Improper Input Validation
CWE-20

CVE IDCVSSVendorExploitPatchTrends
CVE-2023-45745Improper input validation in some Intel(R) TDX module software before version 1.5.05.46.698 may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS 7.9Extremenetworks

-

-

Trending graph for this CVE
CVE-2023-45648Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomcat to treat a single request as multiple requests leading to the possibility of request smuggling when behind a reverse proxy. Users are recommended to upgrade to version 11.0.0-M12 onwards, 10.1.14 onwards, 9.0.81 onwards or 8.5.94 onwards, which fix the issue.
CVSS 5.3Apache, et al

-

Patched

Trending graph for this CVE
CVE-2023-4553Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. AppBuilder configuration files are viewable by unauthenticated users. This issue affects AppBuilder: from 21.2 before 23.2.
CVSS 5.3Opentext

-

-

Trending graph for this CVE
CVE-2023-4552Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An authenticated AppBuilder user with the ability to create or manage existing databases can leverage them to exploit the AppBuilder server - including access to its local file system. This issue affects AppBuilder: from 21.2 before 23.2.
CVSS 7.1Opentext

-

-

Trending graph for this CVE
CVE-2023-4551Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating system commands into the executing process. This issue affects AppBuilder: from 21.2 before 23.2.
CVSS 8.8Opentext

-

-

Trending graph for this CVE
CVE-2023-4550Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. This issue affects AppBuilder: from 21.2 before 23.2.
CVSS 7.5Opentext

-

-

Trending graph for this CVE
CVE-2023-45193IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 268759.
CVSS 7.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-4518A vulnerability exists in the input validation of the GOOSE messages where out of range values received and processed by the IED caused a reboot of the device. In order for an attacker to exploit the vulnerability, goose receiving blocks need to be configured. 
CVSS 7.5Hitachienergy

-

Patched

Trending graph for this CVE
CVE-2023-45178IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 CLI is vulnerable to a denial of service when a specially crafted request is used. IBM X-Force ID: 268073.
CVSS 6.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-45177IBM MQ 9.0 LTS, 9.1 LTS, 9.2 LTS, 9.3 LTS and 9.3 CD is vulnerable to a denial-of-service attack due to an error within the MQ clustering logic. IBM X-Force ID: 268066.
CVSS 5.3Ibm

-

-

Trending graph for this CVE
CVE-2023-45175IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 267973.
CVSS 5.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-45173IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the NFS kernel extension to cause a denial of service. IBM X-Force ID: 267971.
CVSS 5.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-45172IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in AIX windows to cause a denial of service. IBM X-Force ID: 267970.
CVSS 6.2Ibm

-

Patched

Trending graph for this CVE
CVE-2023-45171IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the kernel to cause a denial of service. IBM X-Force ID: 267969.
CVSS 5.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-45169IBM AIX 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the pmsvcs kernel extension to cause a denial of service. IBM X-Force ID: 267967.
CVSS 5.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-45167IBM AIX's 7.3 Python implementation could allow a non-privileged local user to exploit a vulnerability to cause a denial of service. IBM X-Force ID: 267965.
CVSS 5.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-45165IBM AIX 7.2 and 7.3 could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 267963.
CVSS 6.2Ibm

-

Patched

Trending graph for this CVE
CVE-2023-45163 The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients. To remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-CommandLinePing instruction to v18.1 by uploading it through the 1E Platform instruction upload UI
CVSS 7.21e

-

Patched

Trending graph for this CVE
CVE-2023-45161The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the URL parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on Windows clients. To remediate this issue download the updated Network product pack from the 1E Exchange and update the 1E-Exchange-URLResponseTime instruction to v20.1 by uploading it through the 1E Platform instruction upload UI
CVSS 7.21e

-

Patched

Trending graph for this CVE
CVE-2023-45128Fiber is an express inspired web framework written in Go. A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the application, which allows an attacker to inject arbitrary values and forge malicious requests on behalf of a user. This vulnerability can allow an attacker to inject arbitrary values without any authentication, or perform various malicious actions on behalf of an authenticated user, potentially compromising the security and integrity of the application. The vulnerability is caused by improper validation and enforcement of CSRF tokens within the application. This issue has been addressed in version 2.50.0 and users are advised to upgrade. Users should take additional security measures like captchas or Two-Factor Authentication (2FA) and set Session cookies with SameSite=Lax or SameSite=Secure, and the Secure and HttpOnly attributes as defense in depth measures. There are no known workarounds for this vulnerability.
CVSS 9.8Gofiber

