution
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Memory Leak
Severity: Critical
Impact: Memory Leak
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Memory Leak
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Arbitrary code execution
Severity: Critical
Impact: Memory Leak
Severity: Critical
Impact: Memory leak
Severity: Important
Impact: Memory leak
Severity: Important
Impact: Memory leak
Severity: Moderate
Impact: Memory leak
Severity: Important
Impact: Memory leak
Severity: Important
Impact: Memory leak
Severity: Important
Impact: Memory leak
Severity: Important
Impact: Memory leak
Severity: Important
Impact: Memory leak
Severity: Important
Impact: Arbitrary code execution
Severity: Important | CVSS 5.5 | - | Patched | ||
CVE-2023-38218Adobe Commerce versions 2.4.7-beta1 (and earlier), 2.4.6-p2 (and earlier), 2.4.5-p4 (and earlier) and 2.4.4-p5 (and earlier) are affected by an improper input validation vulnerability. An authenticated attacker can trigger an insecure direct object reference in the `V1/customers/me` endpoint to achieve information exposure and privilege escalation. | CVSS 8.8 | Adobe | - | Patched | |
CVE-2023-38156Azure HDInsight Apache Ambari Elevation of Privilege Vulnerability | CVSS 7.2 | Microsoft | - | Patched | |
CVE-2023-38131Improper input validationation for some Intel Unison software may allow an authenticated user to potentially enable denial of service via network access. | CVSS 6.5 | - | Patched | ||
CVE-2023-37948Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16 and earlier does not validate SSH host keys when connecting OCI clouds, enabling man-in-the-middle attacks. | CVSS 3.7 | Jenkins | - | Patched | |
CVE-2023-37915OpenDDS is an open source C++ implementation of the Object Management Group (OMG) Data Distribution Service (DDS). OpenDDS crashes while parsing a malformed `PID_PROPERTY_LIST` in a DATA submessage during participant discovery. Attackers can remotely crash OpenDDS processes by sending a DATA submessage containing the malformed parameter to the known multicast port. This issue has been addressed in version 3.25. Users are advised to upgrade. There are no known workarounds for this vulnerability. | CVSS 7.5 | Objectcomputing | Exploit | Patched | |
CVE-2023-37833Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed by privileged users. | CVSS 2.7 | Exploit | - | ||
CVE-2023-3768Incorrect data input validation vulnerability, which could allow an attacker with access to the network to implement fuzzing techniques that would allow him to gain knowledge about specially crafted packets that would create a DoS condition through the MMS protocol when initiating communication, achieving a complete system reboot of the device and its services. | CVSS 7.5 | - | - | ||
CVE-2023-37581Insufficient input validation and sanitation in Weblog Category name, Website About and File Upload features in all versions of Apache Roller on all platforms allows an authenticated user to perform an XSS attack. Mitigation: if you do not have Roller configured for untrusted users, then you need to do nothing because you trust your users to author raw HTML and other web content. If you are running with untrusted users then you should upgrade to Roller 6.1.2 and you should disable Roller's File Upload feature.?
| CVSS 5.4 | Apache | - | Patched | |
CVE-2023-37559After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37558 | CVSS 6.5 | Codesys | - | - | |
CVE-2023-37558After successful authentication as a user in multiple Codesys products in multiple versions, specific crafted network communication requests with inconsistent content can cause the CmpAppForce component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37559 | CVSS 6.5 | Codesys | - | - | |
CVE-2023-37556In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37555.
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37555In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37554 and CVE-2023-37556.
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37554In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37553, CVE-2023-37555 and CVE-2023-37556.
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37553In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37552, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37552In multiple versions of multiple Codesys products, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpAppBP component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37553, CVE-2023-37554, CVE-2023-37555 and CVE-2023-37556.
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37550In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37549.
| CVSS 6.5 | - | - | ||
CVE-2023-37549In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37548 and CVE-2023-37550
| CVSS 6.5 | - | - | ||
CVE-2023-37548In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37547, CVE-2023-37549 and CVE-2023-37550
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37547In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37546, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37546In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37545, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549 and CVE-2023-37550
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37545In multiple Codesys products in multiple versions, after successful authentication as a user, specific crafted network communication requests with inconsistent content can cause the CmpApp component to read internally from an invalid address, potentially leading to a denial-of-service condition. This vulnerability is different to CVE-2023-37546, CVE-2023-37547, CVE-2023-37548, CVE-2023-37549, CVE-2023-37550
| CVSS 6.5 | Codesys | - | - | |
CVE-2023-37415Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Apache Hive Provider.
Patching on top of CVE-2023-35797
Before 6.1.2 the proxy_user option can also inject semicolon.
This issue affects Apache Airflow Apache Hive Provider: before 6.1.2.
