| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2023-42000 | Arcserve UDP Agent Unauthenticated Path Traversal File Upload | E | |
| CVE-2023-42004 | IBM Security Guardium CSV injection | | |
| CVE-2023-42005 | IBM Db2 on Cloud Pak for Data privilege escalation | | |
| CVE-2023-42006 | IBM i information disclosure | | |
| CVE-2023-42007 | IBM Sterling Control Center cross-site scripting | | |
| CVE-2023-42009 | IBM InfoSphere Information Server cross-site scripting | | |
| CVE-2023-42010 | IBM Sterling B2B Integrator Standard Edition information disclosure | | |
| CVE-2023-42011 | IBM Sterling B2B Integrator Standard Edition tapjacking | | |
| CVE-2023-42012 | IBM UrbanCode Deploy denial of service | | |
| CVE-2023-42013 | IBM UrbanCode Deploy information disclosure | | |
| CVE-2023-42014 | IBM Sterling B2B Integrator Standard Edition cross-site scripting | | |
| CVE-2023-42015 | IBM UrbanCode Deploy HTML injection | | |
| CVE-2023-42016 | IBM Sterling B2B Integrator information disclosure | S | |
| CVE-2023-42017 | IBM Planning Analytics file upload | | |
| CVE-2023-42019 | IBM InfoSphere Information Server information disclosure | S | |
| CVE-2023-42022 | IBM InfoSphere Information Server cross-site scripting | S | |
| CVE-2023-42027 | IBM CICS TX cross-site request forgery | S | |
| CVE-2023-42029 | IBM CICS TX cross-site scripting | S | |
| CVE-2023-42031 | IBM CICS TX denial of service | | |
| CVE-2023-42032 | Visualware MyConnection Server doRTAAccessUPass Exposed Dangerous Method Information Disclosure Vulnerability | | |
| CVE-2023-42033 | Visualware MyConnection Server doPostUploadfiles Directory Traversal Remote Code Execution Vulnerability | | |
| CVE-2023-42034 | Visualware MyConnection Server doRTAAccessCTConfig Cross-Site Scripting Authentication Bypass Vulnerability | | |
| CVE-2023-42035 | Visualware MyConnection Server doIForward XML External Entity Processing Information Disclosure Vulnerability | | |
| CVE-2023-42036 | Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability | | |
| CVE-2023-42037 | Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability | | |
| CVE-2023-42038 | Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-42039 | Kofax Power PDF PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-42040 | PDF-XChange Editor mailForm Use-After-Free Code Execution Vulnerability | | |
| CVE-2023-42041 | PDF-XChange Editor Annotation Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42042 | PDF-XChange Editor App Object Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42043 | PDF-XChange Editor PDF File Parsing Memory Corruption Remote Code Execution Vulnerability | | |
| CVE-2023-42044 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42045 | PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42046 | PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-42047 | PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability | | |
| CVE-2023-42048 | PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-42049 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42050 | PDF-XChange Editor EMF File Parsing Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2023-42051 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-42052 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42053 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42054 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42055 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42056 | PDF-XChange Editor U3D File Parsing Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-42057 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42058 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42059 | PDF-XChange Editor U3D File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42060 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42061 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42062 | PDF-XChange Editor U3D File Parsing Uninitialized Variable Remote Code Execution Vulnerability | | |
| CVE-2023-42063 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42064 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42065 | PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42066 | PDF-XChange Editor J2K File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42067 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42068 | PDF-XChange Editor JB2 File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42069 | PDF-XChange Editor PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-42070 | PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42071 | PDF-XChange Editor PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-42072 | PDF-XChange Editor JPC File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42073 | PDF-XChange Editor Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42074 | PDF-XChange Editor addScript Type Confusion Remote Code Execution Vulnerability | | |
| CVE-2023-42075 | PDF-XChange Editor JPG File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42076 | PDF-XChange Editor PDF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-42077 | PDF-XChange Editor EMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-42078 | PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability | | |
| CVE-2023-42079 | PDF-XChange Editor J2K File Parsing Uninitialized Variable Information Disclosure Vulnerability | | |
| CVE-2023-42080 | PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42081 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42082 | PDF-XChange Editor JPG File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42083 | PDF-XChange Editor JPG File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-42084 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42085 | PDF-XChange Editor EMF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-42086 | PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42087 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42088 | PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42089 | Foxit PDF Reader templates Use-After-Free Information Disclosure Vulnerability | S | |
| CVE-2023-42090 | Foxit PDF Reader XFA Doc Object Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2023-42091 | Foxit PDF Reader XFA Doc Object Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2023-42092 | Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2023-42093 | Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability | S | |
| CVE-2023-42094 | Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2023-42095 | Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability | S | |
| CVE-2023-42096 | Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2023-42097 | Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability | S | |
| CVE-2023-42098 | Foxit PDF Reader Annotation Use-After-Free Information Disclosure Vulnerability | | |
| CVE-2023-42099 | Intel Driver & Support Assistant Link Following Local Privilege Escalation Vulnerability | | |
| CVE-2023-42100 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42101 | Ashlar-Vellum Cobalt AR File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42102 | Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability | | |
| CVE-2023-42103 | Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42104 | Ashlar-Vellum Cobalt AR File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42105 | Ashlar-Vellum Cobalt AR File Parsing Type Confusion Remote Code Execution Vulnerability | | |
| CVE-2023-42106 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42107 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42108 | PDF-XChange Editor EMF File Parsing Use-After-Free Remote Code Execution Vulnerability | | |
| CVE-2023-42109 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42110 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42111 | PDF-XChange Editor JPG File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability | | |
| CVE-2023-42112 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42113 | PDF-XChange Editor EMF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42114 | Exim NTLM Challenge Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42115 | Exim AUTH Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-42116 | Exim SMTP Challenge Stack-based Buffer Overflow Remote Code Execution Vulnerability | | |