-

Patched

Trending graph for this CVE
CVE-2023-4481An Improper Input Validation vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial of Service (DoS). When certain specific crafted BGP UPDATE messages are received over an established BGP session, one BGP session may be torn down with an UPDATE message error, or the issue may propagate beyond the local system which will remain non-impacted, but may affect one or more remote systems. This issue is exploitable remotely as the crafted UPDATE message can propagate through unaffected systems and intermediate BGP speakers. Continuous receipt of the crafted BGP UPDATE messages will create a sustained Denial of Service (DoS) condition for impacted devices. This issue affects eBGP and iBGP, in both IPv4 and IPv6 implementations. This issue requires a remote attacker to have at least one established BGP session. Improper Input Validation, Denial of Service vulnerability in Juniper Networks, Inc. Junos OS (BGP, rpd modules), Juniper Networks, Inc. Junos OS Evolved (BGP, rpd modules) allows Fuzzing.This issue affects  Junos OS:  * All versions before 20.4R3-S10, * from 21.1R1 through 21.*, * from 21.2 before 21.2R3-S5, * from 21.3 before 21.3R3-S5, * from 21.4 before 21.4R3-S7 (unaffected from 21.4R3-S5, affected from 21.4R3-S6) * from 22.1 before 22.1R3-S4, * from 22.2 before 22.2R3-S3, * from 22.3 before 22.3R3-S1, * from 22.4 before 22.4R3, * from 23.2 before 23.2R2. Junos OS Evolved: * All versions before 20.4R3-S10-EVO, * from 21.2-EVO before 21.2R3-S7-EVO, * from 21.3-EVO before 21.3R3-S5-EVO, * from 21.4-EVO before 21.4R3-S5-EVO, * from 22.1-EVO before 22.1R3-S4-EVO, * from 22.2-EVO before 22.2R3-S3-EVO, * from 22.3-EVO before 22.3R3-S1-EVO, * from 22.4-EVO before 22.4R3-EVO, * from 23.2-EVO before 23.2R2-EVO.
CVSS 7.5Juniper

-

Patched

Trending graph for this CVE
CVE-2023-4435Improper Input Validation in GitHub repository hamza417/inure prior to build88.
CVSS 5.5Hamza417

Exploit

Patched

Trending graph for this CVE
CVE-2023-44345Adobe InDesign versions ID18.5 (and earlier) and ID17.4.2 (and earlier) are affected by a Improper Input Validation vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVSS 5.5Adobe

-

-

Trending graph for this CVE
CVE-2023-44204 An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon (rpd) Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network based attacker to cause a Denial of Service (DoS). When a malformed BGP UPDATE packet is received over an established BGP session, the rpd crashes and restarts. This issue affects both eBGP and iBGP implementations. This issue affects: Juniper Networks Junos OS * 21.4 versions prior to 21.4R3-S4; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1, 23.2R2; Juniper Networks Junos OS Evolved * 21.4 versions prior to 21.4R3-S5-EVO; * 22.1 versions prior to 22.1R3-S3-EVO; * 22.2 versions prior to 22.2R3-S3-EVO; * 22.3 versions prior to 22.3R2-S2-EVO; * 22.4 versions prior to 22.4R3-EVO; * 23.2 versions prior to 23.2R2-EVO;
CVSS 6.5Juniper

-

Patched

Trending graph for this CVE
CVE-2023-44110Out-of-bounds access vulnerability in the audio module.Successful exploitation of this vulnerability may affect availability.
CVSS 4.3Huawei

-

Patched

Trending graph for this CVE
CVE-2023-43799Altair is a GraphQL Client. Prior to version 5.2.5, the Altair GraphQL Client Desktop Application does not sanitize external URLs before passing them to the underlying system. Moreover, Altair GraphQL Client also does not isolate the context of the renderer process. This affects versions of the software running on MacOS, Windows, and Linux. Version 5.2.5 fixes this issue.
CVSS 7.8

-

Patched

Trending graph for this CVE
CVE-2023-43745Improper input validation in some Intel(R) CBI software before version 1.1.0 may allow an authenticated user to potentially enable denial of service via local access.
CVSS 2.8

-

-

Trending graph for this CVE
CVE-2023-4357Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVSS 8.8Fedoraproject, et al

Exploit

Patched

Trending graph for this CVE
CVE-2023-4316Zod in version 3.22.2 allows an attacker to perform a denial of service while validating emails
CVSS 7.5Zod