It is recommended updating provider version to 6.1.2 in order to avoid this vulnerability.
| CVSS 8.8 | Apache | - | Patched | |
CVE-2023-37241Input verification vulnerability in the WMS API. Successful exploitation of this vulnerability may cause the device to restart. | CVSS 7.5 | Huawei | - | Patched | |
CVE-2023-3705The vulnerability exists in CP-Plus NVR due to an improper input handling at the web-based management interface of the affected product. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.
Successful exploitation of this vulnerability could allow the remote attacker to obtain sensitive information on the targeted device.
| CVSS 7.5 | Cpplusworld | - | Patched | |
CVE-2023-3704The vulnerability exists in CP-Plus DVR due to an improper input validation within the web-based management interface of the affected products. An unauthenticated remote attacker could exploit this vulnerability by sending specially crafted HTTP requests to the vulnerable device.
Successful exploitation of this vulnerability could allow the remote attacker to change system time of the targeted device.
| CVSS 5.3 | - | Patched | ||
CVE-2023-36912Microsoft Message Queuing Denial of Service Vulnerability | CVSS 7.5 | Microsoft | - | Patched | |
CVE-2023-36899ASP.NET Elevation of Privilege Vulnerability | CVSS 8.8 | Microsoft | Exploit | Patched | |
CVE-2023-36897Visual Studio Tools for Office Runtime Spoofing Vulnerability | CVSS 6.5 | Microsoft | - | Patched | |
CVE-2023-36893Microsoft Outlook Spoofing Vulnerability | CVSS 6.5 | Microsoft | - | Patched | |
CVE-2023-36873.NET Framework Spoofing Vulnerability | CVSS 5.9 | Microsoft | - | Patched | |
CVE-2023-36872VP9 Video Extensions Information Disclosure Vulnerability | CVSS 5.5 | Microsoft | - | Patched | |
CVE-2023-36860Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via network access. | CVSS 8.8 | - | Patched | ||
CVE-2023-36821Uptime Kuma, a self-hosted monitoring tool, allows an authenticated attacker to install a maliciously crafted plugin in versions prior to 1.22.1, which may lead to remote code execution. Uptime Kuma allows authenticated users to install plugins from an official list of plugins. This feature is currently disabled in the web interface, but the corresponding API endpoints are still available after login. After downloading a plugin, it's installed by calling `npm install` in the installation directory of the plugin. Because the plugin is not validated against the official list of plugins or installed with `npm install --ignore-scripts`, a maliciously crafted plugin taking advantage of npm scripts can gain remote code execution. Version 1.22.1 contains a patch for this issue. | CVSS 8.8 | Uptime-kuma project | Exploit | Patched | |
CVE-2023-36767Microsoft Office Security Feature Bypass Vulnerability | CVSS 4.3 | Microsoft | - | Patched | |
CVE-2023-36762Microsoft Word Remote Code Execution Vulnerability | CVSS 7.3 | Microsoft | - | Patched | |
CVE-2023-36761Microsoft Word Information Disclosure Vulnerability | CVSS 6.5 | Microsoft | Exploit | Patched | |
CVE-2023-3676A security issue was discovered in Kubernetes where a user
that can create pods on Windows nodes may be able to escalate to admin
privileges on those nodes. Kubernetes clusters are only affected if they
include Windows nodes.
| CVSS 8.8 | Kubernetes | Exploit | Patched | |
CVE-2023-36731Win32k Elevation of Privilege Vulnerability | CVSS 7.8 | Microsoft | - | Patched | |
CVE-2023-36719Microsoft Speech Application Programming Interface (SAPI) Elevation of Privilege Vulnerability | CVSS 7.8 | Microsoft | - | Patched | |
CVE-2023-36707Windows Deployment Services Denial of Service Vulnerability | CVSS 7.5 | Microsoft | - | Patched | |
CVE-2023-36706Windows Deployment Services Information Disclosure Vulnerability | CVSS 6.5 | Microsoft | - | Patched | |
CVE-2023-36697Microsoft Message Queuing Remote Code Execution Vulnerability | CVSS 8 | Microsoft | - | Patched | |
CVE-2023-36674An issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax. | CVSS 5.3 | Mediawiki | - | Patched | |
CVE-2023-36619Atos Unify OpenScape Session Border Controller through V10 R3.01.03 allows execution of administrative scripts by unauthenticated users. | CVSS 9.8 | Unify | Exploit | Patched | |
CVE-2023-36585Active Template Library Denial of Service Vulnerability | CVSS 7.5 | Microsoft | - | Patched | |
CVE-2023-36566Microsoft Common Data Model SDK Denial of Service Vulnerability | CVSS 6.5 | Microsoft | - | Patched | |
CVE-2023-36563Microsoft WordPad Information Disclosure Vulnerability | CVSS 5.5 | Microsoft | Exploit | Patched | |
CVE-2023-36543Apache Airflow, versions before 2.6.3, has a vulnerability where an authenticated user can use crafted input to make the current request hang. It is recommended to upgrade to a version that is not affected | CVSS 6.5 | Apache | - | Patched | |
CVE-2023-36505Improper Input Validation vulnerability in Saturday Drive Ninja Forms Contact Form.This issue affects Ninja Forms Contact Form : from n/a through 3.6.24.