| CVE-2023-42117 | Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability | | |
| CVE-2023-42118 | Exim libspf2 Integer Underflow Remote Code Execution Vulnerability | | |
| CVE-2023-42119 | Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2023-42120 | Control Web Panel dns_zone_editor Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-42121 | Control Web Panel Missing Authentication Remote Code Execution Vulnerability | | |
| CVE-2023-42122 | Control Web Panel wloggui Command Injection Local Privilege Escalation Vulnerability | | |
| CVE-2023-42123 | Control Web Panel mysql_manager Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-42124 | Avast Premium Security Sandbox Protection Incorrect Authorization Privilege Escalation Vulnerability | | |
| CVE-2023-42125 | Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability | | |
| CVE-2023-42126 | G DATA Total Security GDBackupSvc Service Link Following Local Privilege Escalation Vulnerability | | |
| CVE-2023-42127 | Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-42128 | Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability | | |
| CVE-2023-42129 | A10 Thunder ADC ShowTechDownloadView Directory Traversal Information Disclosure Vulnerability | | |
| CVE-2023-42130 | A10 Thunder ADC FileMgmtExport Directory Traversal Arbitrary File Read and Deletion Vulnerability | | |
| CVE-2023-42131 | Ansys SpaceClaim X_B File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability | | |
| CVE-2023-42132 | FD Application Apr. 2022 Edition (Version 9.01) and earlier improperly restricts XML external entity... | | |
| CVE-2023-42133 | PAX Android based POS devices allow for escalation of privilege via improperly configured scripts. ... | | |
| CVE-2023-42134 | PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.45_20230314 or earlier can allow... | E | |
| CVE-2023-42135 | PAX A920Pro/A50 devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow local... | E | |
| CVE-2023-42136 | PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow... | E | |
| CVE-2023-42137 | PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can allow... | E | |
| CVE-2023-42138 | Out-of-bounds read vulnerability exists in KV STUDIO Ver. 11.62 and earlier and KV REPLAY VIEWER Ver... | | |
| CVE-2023-42143 | Missing Integrity Check in Shelly TRV 20220811-152343/v2.1.8@5afc928c allows malicious users to crea... | | |
| CVE-2023-42144 | Cleartext Transmission during initial setup in Shelly TRV 20220811-15234 v.2.1.8 allows a local atta... | | |
| CVE-2023-42147 | An issue in CloudExplorer Lite 1.3.1 allows an attacker to obtain sensitive information via the logi... | E | |
| CVE-2023-42178 | Lenosp 1.0.0-1.2.0 is vulnerable to SQL Injection via the log query module.... | E | |
| CVE-2023-42180 | An arbitrary file upload vulnerability in the /user/upload component of lenosp 1.0-1.2.0 allows atta... | E | |
| CVE-2023-42183 | lockss-daemon (aka Classic LOCKSS Daemon) before 1.77.3 performs post-Unicode normalization, which m... | E | |
| CVE-2023-42188 | IceCMS v2.0.1 is vulnerable to Cross Site Request Forgery (CSRF).... | E | |
| CVE-2023-42189 | Insecure Permissions vulnerability in Connectivity Standards Alliance Matter Official SDK v.1.1.0.0 ... | | |
| CVE-2023-42222 | WebCatalog before 49.0 is vulnerable to Incorrect Access Control. WebCatalog calls the Electron shel... | E | |
| CVE-2023-42225 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Atta... | | |
| CVE-2023-42226 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via Email/Sa... | | |
| CVE-2023-42227 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the WSCV... | | |
| CVE-2023-42228 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low pr... | | |
| CVE-2023-42229 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal. Arbitrary f... | | |
| CVE-2023-42230 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via t... | | |
| CVE-2023-42231 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Incorrect Access Control. Low pr... | | |
| CVE-2023-42232 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal via the Navi... | | |
| CVE-2023-42233 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Scripting (XSS) via t... | | |
| CVE-2023-42234 | Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Cross Site Request Forgery (CSRF... | | |
| CVE-2023-42235 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42236 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42237 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42238 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42239 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42240 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42241 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42242 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42243 | In Selesta Visual Access Manager < 4.42.2, an authenticated user can access the administrative page ... | | |
| CVE-2023-42244 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42245 | Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via monitor/s_sch... | | |
| CVE-2023-42246 | Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via /vam/vam_ep.p... | | |
| CVE-2023-42247 | Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via monitor/s_mon... | | |
| CVE-2023-42248 | An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated att... | | |
| CVE-2023-42249 | Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via vam/vam_visit... | | |
| CVE-2023-42250 | Selesta Visual Access Manager < 4.42.2 is vulnerable to Cross Site Scripting (XSS) via /common/autoc... | | |
| CVE-2023-42253 | Code-Projects Vehicle Management 1.0 is vulnerable to Cross Site Scripting (XSS) in Add Accounts via... | E | |
| CVE-2023-42261 | Mobile Security Framework (MobSF) <=v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the ven... | E S | |
| CVE-2023-42268 | Jeecg boot up to v3.5.3 was discovered to contain a SQL injection vulnerability via the component /j... | E | |
| CVE-2023-42270 | Grocy <= 4.0.2 is vulnerable to Cross Site Request Forgery (CSRF).... | E | |
| CVE-2023-42276 | hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray.... | E | |
| CVE-2023-42277 | hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonObject.putByPath.... | E | |
| CVE-2023-42278 | hutool v5.8.21 was discovered to contain a buffer overflow via the component JSONUtil.parse().... | E | |
| CVE-2023-42279 | Dreamer CMS v4.1.3 was discovered to contain a SQL injection vulnerability via the model-form-manage... | E | |
| CVE-2023-42280 | mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.... | E | |
| CVE-2023-42282 | The ip package before 1.1.9 for Node.js might allow SSRF because some IP addresses (such as 0x7f.1) ... | E S | |
| CVE-2023-42283 | Blind SQL injection in api_id parameter in Tyk Gateway version 5.0.3 allows attacker to access and d... | E | |
| CVE-2023-42284 | Blind SQL injection in api_version parameter in Tyk Gateway version 5.0.3 allows attacker to access ... | E | |
| CVE-2023-42286 | There is a PHP file inclusion vulnerability in the template configuration of eyoucms v1.6.4, allowin... | E | |
| CVE-2023-42295 | An issue in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arbitrary code and cause... | E | |
| CVE-2023-42298 | An issue in GPAC GPAC v.2.2.1 and before allows a local attacker to cause a denial of service via th... | S | |
| CVE-2023-42299 | Buffer Overflow vulnerability in OpenImageIO oiio v.2.4.12.0 allows a remote attacker to execute arb... | E S | |
| CVE-2023-42307 | Cross Site Scripting (XSS) vulnerability in Code-Projects Exam Form Submission 1.0 allows attackers ... | E | |
| CVE-2023-42308 | Cross Site Scripting (XSS) vulnerability in Manage Fastrack Subjects in Code-Projects Exam Form Subm... | | |
| CVE-2023-42319 | Geth (aka go-ethereum) through 1.13.4, when --http --graphql is used, allows remote attackers to cau... | E | |
| CVE-2023-42320 | Buffer Overflow vulnerability in Tenda AC10V4 v.US_AC10V4.0si_V16.03.10.13_cn_TDC01 allows a remote ... | E | |
| CVE-2023-42321 | Cross Site Request Forgery (CSRF) vulnerability in icmsdev iCMSv.7.0.16 allows a remote attacker to ... | | |