Exploit

Patched

Trending graph for this CVE
CVE-2023-43073 Dell SmartFabric Storage Software v1.4 (and earlier) contains an Improper Input Validation vulnerability in RADIUS configuration. An authenticated remote attacker could potentially exploit this vulnerability, leading to gaining unauthorized access to data.
CVSS 6.5Dell

-

Patched

Trending graph for this CVE
CVE-2023-42916An out-of-bounds read was addressed with improved input validation.Processing web content may disclose sensitive information. Apple is aware of a report that this issue may have been exploited against versions of iOS before iOS 16.7.1.
CVSS MEDIUMApple, et al

Exploit

Patched

Trending graph for this CVE
CVE-2023-42890The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, watchOS 10.2, iOS 17.2 and iPadOS 17.2, tvOS 17.2. Processing web content may lead to arbitrary code execution.
CVSS 8.8Apple

-

Patched

Trending graph for this CVE
CVE-2023-42883The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Sonoma 14.2, iOS 17.2 and iPadOS 17.2, watchOS 10.2, tvOS 17.2, iOS 16.7.3 and iPadOS 16.7.3. Processing an image may lead to a denial-of-service.
CVSS MEDIUMApple, et al

-

Patched

Trending graph for this CVE
CVE-2023-42805quinn-proto is a state machine for the QUIC transport protocol. Prior to versions 0.9.5 and 0.10.5, receiving unknown QUIC frames in a QUIC packet could result in a panic. The problem has been fixed in 0.9.5 and 0.10.5 maintenance releases.
CVSS 7.5Quinn project

-

Patched

Trending graph for this CVE
CVE-2023-42802GLPI is a free asset and IT management software package. Starting in version 10.0.7 and prior to version 10.0.10, an unverified object instantiation allows one to upload malicious PHP files to unwanted directories. Depending on web server configuration and available system libraries, malicious PHP files can then be executed through a web server request. Version 10.0.10 fixes this issue. As a workaround, remove write access on `/ajax` and `/front` files to the web server.
CVSS 9.8Glpi-project

-

Patched

Trending graph for this CVE
CVE-2023-4280An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region.
CVSS 9.8Silabs

-

-

Trending graph for this CVE
CVE-2023-42798AutomataCI is a template git repository equipped with a native built-in semi-autonomous CI tools. An issue in versions 1.4.1 and below can let a release job reset the git root repository to the first commit. Version 1.5.0 has a patch for this issue. As a workaround, make sure the `PROJECT_PATH_RELEASE` (e.g. `releases/`) directory is manually and actually `git cloned` properly, making it a different git repostiory from the root git repository.
CVSS 9.1Hollowaykeanho

-

Patched

Trending graph for this CVE
CVE-2023-42776Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 may allow an authenticateed user to potentially enable information disclosure via local access.
CVSS 5.5Intel

-

Patched

Trending graph for this CVE
CVE-2023-42766Improper input validation in some Intel NUC 8 Compute Element BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
CVSS 7.8Intel

-

Patched

Trending graph for this CVE
CVE-2023-42661JFrog Artifactory prior to version 7.76.2 is vulnerable to Arbitrary File Write of untrusted data, which may lead to DoS or Remote Code Execution when a specially crafted series of requests is sent by an authenticated user. This is due to insufficient validation of artifacts.
CVSS 7.2Jfrog

-

-

Trending graph for this CVE
CVE-2023-42581This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S23 smartphones. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<br/>The specific flaw exists within the implementation of the samsungapps URI scheme. The issue results from a logical error when checking the safety of URIs. An attacker can leverage this vulnerability to execute code in the context of the current user.<br/> Samsung has issued an update to correct this vulnerability. More details can be found at: <br/><a href="https://security.samsungmobile.com/serviceWeb.smsb?year=2023&amp;month=12">https://security.samsungmobile.com/serviceWeb.smsb?year=2023&amp;month=12</a> <br/></td>
CVSS 7.5Samsung

Exploit

Patched

Trending graph for this CVE
CVE-2023-42527Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Release 1 allows local attackers to expose sensitive information.
CVSS 5.5Samsung

-

Patched

Trending graph for this CVE
CVE-2023-42508JFrog Artifactory prior to version 7.66.0 is vulnerable to specific endpoint abuse with a specially crafted payload, which can lead to unauthenticated users being able to send emails with manipulated email body.
CVSS 6.5Jfrog