| CVSS 6.8 | Ninjaforms | - | - | |
CVE-2023-36466Discourse is an open source discussion platform. When editing a topic, there is a vulnerability that enables a user to bypass the topic title validations for things like title length, number of emojis in title and blank topic titles. The issue is patched in the latest stable, beta and tests-passed version of Discourse.
| CVSS 4.3 | Discourse | - | Patched | |
CVE-2023-36462Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 2.6.0 and prior to versions 3.5.9, 4.0.5, and 4.1.3, an attacker can craft a verified profile link using specific formatting to conceal arbitrary parts of the link, enabling it to appear to link to a different URL altogether. The link is visually misleading, but clicking on it will reveal the actual link. This can still be used for phishing, though, similar to IDN homograph attacks. Versions 3.5.9, 4.0.5, and 4.1.3 contain a patch for this issue. | CVSS 5.4 | Joinmastodon | - | Patched | |
CVE-2023-36407Windows Hyper-V Elevation of Privilege Vulnerability | CVSS 7.8 | Microsoft | Exploit | Patched | |
CVE-2023-36406Windows Hyper-V Information Disclosure Vulnerability | CVSS 5.5 | Microsoft | - | Patched | |
CVE-2023-36049.NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability | CVSS 9.8 | Microsoft | - | Patched | |
CVE-2023-36021Microsoft On-Prem Data Gateway Security Feature Bypass Vulnerability | CVSS 8 | Microsoft | - | Patched | |
CVE-2023-35944Envoy is an open source edge and service proxy designed for cloud-native applications. Envoy allows mixed-case schemes in HTTP/2, however, some internal scheme checks are case-sensitive. Prior to versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, this can lead to the rejection of requests with mixed-case schemes such as `htTp` or `htTps`, or the bypassing of some requests such as `https` in unencrypted connections. With a fix in versions 1.27.0, 1.26.4, 1.25.9, 1.24.10, and 1.23.12, Envoy will now lowercase scheme values by default, and change the internal scheme checks that were case-sensitive to be case-insensitive. There are no known workarounds for this issue. | CVSS 5.3 | Envoyproxy | Exploit | Patched | |
CVE-2023-35936Pandoc is a Haskell library for converting from one markup format to another, and a command-line tool that uses this library. Starting in version 1.13 and prior to version 3.1.4, Pandoc is susceptible to an arbitrary file write vulnerability, which can be triggered by providing a specially crafted image element in the input when generating files using the `--extract-media` option or outputting to PDF format. This vulnerability allows an attacker to create or overwrite arbitrary files on the system ,depending on the privileges of the process running pandoc. It only affects systems that pass untrusted user input to pandoc and allow pandoc to be used to produce a PDF or with the `--extract-media` option.
The fix is to unescape the percent-encoding prior to checking that the resource is not above the working directory, and prior to extracting the extension. Some code for checking that the path is below the working directory was flawed in a similar way and has also been fixed. Note that the `--sandbox` option, which only affects IO done by readers and writers themselves, does not block this vulnerability. The vulnerability is patched in pandoc 3.1.4. As a workaround, audit the pandoc command and disallow PDF output and the `--extract-media` option.
| CVSS 5 | Pandoc, et al | Exploit | Patched | |
CVE-2023-35798Input Validation vulnerability in Apache Software Foundation Apache Airflow ODBC Provider, Apache Software Foundation Apache Airflow MSSQL Provider.This vulnerability is considered low since it requires DAG code to use `get_sqlalchemy_connection` and someone with access to connection resources specifically updating the connection to exploit it.
This issue affects Apache Airflow ODBC Provider: before 4.0.0; Apache Airflow MSSQL Provider: before 3.4.1.
It is recommended to upgrade to a version that is not affected
| CVSS 4.3 | Apache | - | Patched | |
CVE-2023-35797Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.
This issue affects Apache Airflow Apache Hive Provider: before 6.1.1.
Before version 6.1.1 it was possible to bypass the security check to RCE via
principal parameter. For this to be exploited it requires access to modifying the connection details.
It is recommended updating provider version to 6.1.1 in order to avoid this vulnerability.
| CVSS 9.8 | Apache | - | Patched | |
CVE-2023-3568Open Redirect in GitHub repository alextselegidis/easyappointments prior to 1.5.0.
| CVSS 4.8 | Fossbilling | Exploit | Patched | |
CVE-2023-35619Microsoft Outlook for Mac Spoofing Vulnerability | CVSS 5.3 | Microsoft | - | Patched | |
CVE-2023-35377Microsoft Message Queuing Denial of Service Vulnerability | CVSS 6.5 | Microsoft | - | Patched |