| CVE-2023-42322 | Insecure Permissions vulnerability in icmsdev iCMS v.7.0.16 allows a remote attacker to obtain sensi... | | |
| CVE-2023-42323 | Cross Site Request Forgery (CSRF) vulnerability in DouHaocms v.3.3 allows a remote attacker to execu... | E | |
| CVE-2023-42325 | Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain... | E | |
| CVE-2023-42326 | An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a crafted... | | |
| CVE-2023-42327 | Cross Site Scripting (XSS) vulnerability in Netgate pfSense v.2.7.0 allows a remote attacker to gain... | E | |
| CVE-2023-42328 | An issue in PeppermintLabs Peppermint v.0.2.4 and before allows a remote attacker to obtain sensitiv... | E | |
| CVE-2023-42331 | A file upload vulnerability in EliteCMS v1.01 allows a remote attacker to execute arbitrary code via... | E | |
| CVE-2023-42334 | An Indirect Object Reference (IDOR) in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a remote... | E | |
| CVE-2023-42335 | Unrestricted File Upload vulnerability in Fl3xx Dispatch 2.10.37 and fl3xx Crew 2.10.37 allows a rem... | E | |
| CVE-2023-42336 | An issue in NETIS SYSTEMS WF2409Ev4 v.1.0.1.705 allows a remote attacker to execute arbitrary code a... | E | |
| CVE-2023-42358 | An issue was discovered in O-RAN Software Community ric-plt-e2mgr in the G-Release environment, allo... | E | |
| CVE-2023-42359 | SQL injection vulnerability in Exam Form Submission in PHP with Source Code v.1.0 allows a remote at... | E | |
| CVE-2023-42361 | Local File Inclusion vulnerability in Midori-global Better PDF Exporter for Jira Server and Jira Dat... | | |
| CVE-2023-42362 | An arbitrary file upload vulnerability in Teller Web App v.4.4.0 allows a remote attacker to execute... | | |
| CVE-2023-42363 | A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBo... | E | |
| CVE-2023-42364 | A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via... | E | |
| CVE-2023-42365 | A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the a... | E | |
| CVE-2023-42366 | A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the next_token function at awk.c:1159.... | E | |
| CVE-2023-42371 | Cross Site Scripting vulnerability in Summernote Rich Text Editor v.0.8.18 and before allows a remot... | E | |
| CVE-2023-42374 | An issue in mystenlabs Sui Blockchain before v.1.6.3 allow a remote attacker to execute arbitrary co... | S | |
| CVE-2023-42387 | An issue in TDSQL Chitu management platform v.10.3.19.5.0 allows a remote attacker to obtain sensiti... | E | |
| CVE-2023-42398 | An issue in zzCMS v.2023 allows a remote attacker to execute arbitrary code and obtain sensitive inf... | E | |
| CVE-2023-42399 | Cross Site Scripting vulnerability in xdsoft.net Jodit Editor v.4.0.0-beta.86 allows a remote attack... | | |
| CVE-2023-42404 | OneVision Workspace before WS23.1 SR1 (build w31.040) allows arbitrary Java EL execution.... | | |
| CVE-2023-42405 | SQL injection vulnerability in FIT2CLOUD RackShift v1.7.1 allows attackers to execute arbitrary code... | E | |
| CVE-2023-42406 | SQL injection vulnerability in D-Link Online behavior audit gateway DAR-7000 V31R02B1413C allows a r... | E | |
| CVE-2023-42419 | Improper Management of Cryptographic Keys in the Maintenance Server in QCOW Air-Gapped Distribution (China Edition) | S | |
| CVE-2023-42425 | An issue in Turing Video Turing Edge+ EVC5FD v.1.38.6 allows remote attacker to execute arbitrary co... | | |
| CVE-2023-42426 | Cross-site scripting (XSS) vulnerability in Froala Froala Editor v.4.1.1 allows remote attackers to ... | E | |
| CVE-2023-42427 | Cross-site scripting vulnerability exists in UNIVERSAL PASSPORT RX versions 1.0.0 to 1.0.7, which ma... | | |
| CVE-2023-42428 | Directory traversal vulnerability in CubeCart prior to 6.5.3 allows a remote authenticated attacker ... | S | |
| CVE-2023-42429 | Improper buffer restrictions in some Intel NUC BIOS firmware may allow a privileged user to potentia... | | |
| CVE-2023-42431 | Potential XSS on user preferences page | E | |
| CVE-2023-42433 | Incorrect default permissions in some Endurance Gaming Mode software installers before version 1.3.9... | | |
| CVE-2023-42435 | Cross-Site Request Forgery in DEXMA DEXGate | | |
| CVE-2023-42436 | Stored cross-site scripting vulnerability exists in the presentation feature of GROWI versions prior... | | |
| CVE-2023-42437 | Rejected reason: This is unused.... | R | |
| CVE-2023-42438 | An inconsistent user interface issue was addressed with improved state management. This issue is fix... | | |
| CVE-2023-42439 | GeoNode SSRF Bypass to return internal host data | E S | |
| CVE-2023-42441 | Vyper has incorrect re-entrancy lock when key is empty string | E S | |
| CVE-2023-42442 | JumpServer session replays download without authentication | E S | |
| CVE-2023-42443 | Vyper vulnerable to memory corruption in certain builtins utilizing `msize` | E S | |
| CVE-2023-42444 | phonenumber panics on parsing crafted RF3966 inputs | S | |
| CVE-2023-42445 | Possible local file exfiltration by XML External entity injection | | |
| CVE-2023-42446 | Pow Mnesia cache doesn't invalidate all expired keys on startup | E | |
| CVE-2023-42447 | blurhash panics on parsing crafted inputs | | |
| CVE-2023-42448 | Hydra's contestation period in head datum can be modified during Close transaction, allowing malicious participant to freely modify the contestation deadline | S | |
| CVE-2023-42449 | Malicious head initialiser can extract PTs from control of Hydra scripts, leading to locked participant commits or spoofed commits | E | |
| CVE-2023-42450 | Mastodon Server-Side Request Forgery vulnerability | S | |
| CVE-2023-42451 | Mastodon Invalid Domain Name Normalization vulnerability | S | |
| CVE-2023-42452 | Mastodon vulnerable to Stored XSS through the translation feature | S | |
| CVE-2023-42453 | Improper validation of receipts allows forged read receipts in matrix synapse | S | |
| CVE-2023-42454 | SQLpage vulnerable to public exposure of database credentials | E S | |
| CVE-2023-42455 | Wazuh vulnerable to user privilege escalation | S | |
| CVE-2023-42456 | sudo-rs Session File Relative Path Traversal vulnerability | S | |
| CVE-2023-42457 | plone.rest vulnerable to Denial of Service when ++api++ is used many times | S | |
| CVE-2023-42458 | Zope vulnerable to Stored Cross Site Scripting with SVG images | E S | |
| CVE-2023-42459 | Malformed DATA submessage leads to bad-free error in Fast-DDS | E S | |
| CVE-2023-42460 | _abi_decode input not validated in complex expressions in Vyper | E S | |
| CVE-2023-42461 | SQL injection in ITIL actors in GLPI | | |
| CVE-2023-42462 | File deletion through document upload process in GLPI | | |
| CVE-2023-42463 | wazuh-logcollector integer underflow local privilege escalation | | |
| CVE-2023-42464 | A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x be... | S | |
| CVE-2023-42465 | Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation... | E S | |
| CVE-2023-42467 | QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c becaus... | E | |
| CVE-2023-42468 | The com.cutestudio.colordialer application through 2.1.8-2 for Android allows a remote attacker to i... | E | |
| CVE-2023-42469 | The com.full.dialer.top.secure.encrypted application through 1.0.1 for Android enables any installed... | E | |
| CVE-2023-42470 | The Imou Life com.mm.android.smartlifeiot application through 6.8.0 for Android allows Remote Code E... | E | |
| CVE-2023-42471 | The wave.ai.browser application through 1.0.35 for Android allows a remote attacker to execute arbit... | E | |
| CVE-2023-42472 | Insufficient File type validation in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) | | |
| CVE-2023-42473 | Missing Authorization Check In S/4HANA (Manage Withholding Tax Items) | | |
| CVE-2023-42474 | Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Web Intelligence | | |
| CVE-2023-42475 | Information Disclosure Vulnerability in Statutory Reporting | | |
| CVE-2023-42476 | Cross Site Scripting vulnerability in SAP BusinessObjects Web Intelligence | | |
| CVE-2023-42477 | Server-Side Request Forgery in SAP NetWeaver AS Java (GRMG Heartbeat application) | | |
| CVE-2023-42478 | Cross-Site Scripting (XSS) vulnerability in SAP BusinessObjects Business Intelligence Platform | | |