-

Patched

Trending graph for this CVE
CVE-2023-42449Hydra is the two-layer scalability solution for Cardano. Prior to version 0.13.0, it is possible for a malicious head initializer to extract one or more PTs for the head they are initializing due to incorrect data validation logic in the head token minting policy which then results in an flawed check for burning the head ST in the `initial` validator. This is possible because it is not checked in `HeadTokens.hs` that the datums of the outputs at the `initial` validator are equal to the real head ID, and it is also not checked in the `off-chain code`. During the `Initial` state of the protocol, if the malicious initializer removes a PT from the Hydra scripts it becomes impossible for any other participant to reclaim any funds they have attempted to commit into the head, as to do so the Abort transaction must burn all the PTs for the head, but they cannot burn the PT which the attacker controls and so cannot satisfy this requirement. That means the initializer can lock the other participants committed funds forever or until they choose to return the PT (ransom). The malicious initializer can also use the PT to spoof that they have committed a particular TxO when progressing the head into the `Open` state. For example, they could say they committed a TxO residing at their address containing 100 ADA, but in fact this 100 ADA was not moved into the head, and thus in order for an other participant to perform the fanout they will be forced to pay the attacker the 100 ADA out of their own funds, as the fanout transaction must pay all the committed TxOs (even though the attacker did not really commit that TxO). They can do this by placing the PT in a UTxO with a well-formed `Commit` datum with whatever contents they like, then use this UTxO in the `collectCom` transaction. There may be other possible ways to abuse having control of a PT. Version 0.13.0 fixes this issue.
CVSS 8.1Iohk

Exploit

Patched

Trending graph for this CVE
CVE-2023-42448Hydra is the layer-two scalability solution for Cardano. Prior to version 0.13.0, the specification states that the contestation period in the datum of the UTxO at the head validator must stay unchanged as the state progresses from Open to Closed (Close transaction), but no such check appears to be performed in the `checkClose` function of the head validator. This would allow a malicious participant to modify the contestation deadline of the head to either allow them to fanout the head without giving another participant the chance to contest, or prevent any participant from ever redistributing the funds locked in the head via a fan-out. Version 0.13.0 contains a patch for this issue.
CVSS 8.1Iohk

-

Patched

Trending graph for this CVE
CVE-2023-42137PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow for command execution with high privileges by using malicious symlinks. The attacker must have shell access to the device in order to exploit this vulnerability.
CVSS 7.8Paxtechnology

Exploit

-

Trending graph for this CVE
CVE-2023-42136PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow the execution of arbitrary commands with system account privilege by shell injection starting with a specific word. The attacker must have shell access to the device in order to exploit this vulnerability.
CVSS 7.8Paxtechnology

Exploit

-

Trending graph for this CVE
CVE-2023-42135PAX A920Pro/A50 devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow local code execution via parameter injection by bypassing the input validation when flashing a specific partition. The attacker must have physical USB access to the device in order to exploit this vulnerability.
CVSS 6.8Paxtechnology

Exploit

-

Trending graph for this CVE
CVE-2023-42012An IBM UrbanCode Deploy Agent 7.2 through 7.2.3.7, and 7.3 through 7.3.2.2 installed as a Windows service in a non-standard location could be subject to a denial of service attack by local accounts. IBM X-Force ID: 265509.
CVSS 6.2Ibm

-

Patched

Trending graph for this CVE
CVE-2023-4197Improper input validation in Dolibarr ERP CRM <= v18.0.1 fails to strip certain PHP code from user-supplied input when creating a Website, allowing an attacker to inject and evaluate arbitrary PHP code.
CVSS 8.8Dolibarr

Exploit

Patched

Trending graph for this CVE
CVE-2023-41917Inadequate input validation exposes the system to potential remote code execution (RCE) risks. Attackers can exploit this vulnerability by appending shell commands to the Speed-Measurement feature, enabling unauthorized code execution.
CVSS 10

-

-

Trending graph for this CVE
CVE-2023-41782 There is a DLL hijacking vulnerability in ZTE ZXCLOUD iRAI, an attacker could place a fake DLL file in a specific directory and successfully exploit this vulnerability to execute malicious code.
CVSS 4.8Zte

-

Patched

Trending graph for this CVE
CVE-2023-41781 There is a Cross-site scripting (XSS)  vulnerability in ZTE MF258. Due to insufficient input validation of SMS interface parameter, an XSS attack will be triggered.
CVSS 6.1Zte

-

Patched

Trending graph for this CVE
CVE-2023-41748Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.
CVSS 9.8

-

Patched

Trending graph for this CVE
CVE-2023-41747Sensitive information disclosure due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.
CVSS 6.5Acronis

-

Patched

Trending graph for this CVE
CVE-2023-41746Remote command execution due to improper input validation. The following products are affected: Acronis Cloud Manager (Windows) before build 6.2.23089.203.
CVSS 9.8

-

Patched

Trending graph for this CVE
CVE-2023-4157CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') in GitHub repository omeka/omeka-s prior to version 4.0.3.
CVSS 4.8Omeka

Exploit

Patched

Trending graph for this CVE
CVE-2023-41355Chunghwa Telecom NOKIA G-040W-Q Firewall function has a vulnerability of input validation for ICMP redirect messages. An unauthenticated remote attacker can exploit this vulnerability by sending a crafted package to modify the network routing table, resulting in a denial of service or sensitive information leaking.
CVSS 9.8Nokia

-

-

Trending graph for this CVE
CVE-2023-41336ux-autocomplete is a JavaScript Autocomplete functionality for Symfony. Under certain circumstances, an attacker could successfully submit an entity id for an `EntityType` that is *not* part of the valid choices. The problem has been fixed in `symfony/ux-autocomplete` version 2.11.2.
CVSS MEDIUM

-

Patched

Trending graph for this CVE
CVE-2023-41316Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitation emails which appear as legitimate org invitations. Bad actors may direct users to malicious website or execute javascript in the context of the users browser. This vulnerability has been addressed in version 3.29.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS MEDIUM

-

-

Trending graph for this CVE
CVE-2023-41268Improper input validation vulnerability in Samsung Open Source Escargot allows stack overflow and segmentation fault. This issue affects Escargot: from 3.0.0 through 4.0.0.
CVSS 4Samsung

-

Patched

Trending graph for this CVE
CVE-2023-41266A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous session. This allows them to transmit HTTP requests to unauthorized endpoints. This is fixed in August 2023 IR, May 2023 Patch 4, February 2023 Patch 8, November 2022 Patch 11, and August 2022 Patch 13.
CVSS 6.5Qlik

Exploit

Patched

Trending graph for this CVE
CVE-2023-41061A validation issue was addressed with improved logic. This issue is fixed in watchOS 9.6.2, iOS 16.6.1 and iPadOS 16.6.1. A maliciously crafted attachment may result in arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.
CVSS 7.8Apple

Exploit

Patched

Trending graph for this CVE
CVE-2023-40801The sub_451784 function does not validate the parameters entered by the user, resulting in a stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn
CVSS 8.8

Exploit

-

Trending graph for this CVE
CVE-2023-40800The compare_parentcontrol_time function does not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability in Tenda AC23 v16.03.07.45_cn.
CVSS 8.8

Exploit

-

Trending graph for this CVE
CVE-2023-40798In Tenda AC23 v16.03.07.45_cn, the formSetIPv6status and formGetWanParameter functions do not authenticate user input parameters, resulting in a post-authentication stack overflow vulnerability.
CVSS 8.8

Exploit

-

Trending graph for this CVE
CVE-2023-40797In Tenda AC23 v16.03.07.45_cn, the sub_4781A4 function does not validate the parameters entered by the user, resulting in a post-authentication stack overflow vulnerability.
CVSS 8.8

Exploit

-

Trending graph for this CVE
CVE-2023-40743** UNSUPPPORTED WHEN ASSIGNED ** ** UNSUPPORTED WHEN ASSIGNED ** When integrating Apache Axis 1.x in an application, it may not have been obvious that looking up a service through "ServiceFactory.getService" allows potentially dangerous lookup mechanisms such as LDAP. When passing untrusted input to this API method, this could expose the application to DoS, SSRF and even attacks leading to RCE. As Axis 1 has been EOL we recommend you migrate to a different SOAP engine, such as Apache Axis 2/Java. As a workaround, you may review your code to verify no untrusted or unsanitized input is passed to "ServiceFactory.getService", or by applying the patch from https://github.com/apache/axis-axis1-java/commit/7e66753427466590d6def0125e448d2791723210 . The Apache Axis project does not expect to create an Axis 1.x release fixing this problem, though contributors that would like to work towards this are welcome.
CVSS 9.8Apache

-

Patched

Trending graph for this CVE
CVE-2023-40699 IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.
CVSS 7.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-40687IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809.
CVSS 5.3Ibm

-

Patched

Trending graph for this CVE
CVE-2023-40515LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the joinAddUser method. The issue results from improper input validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20048.
CVSS Low