| CVE-2023-42479 | Cross-Site Scripting (XSS) vulnerability in SAP Biller Direct | | |
| CVE-2023-42480 | Information Disclosure in NetWeaver AS Java Logon | | |
| CVE-2023-42481 | Improper Access Control vulnerability in SAP Commerce Cloud | | |
| CVE-2023-42482 | Samsung Mobile Processor Exynos 2200 allows a GPU Use After Free.... | | |
| CVE-2023-42483 | A TOCTOU race condition in Samsung Mobile Processor Exynos 9820, Exynos 980, Exynos 1080, Exynos 210... | | |
| CVE-2023-42486 | Fortect - CWE-428: Unquoted Search Path or Element | S | |
| CVE-2023-42487 | Soundminer – CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | S | |
| CVE-2023-42488 | EisBaer Scada - CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | S | |
| CVE-2023-42489 | EisBaer Scada - CWE-732: Incorrect Permission Assignment for Critical Resource | S | |
| CVE-2023-42490 | EisBaer Scada - CWE-200: Exposure of Sensitive Information to an Unauthorized Actor | S | |
| CVE-2023-42491 | EisBaer Scada - CWE-285: Improper Authorization | S | |
| CVE-2023-42492 | EisBaer Scada - CWE-321: Use of Hard-coded Cryptographic Key | S | |
| CVE-2023-42493 | EisBaer Scada - CWE-256: Plaintext Storage of a Password | S | |
| CVE-2023-42494 | EisBaer Scada - CWE-749: Exposed Dangerous Method or Function | S | |
| CVE-2023-42495 | Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') | | |
| CVE-2023-42496 | Reflected cross-site scripting (XSS) vulnerability on the add assignees to a role page in Liferay Po... | | |
| CVE-2023-42497 | Reflected cross-site scripting (XSS) vulnerability on the Export for Translation page in Liferay Por... | | |
| CVE-2023-42498 | Reflected cross-site scripting (XSS) vulnerability in the Language Override edit screen in Liferay P... | | |
| CVE-2023-42501 | Apache Superset: Unnecessary read permissions within the Gamma role | | |
| CVE-2023-42502 | Apache Superset: Open Redirect Vulnerability | | |
| CVE-2023-42503 | Apache Commons Compress: Denial of service via CPU consumption for malformed TAR file | | |
| CVE-2023-42504 | Apache Superset: Lack of rate limiting allows for possible denial of service | | |
| CVE-2023-42505 | Apache Superset: Sensitive information disclosure on db connection details | | |
| CVE-2023-42506 | Improper restriction of operations within the bounds of a memory buffer issue exists in OnSinView2 v... | | |
| CVE-2023-42507 | Stack-based buffer overflow vulnerability exists in OnSinView2 versions 2.0.1 and earlier. If this v... | | |
| CVE-2023-42508 | JFrog Artifactory Improper header input validation leads to email manipulation sent from the platform | | |
| CVE-2023-42509 | JFrog Artifactory Sensitive Data Leakage in Repository configuration process | | |
| CVE-2023-42520 | Certain WithSecure products allow a remote crash of a scanning engine via unpacking of crafted data ... | | |
| CVE-2023-42521 | Certain WithSecure products allow a remote crash of a scanning engine via processing of a compressed... | | |
| CVE-2023-42522 | Certain WithSecure products allow a remote crash of a scanning engine via processing of an import st... | | |
| CVE-2023-42523 | Certain WithSecure products allow a remote crash of a scanning engine via unpacking of a PE file. Th... | | |
| CVE-2023-42524 | Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. ... | | |
| CVE-2023-42525 | Certain WithSecure products allow an infinite loop in a scanning engine via unspecified file types. ... | | |
| CVE-2023-42526 | Certain WithSecure products allow a remote crash of a scanning engine via decompression of crafted d... | | |
| CVE-2023-42527 | Improper input validation vulnerability in ProcessWriteFile of libsec-ril prior to SMR Nov-2023 Rele... | | |
| CVE-2023-42528 | Improper Input Validation vulnerability in ProcessNvBuffering of libsec-ril prior to SMR Nov-2023 Re... | | |
| CVE-2023-42529 | Out-of-bound write vulnerability in libsec-ril prior to SMR Nov-2023 Release 1 allows local attacker... | | |
| CVE-2023-42530 | Improper access control vulnerability in SecSettings prior to SMR Nov-2023 Release 1 allows attacker... | | |
| CVE-2023-42531 | Improper access control vulnerability in SmsController prior to SMR Nov-2023 Release1 allows local a... | | |
| CVE-2023-42532 | Improper Certificate Validation in FotaAgent prior to SMR Nov-2023 Release1 allows remote attacker t... | | |
| CVE-2023-42533 | Improper Input Validation with USB Gadget Interface prior to SMR Nov-2023 Release 1 allows a physica... | | |
| CVE-2023-42534 | Improper input validation vulnerability in ChooserActivity prior to SMR Nov-2023 Release 1 allows lo... | | |
| CVE-2023-42535 | Out-of-bounds Write in read_block of vold prior to SMR Nov-2023 Release 1 allows local attacker to e... | | |
| CVE-2023-42536 | An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local a... | | |
| CVE-2023-42537 | An improper input validation in get_head_crc in libsaped prior to SMR Nov-2023 Release 1 allows loca... | | |
| CVE-2023-42538 | An improper input validation in saped_rec_silence in libsaped prior to SMR Nov-2023 Release 1 allows... | | |
| CVE-2023-42539 | PendingIntent hijacking vulnerability in ChallengeNotificationManager in Samsung Health prior to ver... | | |
| CVE-2023-42540 | Improper access control vulnerability in Samsung Account prior to version 14.5.01.1 allows attackers... | | |
| CVE-2023-42541 | Improper authorization in PushClientProvider of Samsung Push Service prior to version 3.4.10 allows ... | | |
| CVE-2023-42542 | Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers... | | |
| CVE-2023-42543 | Improper verification of intent by broadcast receiver vulnerability in Bixby Voice prior to version ... | | |
| CVE-2023-42544 | Improper access control vulnerability in Quick Share prior to 13.5.52.0 allows local attacker to acc... | | |
| CVE-2023-42545 | Use of implicit intent for sensitive communication vulnerability in Phone prior to versions 12.7.20.... | | |
| CVE-2023-42546 | Use of implicit intent for sensitive communication vulnerability in startAgreeToDisclaimerActivity i... | | |
| CVE-2023-42547 | Use of implicit intent for sensitive communication vulnerability in startEmailValidationActivity in ... | | |
| CVE-2023-42548 | Use of implicit intent for sensitive communication vulnerability in startMandatoryCheckActivity in S... | | |
| CVE-2023-42549 | Use of implicit intent for sensitive communication vulnerability in startNameValidationActivity in S... | | |
| CVE-2023-42550 | Use of implicit intent for sensitive communication vulnerability in startSignIn in Samsung Account p... | | |
| CVE-2023-42551 | Use of implicit intent for sensitive communication vulnerability in startTncActivity in Samsung Acco... | | |
| CVE-2023-42552 | Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Andr... | | |
| CVE-2023-42553 | Improper authorization verification vulnerability in Samsung Email prior to version 6.1.90.4 allows ... | | |
| CVE-2023-42554 | Improper Authentication vulnerabiity in Samsung Pass prior to version 4.3.00.17 allows physical atta... | | |
| CVE-2023-42555 | Use of implicit intent for sensitive communication vulnerability in EasySetup prior to version 11.1.... | | |
| CVE-2023-42556 | Improper usage of implicit intent in Contacts prior to SMR Dec-2023 Release 1 allows attacker to get... | | |
| CVE-2023-42557 | Out-of-bound write vulnerability in libIfaaCa prior to SMR Dec-2023 Release 1 allows local system at... | | |
| CVE-2023-42558 | Out of bounds write vulnerability in HDCP in HAL prior to SMR Dec-2023 Release 1 allows attacker to ... | | |
| CVE-2023-42559 | Improper exception management vulnerability in Knox Guard prior to SMR Dec-2023 Release 1 allows Kno... | | |
| CVE-2023-42560 | Heap out-of-bounds write vulnerability in dec_mono_audb of libsavsac.so prior to SMR Dec-2023 Releas... | | |
| CVE-2023-42561 | Heap out-of-bounds write vulnerability in bootloader prior to SMR Dec-2023 Release 1 allows a physic... | | |
| CVE-2023-42562 | Integer overflow vulnerability in detectionFindFaceSupportMultiInstance of libFacePreProcessingjni.c... | | |
| CVE-2023-42563 | Integer overflow vulnerability in landmarkCopyImageToNative of libFacePreProcessingjni.camera.samsun... | | |
| CVE-2023-42564 | Improper access control in knoxcustom service prior to SMR Dec-2023 Release 1 allows attacker to sen... | | |
| CVE-2023-42565 | Improper input validation vulnerability in Smart Clip prior to SMR Dec-2023 Release 1 allows local a... | | |
| CVE-2023-42566 | Out-of-bound write vulnerability in libsavsvc prior to SMR Dec-2023 Release 1 allows local attackers... | | |
| CVE-2023-42567 | Improper size check vulnerability in softsimd prior to SMR Dec-2023 Release 1 allows stack-based buf... | | |
| CVE-2023-42568 | Improper access control vulnerability in SmartManagerCN prior to SMR Dec-2023 Release 1 allows local... | | |
| CVE-2023-42569 | Improper authorization verification vulnerability in AR Emoji prior to SMR Dec-2023 Release 1 allows... | | |
| CVE-2023-42570 | Improper access control vulnerability in KnoxCustomManagerService prior to SMR Dec-2023 Release 1 al... | | |
| CVE-2023-42571 | Abuse of remote unlock in Find My Mobile prior to version 7.3.13.4 allows physical attacker to unloc... | | |
| CVE-2023-42572 | Implicit intent hijacking vulnerability in Samsung Account Web SDK prior to version 1.5.24 allows at... | | |
| CVE-2023-42573 | PendingIntent hijacking vulnerability in Search Widget prior to version 3.4 in China models allows l... | | |
| CVE-2023-42574 | Improper access control vulnerablility in GameHomeCN prior to version 4.2.60.2 allows local attacker... | | |
| CVE-2023-42575 | Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical att... | | |
| CVE-2023-42576 | Improper Authentication vulnerability in Samsung Pass prior to version 4.3.00.17 allows physical att... | | |
| CVE-2023-42577 | Improper Access Control in Samsung Voice Recorder prior to versions 21.4.15.01 in Android 12 and And... | | |
| CVE-2023-42578 | Improper handling of insufficient permissions or privileges vulnerability in Samsung Data Store prio... | | |
| CVE-2023-42579 | Improper usage of insecure protocol (i.e. HTTP) in SogouSDK of Chinese Samsung Keyboard prior to ver... | | |
| CVE-2023-42580 | Improper URL validation from MCSLaunch deeplink in Galaxy Store prior to version 4.5.64.4 allows att... | | |
| CVE-2023-42581 | Improper URL validation from InstantPlay deeplink in Galaxy Store prior to version 4.5.64.4 allows a... | | |
| CVE-2023-42627 | Multiple stored cross-site scripting (XSS) vulnerabilities in the Commerce module in Liferay Portal ... | E | |
| CVE-2023-42628 | Stored cross-site scripting (XSS) vulnerability in the Wiki widget in Liferay Portal 7.1.0 through 7... | E | |
| CVE-2023-42629 | Stored cross-site scripting (XSS) vulnerability in the manage vocabulary page in Liferay Portal 7.4.... | E | |
| CVE-2023-42631 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42632 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42633 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42634 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42635 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42636 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42637 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42638 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42639 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42640 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42641 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42642 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42643 | In validationtools, there is a possible missing permission check. This could lead to local informati... | | |
| CVE-2023-42644 | In dm service, there is a possible missing permission check. This could lead to local information di... | | |
| CVE-2023-42645 | In sim service, there is a possible way to write permission usage records of an app due to a missing... | | |
| CVE-2023-42646 | In Ifaa service, there is a possible missing permission check. This could lead to local information ... | | |
| CVE-2023-42647 | In Ifaa service, there is a possible way to write permission usage records of an app due to a missin... | | |
| CVE-2023-42648 | In engineermode, there is a possible missing permission check. This could lead to local information ... | | |
| CVE-2023-42649 | In engineermode, there is a possible missing permission check. This could lead to local information ... | | |
| CVE-2023-42650 | In engineermode, there is a possible missing permission check. This could lead to local information ... | | |
| CVE-2023-42651 | In engineermode, there is a possible missing permission check. This could lead to local information ... | | |
| CVE-2023-42652 | In engineermode, there is a possible missing permission check. This could lead to local information ... | | |
| CVE-2023-42653 | In faceid service, there is a possible out of bounds write due to a missing bounds check. This could... | | |
| CVE-2023-42654 | In dm service, there is a possible missing permission check. This could lead to local information di... | | |
| CVE-2023-42655 | In sim service, there is a possible way to write permission usage records of an app due to a missing... | | |
| CVE-2023-42656 | MOVEit Transfer Reflected XSS | | |
| CVE-2023-42657 | WS_FTP Server Directory Traversal | | |
| CVE-2023-42658 | InSpec Archive Command Vulnerable to Maliciously Crafted Profile | S | |
| CVE-2023-42659 | WS_FTP Server Arbitrary File Upload | | |
| CVE-2023-42660 | MOVEit Transfer Machine Interface SQL Injection | | |
| CVE-2023-42661 | JFrog Artifactory Improper input validation leads to arbitrary file write | | |
| CVE-2023-42662 | JFrog Artifactory Improper SSO Mechanism may lead to Exposure of Access Tokens | | |
| CVE-2023-42663 | Apache Airflow: Bypass permission verification to view task instances of other dags | S | |
| CVE-2023-42664 | A post authentication command injection vulnerability exists when setting up the PPTP global configu... | E | |
| CVE-2023-42665 | Rejected reason: This is unused.... | R | |
| CVE-2023-42666 | Exposure of Sensitive Information to an Unauthorized Actor in DEXMA DEXGate | | |
| CVE-2023-42667 | Improper isolation in the Intel(R) Core(TM) Ultra Processor stream cache mechanism may allow an auth... | | |
| CVE-2023-42668 | Incorrect default permissions in some onboard video driver software before version 1.14 for Intel(R)... | | |
| CVE-2023-42669 | Samba: "rpcecho" development server allows denial of service via sleep() call on ad dc | M | |
| CVE-2023-42670 | Samba: ad dc busy rpc multiple listener dos | | |
| CVE-2023-42671 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42672 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42673 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42674 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42675 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42676 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42677 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42678 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42679 | In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lea... | | |
| CVE-2023-42680 | In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead... | | |
| CVE-2023-42681 | In ion service, there is a possible missing permission check. This could lead to local escalation of... | | |
| CVE-2023-42682 | In gsp driver, there is a possible out of bounds write due to a missing bounds check. This could lea... | | |
| CVE-2023-42683 | In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead... | | |
| CVE-2023-42684 | In gsp driver, there is a possible out of bounds read due to a missing bounds check. This could lead... | | |
| CVE-2023-42685 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42686 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42687 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42688 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42689 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42690 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42691 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42692 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42693 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42694 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42695 | In wifi service, there is a possible missing permission check. This could lead to local escalation o... | | |