-

-

Trending graph for this CVE
CVE-2023-4046In some circumstances, a stale value could have been used for a global variable in WASM JIT analysis. This resulted in incorrect compilation and a potentially exploitable crash in the content process. This vulnerability affects Firefox < 116, Firefox ESR < 102.14, and Firefox ESR < 115.1.
CVSS 5.3Debian, et al

-

Patched

Trending graph for this CVE
CVE-2023-4043In Eclipse Parsson before versions 1.1.4 and 1.0.5, Parsing JSON from untrusted sources can lead malicious actors to exploit the fact that the built-in support for parsing numbers with large scale in Java has a number of edge cases where the input text of a number can lead to much larger processing time than one would expect. To mitigate the risk, parsson put in place a size limit for the numbers as well as their scale.
CVSS HIGHOracle, et al

Exploit

Patched

Trending graph for this CVE
CVE-2023-40374IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted query statement. IBM X-Force ID: 263575.
CVSS 7.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-40373IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to denial of service with a specially crafted query containing common table expressions. IBM X-Force ID: 263574.
CVSS 7.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-40372IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 is vulnerable to denial of service with a specially crafted SQL statement using External Tables. IBM X-Force ID: 263499.
CVSS 7.5Ibm

-

Patched

Trending graph for this CVE
CVE-2023-40314 Cross-site scripting in bootstrap.jsp in multiple versions of OpenNMS Meridian and Horizon allows an attacker access to confidential session information. The solution is to upgrade to Horizon 32.0.5 or newer and Meridian 2023.1.9 or newer Meridian and Horizon installation instructions state that they are intended for installation within an organization's private networks and should not be directly accessible from the Internet. OpenNMS thanks Moshe Apelbaum for reporting this issue.
CVSS 6.1Opennms

-

Patched

Trending graph for this CVE
CVE-2023-40272Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to read files on the Airflow server. It is recommended to upgrade to a version that is not affected.
CVSS 7.5Apache

-

Patched

Trending graph for this CVE
CVE-2023-40267GitPython before 3.1.32 does not block insecure non-multi options in clone and clone_from. NOTE: this issue exists because of an incomplete fix for CVE-2022-24439.
CVSS 9.8Gitpython project

-

Patched

Trending graph for this CVE
CVE-2023-40225HAProxy through 2.0.32, 2.1.x and 2.2.x through 2.2.30, 2.3.x and 2.4.x through 2.4.23, 2.5.x and 2.6.x before 2.6.15, 2.7.x before 2.7.10, and 2.8.x before 2.8.2 forwards empty Content-Length headers, violating RFC 9110 section 8.6. In uncommon cases, an HTTP/1 server behind HAProxy may interpret the payload as an extra request.
CVSS 7.2Haproxy

Exploit

Patched

Trending graph for this CVE
CVE-2023-4020An unvalidated input in a library function responsible for communicating between secure and non-secure memory in Silicon Labs TrustZone implementation allows reading/writing of memory in the secure region of memory from the non-secure region of memory.
CVSS 9.1Silabs

-

-

Trending graph for this CVE
CVE-2023-40165rubygems.org is the Ruby community's primary gem (library) hosting service. Insufficient input validation allowed malicious actors to replace any uploaded gem version that had a platform, version number, or gem name matching `/-\d/`, permanently replacing the legitimate upload in the canonical gem storage bucket, and triggering an immediate CDN purge so that the malicious gem would be served immediately. The maintainers have checked all gems matching the `/-\d/` pattern and can confirm that no unexpected `.gem`s were found. As a result, we believe this vulnerability was _not_ exploited. The easiest way to ensure that a user's applications were not exploited by this vulnerability is to check that all of your downloaded .gems have a checksum that matches the checksum recorded in the RubyGems.org database. RubyGems contributor Maciej Mensfeld wrote a tool to automatically check that all downloaded .gem files match the checksums recorded in the RubyGems.org database. You can use it by running: `bundle add bundler-integrity` followed by `bundle exec bundler-integrity`. Neither this tool nor anything else can prove you were not exploited, but the can assist your investigation by quickly comparing RubyGems API-provided checksums with the checksums of files on your disk. The issue has been patched with improved input validation and the changes are live. No action is required on the part of the user. Users are advised to validate their local gems.
CVSS 7.5Rubygems

-

Patched

Trending graph for this CVE
CVE-2023-40097[HIGH] The most severe vulnerability in this section could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVSS 7.8Google