| CVE-2023-42696 | In telecom service, there is a possible missing permission check. This could lead to local escalatio... | | |
| CVE-2023-42697 | In omacp service, there is a possible way to write permission usage records of an app due to a missi... | | |
| CVE-2023-42698 | In omacp service, there is a possible way to write permission usage records of an app due to a missi... | | |
| CVE-2023-42699 | In omacp service, there is a possible way to write permission usage records of an app due to a missi... | | |
| CVE-2023-42700 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42701 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42702 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42703 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42704 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42705 | In imsservice, there is a possible way to write permission usage records of an app due to a missing ... | | |
| CVE-2023-42706 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42707 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42708 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42709 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42710 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42711 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42712 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42713 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42714 | In firewall service, there is a possible way to write permission usage records of an app due to a mi... | | |
| CVE-2023-42715 | In telephony service, there is a possible missing permission check. This could lead to local informa... | | |
| CVE-2023-42716 | In telephony service, there is a possible missing permission check. This could lead to remote inform... | | |
| CVE-2023-42717 | In telephony service, there is a possible missing permission check. This could lead to remote inform... | | |
| CVE-2023-42718 | In dialer, there is a possible way to write permission usage records of an app due to a missing perm... | | |
| CVE-2023-42719 | In video service, there is a possible out of bounds read due to a incorrect bounds check. This could... | | |
| CVE-2023-42720 | In video service, there is a possible out of bounds read due to a missing bounds check. This could l... | | |
| CVE-2023-42721 | In flv extractor, there is a possible missing verification incorrect input. This could lead to local... | | |
| CVE-2023-42722 | In camera service, there is a possible use after free due to a logic error. This could lead to local... | | |
| CVE-2023-42723 | In camera service, there is a possible out of bounds read due to a missing bounds check. This could ... | | |
| CVE-2023-42724 | In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead... | | |
| CVE-2023-42725 | In gpu driver, there is a possible out of bounds read due to a missing bounds check. This could lead... | | |
| CVE-2023-42726 | In TeleService, there is a possible out of bounds read due to a missing bounds check. This could lea... | | |
| CVE-2023-42727 | In gpu driver, there is a possible out of bounds write due to a incorrect bounds check. This could l... | | |
| CVE-2023-42728 | In phasecheckserver, there is a possible out of bounds read due to a missing bounds check. This coul... | | |
| CVE-2023-42729 | In ril service, there is a possible out of bounds write due to a missing bounds check. This could le... | | |
| CVE-2023-42730 | In IMS service, there is a possible way to write permission usage records of an app due to a missing... | | |
| CVE-2023-42731 | In Gnss service, there is a possible out of bounds read due to a missing bounds check. This could le... | | |
| CVE-2023-42732 | In telephony service, there is a possible missing permission check. This could lead to local informa... | | |
| CVE-2023-42733 | In telephony service, there is a possible missing permission check. This could lead to local informa... | | |
| CVE-2023-42734 | In telephony service, there is a possible missing permission check. This could lead to local informa... | | |
| CVE-2023-42735 | In telephony service, there is a possible missing permission check. This could lead to local informa... | | |
| CVE-2023-42736 | In telecom service, there is a possible missing permission check. This could lead to local escalatio... | | |
| CVE-2023-42737 | In telecom service, there is a possible way to write permission usage records of an app due to a mis... | | |
| CVE-2023-42738 | In telocom service, there is a possible missing permission check. This could lead to local escalatio... | | |
| CVE-2023-42739 | In engineermode service, there is a possible way to write permission usage records of an app due to ... | | |
| CVE-2023-42740 | In telecom service, there is a possible way to write permission usage records of an app due to a mis... | | |
| CVE-2023-42741 | In telecom service, there is a possible way to write permission usage records of an app due to a mis... | | |
| CVE-2023-42742 | In sysui, there is a possible missing permission check. This could lead to local denial of service w... | | |
| CVE-2023-42743 | In telecom service, there is a possible missing permission check. This could lead to local escalatio... | | |
| CVE-2023-42744 | In telecom service, there is a possible missing permission check. This could lead to local denial of... | | |
| CVE-2023-42745 | In telecom service, there is a possible missing permission check. This could lead to local escalatio... | | |
| CVE-2023-42746 | In power manager, there is a possible missing permission check. This could lead to local escalation ... | | |
| CVE-2023-42747 | In camera service, there is a possible missing permission check. This could lead to local escalation... | | |
| CVE-2023-42748 | In telecom service, there is a possible missing permission check. This could lead to local escalatio... | | |
| CVE-2023-42749 | In enginnermode service, there is a possible way to write permission usage records of an app due to ... | | |
| CVE-2023-42750 | In gnss service, there is a possible out of bounds write due to a missing bounds check. This could l... | | |
| CVE-2023-42751 | In gnss service, there is a possible out of bounds write due to a missing bounds check. This could l... | | |
| CVE-2023-42752 | Kernel: integer overflow in igmpv3_newpack leading to exploitable memory access | S | |
| CVE-2023-42753 | Kernel: netfilter: potential slab-out-of-bound access due to integer underflow | E M | |
| CVE-2023-42754 | Kernel: ipv4: null pointer dereference in ipv4_send_dest_unreach() | E S | |
| CVE-2023-42755 | Kernel: rsvp: out-of-bounds read in rsvp_classify() | E S | |
| CVE-2023-42756 | Kernel: netfilter: race condition between ipset_cmd_add and ipset_cmd_swap | E S | |
| CVE-2023-42757 | Process Explorer before 17.04 allows attackers to make it functionally unavailable (a denial of serv... | | |
| CVE-2023-42765 | Westermo Lynx Cross-site Scripting | M | |
| CVE-2023-42766 | Improper input validation in some Intel NUC 8 Compute Element BIOS firmware may allow a privileged u... | | |
| CVE-2023-42768 | BIG-IP iControl REST vulnerability | | |
| CVE-2023-42769 | Sielco Radio Link and Analog FM Transmitters Improper Access Control | M | |
| CVE-2023-42770 | Red Lion Controls Sixnet RTU Authentication Bypass Using An Alternative Path Or Channel | S | |
| CVE-2023-42771 | Authentication bypass vulnerability in ACERA 1320 firmware ver.01.26 and earlier, and ACERA 1310 fir... | | |
| CVE-2023-42772 | Untrusted pointer dereference in UEFI firmware for some Intel(R) reference processors may allow a pr... | | |
| CVE-2023-42773 | Improper neutralization in Intel(R) Power Gadget software for Windows all versions may allow an auth... | | |
| CVE-2023-42774 | Liteos-A has a incorrect default permissions vulnerability | | |
| CVE-2023-42775 | Rejected reason: This is unused.... | R | |
| CVE-2023-42776 | Improper input validation in some Intel(R) SGX DCAP software for Windows before version 1.19.100.3 m... | | |
| CVE-2023-42780 | Apache Airflow: Improper access control vulnerability in the "List dag warnings" feature | S | |
| CVE-2023-42781 | Apache Airflow: Permission verification bypass allows viewing dagruns of other dags | S | |