-

Patched

Trending graph for this CVE
CVE-2023-40062SolarWinds Platform Incomplete List of Disallowed Inputs Remote Code Execution Vulnerability. If executed, this vulnerability would allow a low-privileged user to execute commands with SYSTEM privileges.
CVSS 8Solarwinds

-

Patched

Trending graph for this CVE
CVE-2023-40061 Insecure job execution mechanism vulnerability. This vulnerability can lead to other attacks as a result.
CVSS 7.1Solarwinds

-

Patched

Trending graph for this CVE
CVE-2023-40053A vulnerability has been identified within Serv-U 15.4 that allows an authenticated actor to insert content on the file share function feature of Serv-U, which could be used maliciously.
CVSS 4.6Solarwinds

-

Patched

Trending graph for this CVE
CVE-2023-40034Woodpecker is a community fork of the Drone CI system. In affected versions an attacker can post malformed webhook data witch lead to an update of the repository data that can e.g. allow the takeover of an repo. This is only critical if the CI is configured for public usage and connected to a forge witch is also in public usage. This issue has been addressed in version 1.0.2. Users are advised to upgrade. Users unable to upgrade should secure the CI system by making it inaccessible to untrusted entities, for example, by placing it behind a firewall.
CVSS 8.1Woodpecker-ci

-

Patched

Trending graph for this CVE
CVE-2023-39950efibootguard is a simple UEFI boot loader with support for safely switching between current and updated partition sets. Insufficient or missing validation and sanitization of input from untrustworthy bootloader environment files can cause crashes and probably also code injections into `bg_setenv`) or programs using `libebgenv`. This is triggered when the affected components try to modify a manipulated environment, in particular its user variables. Furthermore, `bg_printenv` may crash over invalid read accesses or report invalid results. Not affected by this issue is EFI Boot Guard's bootloader EFI binary. EFI Boot Guard release v0.15 contains required patches to sanitize and validate the bootloader environment prior to processing it in userspace. Its library and tools should be updated, so should programs statically linked against it. An update of the bootloader EFI executable is not required. The only way to prevent the issue with an unpatched EFI Boot Guard version is to avoid accesses to user variables, specifically modifications to them.
CVSS 5.2Siemens

-

-

Trending graph for this CVE
CVE-2023-39913Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. Users are recommended to upgrade to version 3.5.0, which fixes the issue. There are several locations in the code where serialized Java objects are deserialized without verifying the data. This affects in particular: * the deserialization of a Java-serialized CAS, but also other binary CAS formats that include TSI information using the CasIOUtils class; * the CAS Editor Eclipse plugin which uses the the CasIOUtils class to load data; * the deserialization of a Java-serialized CAS of the Vinci Analysis Engine service which can receive using Java-serialized CAS objects over network connections; * the CasAnnotationViewerApplet and the CasTreeViewerApplet; * the checkpointing feature of the CPE module. Note that the UIMA framework by default does not start any remotely accessible services (i.e. Vinci) that would be vulnerable to this issue. A user or developer would need to make an active choice to start such a service. However, users or developers may use the CasIOUtils in their own applications and services to parse serialized CAS data. They are affected by this issue unless they ensure that the data passed to CasIOUtils is not a serialized Java object. When using Vinci or using CasIOUtils in own services/applications, the unrestricted deserialization of Java-serialized CAS files may allow arbitrary (remote) code execution. As a remedy, it is possible to set up a global or context-specific ObjectInputFilter (cf. https://openjdk.org/jeps/290  and  https://openjdk.org/jeps/415 ) if running UIMA on a Java version that supports it. Note that Java 1.8 does not support the ObjectInputFilter, so there is no remedy when running on this out-of-support platform. An upgrade to a recent Java version is strongly recommended if you need to secure an UIMA version that is affected by this issue. To mitigate the issue on a Java 9+ platform, you can configure a filter pattern through the "jdk.serialFilter" system property using a semicolon as a separator: To allow deserializing Java-serialized binary CASes, add the classes: * org.apache.uima.cas.impl.CASCompleteSerializer * org.apache.uima.cas.impl.CASMgrSerializer * org.apache.uima.cas.impl.CASSerializer * java.lang.String To allow deserializing CPE Checkpoint data, add the following classes (and any custom classes your application uses to store its checkpoints): * org.apache.uima.collection.impl.cpm.CheckpointData * org.apache.uima.util.ProcessTrace * org.apache.uima.util.impl.ProcessTrace_impl * org.apache.uima.collection.base_cpm.SynchPoint Make sure to use "!*" as the final component to the filter pattern to disallow deserialization of any classes not listed in the pattern. Apache UIMA 3.5.0 uses tightly scoped ObjectInputFilters when reading Java-serialized data depending on the type of data being expected. Configuring a global filter is not necessary with this version.
CVSS 8.8Apache