| CVE-2023-42782 | A insufficient verification of data authenticity vulnerability [CWE-345] in FortiAnalyzer version 7.... | S | |
| CVE-2023-42783 | A relative path traversal in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 a... | S | |
| CVE-2023-42784 | An improper handling of syntactically invalid structure in Fortinet FortiWeb at least verions 7.4.0 ... | S | |
| CVE-2023-42785 | A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all ver... | S | |
| CVE-2023-42786 | A null pointer dereference in FortiOS versions 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0 all ver... | S | |
| CVE-2023-42787 | A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet FortiManager v... | E S | |
| CVE-2023-42788 | An improper neutralization of special elements used in an os command ('OS Command Injection') vulner... | E S | |
| CVE-2023-42789 | A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.... | S | |
| CVE-2023-42790 | A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 th... | S | |
| CVE-2023-42791 | A relative path traversal in Fortinet FortiManager version 7.4.0 and 7.2.0 through 7.2.3 and 7.0.0 t... | S | |
| CVE-2023-42792 | Apache Airflow: Improper access control to DAG resources | S | |
| CVE-2023-42793 | In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was p... | KEV E | |
| CVE-2023-42794 | Apache Tomcat: FileUpload: DoS due to accumulation of temporary files on Windows | | |
| CVE-2023-42795 | Apache Tomcat: Failure during request clean-up leads to sensitive data leaking to subsequent requests | | |
| CVE-2023-42796 | A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.11), CP-8050... | S | |
| CVE-2023-42797 | A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05.20), CP-8050... | S | |
| CVE-2023-42798 | AutomataCI Release Job Can Revert Repo to First Commit | S | |
| CVE-2023-42799 | Buffer overflow due to use of `strcpy` in `parseUrlAddrFromRtspUrlString` | E S | |
| CVE-2023-42800 | Buffer overflow due to use of `strcpy` in `performRtspHandshake` | E S | |
| CVE-2023-42801 | Stack buffer overflow due to `strcpy` into fixed size buffer in `extractVersionQuadFromString` | E S | |
| CVE-2023-42802 | GLPI vulnerable to unallowed PHP script execution | | |
| CVE-2023-42803 | BigBlueButton Unrestricted File Upload vulnerability | | |
| CVE-2023-42804 | BigBlueButton Path Traversal – Reading Certain File Extensions | | |
| CVE-2023-42805 | quinn-proto Denial of Service vulnerability | S | |
| CVE-2023-42806 | Snapshot signature not including HeadID will allow replay attacks | | |
| CVE-2023-42807 | Frappe LMS SQL Injection Issue on People Page | | |
| CVE-2023-42808 | Common Voice Cross-site Scripting vulnerability | E | |
| CVE-2023-42809 | Redisson unsafe deserialization vulnerability | E S | |
| CVE-2023-42810 | systeminformation SSID Command Injection Vulnerability | S | |
| CVE-2023-42811 | AEADs/aes-gcm: Plaintext exposed in decrypt_in_place_detached even on tag verification failure | E | |
| CVE-2023-42812 | Galaxy vulnerable to Server Side Request Forgery during data imports | E | |
| CVE-2023-42813 | Denial of service from malicious manifest in kyverno | S | |
| CVE-2023-42814 | Denial of service from malicious image manifest in kyverno | S | |
| CVE-2023-42815 | Denial of service from malicious image manifest in kyverno | S | |
| CVE-2023-42816 | Denial of service from malicious signature in kyverno | S | |
| CVE-2023-42817 | Cross-site Scripting (XSS) in pimcore admin-ui-classic-bundle translations | S | |
| CVE-2023-42818 | SSH public key login without private key challenge if mfa is enabled in jumpserver | E | |
| CVE-2023-42819 | Path traversal in Jumpserver | S | |
| CVE-2023-42820 | Random seed leakage in Jumpserver | S | |
| CVE-2023-42821 | github.com/gomarkdown/markdown Out-of-bounds Read while parsing citations | E S | |
| CVE-2023-42822 | Unchecked access to font glyph info in xrdp | S | |
| CVE-2023-42823 | The issue was resolved by sanitizing logging This issue is fixed in watchOS 10.1, macOS Sonoma 14.1,... | | |
| CVE-2023-42824 | The issue was addressed with improved checks. This issue is fixed in iOS 16.7.1 and iPadOS 16.7.1. A... | KEV | |
| CVE-2023-42826 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. Processing a f... | | |
| CVE-2023-42828 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Ventura 13.5.... | | |
| CVE-2023-42829 | The issue was addressed with additional restrictions on the observability of app states. This issue ... | | |
| CVE-2023-42830 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2023-42831 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.7.... | | |
| CVE-2023-42832 | A race condition was addressed with improved state handling. This issue is fixed in macOS Big Sur 11... | | |
| CVE-2023-42833 | A correctness issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14, Safa... | | |
| CVE-2023-42834 | A privacy issue was addressed with improved handling of files. This issue is fixed in watchOS 10.1, ... | | |
| CVE-2023-42835 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An attac... | | |
| CVE-2023-42836 | A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, m... | | |
| CVE-2023-42838 | An access issue was addressed with improvements to the sandbox. This issue is fixed in macOS Ventura... | | |
| CVE-2023-42839 | This issue was addressed with improved state management. This issue is fixed in tvOS 17.1, watchOS 1... | | |
| CVE-2023-42840 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monter... | | |
| CVE-2023-42841 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, iOS... | | |
| CVE-2023-42842 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1. An app may b... | | |
| CVE-2023-42843 | An inconsistent user interface issue was addressed with improved state management. This issue is fix... | | |
| CVE-2023-42844 | This issue was addressed with improved handling of symlinks. This issue is fixed in macOS Sonoma 14.... | | |
| CVE-2023-42845 | An authentication issue was addressed with improved state management. This issue is fixed in macOS S... | | |
| CVE-2023-42846 | This issue was addressed by removing the vulnerable code. This issue is fixed in watchOS 10.1, iOS 1... | | |
| CVE-2023-42847 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, iOS 17.1... | | |
| CVE-2023-42848 | The issue was addressed with improved bounds checks. This issue is fixed in watchOS 10.1, macOS Sono... | | |
| CVE-2023-42849 | The issue was addressed with improved memory handling. This issue is fixed in iOS 17.1 and iPadOS 17... | | |
| CVE-2023-42850 | The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.1. A... | | |
| CVE-2023-42852 | A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, w... | | |
| CVE-2023-42853 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Mo... | | |
| CVE-2023-42854 | This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sonoma 14.1, ... | | |
| CVE-2023-42855 | This issue was addressed with improved state management. This issue is fixed in iOS 17.1 and iPadOS ... | | |
| CVE-2023-42856 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.1, mac... | | |
| CVE-2023-42857 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2023-42858 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monter... | | |
| CVE-2023-42859 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monter... | | |
| CVE-2023-42860 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma ... | | |
| CVE-2023-42861 | A logic issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.1... | | |
| CVE-2023-42862 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ven... | | |
| CVE-2023-42865 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ven... | | |
| CVE-2023-42866 | The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.5, iO... | | |
| CVE-2023-42867 | This issue was addressed with improved validation of the process entitlement and Team ID. This issue... | | |
| CVE-2023-42869 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42870 | A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS S... | | |
| CVE-2023-42871 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14, iOS 1... | | |