-

Patched

Trending graph for this CVE
CVE-2023-39553Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Drill Provider. Apache Airflow Drill Provider is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection with DrillHook giving an opportunity to read files on the Airflow server. This issue affects Apache Airflow Drill Provider: before 2.4.3. It is recommended to upgrade to a version that is not affected.
CVSS 7.5Apache

-

Patched

Trending graph for this CVE
CVE-2023-3955A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes.
CVSS 8.8Kubernetes

Exploit

Patched

Trending graph for this CVE
CVE-2023-39539 AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a PNG Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability. 
CVSS 7.5Ami

Exploit

Patched

Trending graph for this CVE
CVE-2023-39538 AMI AptioV contains a vulnerability in BIOS where a User may cause an unrestricted upload of a BMP Logo file with dangerous type by Local access. A successful exploit of this vulnerability may lead to a loss of Confidentiality, Integrity, and/or Availability. 
CVSS 7.5Ami

-

Patched

Trending graph for this CVE
CVE-2023-39537AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.
CVSS 7.8Ami

-

Patched

Trending graph for this CVE
CVE-2023-39536AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.
CVSS 7.8Ami

-

Patched

Trending graph for this CVE
CVE-2023-39535AMI AptioV contains a vulnerability in BIOS where an Attacker may use an improper input validation via the local network. A successful exploit of this vulnerability may lead to a loss of confidentiality, integrity and availability.
CVSS 7.8Ami

-

Patched

Trending graph for this CVE
CVE-2023-39532SES is a JavaScript environment that allows safe execution of arbitrary programs in Compartments. In version 0.18.0 prior to 0.18.7, 0.17.0 prior to 0.17.1, 0.16.0 prior to 0.16.1, 0.15.0 prior to 0.15.24, 0.14.0 prior to 0.14.5, an 0.13.0 prior to 0.13.5, there is a hole in the confinement of guest applications under SES that may manifest as either the ability to exfiltrate information or execute arbitrary code depending on the configuration and implementation of the surrounding host. Guest program running inside a Compartment with as few as no endowments can gain access to the surrounding host’s dynamic import by using dynamic import after the spread operator, like `{...import(arbitraryModuleSpecifier)}`. On the web or in web extensions, a Content-Security-Policy following ordinary best practices likely mitigates both the risk of exfiltration and execution of arbitrary code, at least limiting the modules that the attacker can import to those that are already part of the application. However, without a Content-Security-Policy, dynamic import can be used to issue HTTP requests for either communication through the URL or for the execution of code reachable from that origin. Within an XS worker, an attacker can use the host’s module system to the extent that the host has been configured. This typically only allows access to module code on the host’s file system and is of limited use to an attacker. Within Node.js, the attacker gains access to Node.js’s module system. Importing the powerful builtins is not useful except insofar as there are side-effects and tempered because dynamic import returns a promise. Spreading a promise into an object renders the promises useless. However, Node.js allows importing data URLs, so this is a clear path to arbitrary execution. Versions 0.18.7, 0.17.1, 0.16.1, 0.15.24, 0.14.5, and 0.13.5 contain a patch for this issue. Some workarounds are available. On the web, providing a suitably constrained Content-Security-Policy mitigates most of the threat. With XS, building a binary that lacks the ability to load modules at runtime mitigates the entirety of the threat. That will look like an implementation of `fxFindModule` in a file like `xsPlatform.c` that calls `fxRejectModuleFile`.
CVSS 9.8Agoric

Exploit

Patched

Trending graph for this CVE
CVE-2023-39530PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete files from the server via the CustomerMessage API. Version 8.1.1 contains a patch for this issue. There are no known workarounds.
CVSS 9.1Prestashop

-

Patched

Trending graph for this CVE
CVE-2023-39529PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete a file from the server by using the Attachments controller and the Attachments API. Version 8.1.1 contains a patch for this issue. There are no known workarounds.
CVSS 9.1Prestashop

-

Patched

Trending graph for this CVE
CVE-2023-39509A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user with administrative rights to run arbitrary commands on the OS of the camera.
CVSS 7.2Bosch

-

Patched

Trending graph for this CVE