| CVE-2023-42872 | The issue was addressed with additional permissions checks. This issue is fixed in macOS Sonoma 14, ... | | |
| CVE-2023-42873 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS ... | | |
| CVE-2023-42874 | This issue was addressed with improved state management. This issue is fixed in macOS Sonoma 14.2. S... | | |
| CVE-2023-42875 | Processing web content may lead to arbitrary code execution. This issue is fixed in iOS 17 and iPadO... | | |
| CVE-2023-42876 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14. Process... | | |
| CVE-2023-42877 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monter... | | |
| CVE-2023-42878 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2023-42881 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Pro... | | |
| CVE-2023-42882 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2. Pro... | | |
| CVE-2023-42883 | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Son... | | |
| CVE-2023-42884 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma... | | |
| CVE-2023-42886 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Sono... | | |
| CVE-2023-42887 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ven... | | |
| CVE-2023-42888 | The issue was addressed with improved checks. This issue is fixed in iOS 16.7.5 and iPadOS 16.7.5, w... | | |
| CVE-2023-42889 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.1, macOS Monter... | | |
| CVE-2023-42890 | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, macOS Son... | | |
| CVE-2023-42891 | An authentication issue was addressed with improved state management. This issue is fixed in macOS S... | | |
| CVE-2023-42892 | A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS V... | | |
| CVE-2023-42893 | A permissions issue was addressed by removing vulnerable code and adding additional checks. This iss... | | |
| CVE-2023-42894 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma... | | |
| CVE-2023-42896 | An issue was addressed with improved handling of temporary files. This issue is fixed in macOS Monte... | | |
| CVE-2023-42897 | The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An at... | | |
| CVE-2023-42898 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, wat... | | |
| CVE-2023-42899 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS... | | |
| CVE-2023-42900 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2. An app may b... | | |
| CVE-2023-42901 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42902 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42903 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42904 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42905 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42906 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42907 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42908 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42909 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42910 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42911 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42912 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42913 | This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14.2... | | |
| CVE-2023-42914 | The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.2, iOS... | | |
| CVE-2023-42915 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-42916 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 17.1.... | KEV | |
| CVE-2023-42917 | A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17... | KEV | |
| CVE-2023-42918 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma ... | | |
| CVE-2023-42919 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2023-42920 | Claris International has fixed a dylib hijacking vulnerability in the FileMaker Pro.app and Claris P... | | |
| CVE-2023-42922 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma... | | |
| CVE-2023-42923 | This issue was addressed through improved state management. This issue is fixed in iOS 17.2 and iPad... | | |
| CVE-2023-42924 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ve... | | |
| CVE-2023-42925 | The issue was addressed with improved restriction of data container access. This issue is fixed in i... | | |
| CVE-2023-42926 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2023-42927 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.... | R | |
| CVE-2023-42928 | The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.1 and iPadOS 17.1... | | |
| CVE-2023-42929 | The issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be ... | | |
| CVE-2023-42930 | This issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS So... | | |
| CVE-2023-42931 | The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.6.3, macOS Son... | | |
| CVE-2023-42932 | A logic issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14.2, macOS Ve... | | |
| CVE-2023-42933 | This issue was addressed with improved checks. This issue is fixed in macOS Sonoma 14. An app may be... | | |
| CVE-2023-42934 | An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed i... | | |
| CVE-2023-42935 | An authentication issue was addressed with improved state management. This issue is fixed in macOS V... | | |
| CVE-2023-42936 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in ma... | | |
| CVE-2023-42937 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2023-42938 | A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.13.1 for Windows.... | | |
| CVE-2023-42939 | A logic issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1. A... | | |
| CVE-2023-42940 | A session rendering issue was addressed with improved session tracking. This issue is fixed in macOS... | | |
| CVE-2023-42941 | The issue was addressed with improved checks. This issue is fixed in iOS 17.2 and iPadOS 17.2. An at... | | |
| CVE-2023-42942 | This issue was addressed with improved handling of symlinks. This issue is fixed in watchOS 10.1, ma... | | |
| CVE-2023-42943 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fi... | | |
| CVE-2023-42945 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma ... | | |
| CVE-2023-42946 | This issue was addressed with improved redaction of sensitive information. This issue is fixed in tv... | | |
| CVE-2023-42947 | A path handling issue was addressed with improved validation. This issue is fixed in macOS Monterey ... | | |
| CVE-2023-42948 | This issue was addressed through improved state management. This issue is fixed in macOS Sonoma 14. ... | | |
| CVE-2023-42949 | This issue was addressed with improved data protection. This issue is fixed in iOS 17 and iPadOS 17,... | | |
| CVE-2023-42950 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari ... | | |
| CVE-2023-42951 | The issue was addressed with improved handling of caches. This issue is fixed in iOS 17.1 and iPadOS... | | |
| CVE-2023-42952 | The issue was addressed with improved checks. This issue is fixed in iOS 17.1 and iPadOS 17.1, macOS... | | |
| CVE-2023-42953 | A permissions issue was addressed with additional restrictions. This issue is fixed in tvOS 17.1, wa... | | |
| CVE-2023-42954 | A privilege escalation issue existed in FileMaker Server, potentially exposing sensitive information... | | |
| CVE-2023-42955 | Claris International has successfully resolved an issue of potentially exposing password information... | | |
| CVE-2023-42956 | The issue was addressed with improved memory handling. This issue is fixed in Safari 17.2, iOS 17.2 ... | | |
| CVE-2023-42957 | A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iP... | | |
| CVE-2023-42958 | A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura... | | |
| CVE-2023-42959 | A race condition was addressed with improved state handling. This issue is fixed in macOS Sonoma 14.... | | |
| CVE-2023-42961 | A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPad... | | |
| CVE-2023-42962 | This issue was addressed with improved checks This issue is fixed in iOS 17.2 and iPadOS 17.2, iOS 1... | | |
| CVE-2023-42969 | An app may be able to break out of its sandbox. This issue is fixed in iOS 17 and iPadOS 17, iOS 16.... | | |
| CVE-2023-42970 | A use-after-free issue was addressed with improved memory management. This issue is fixed in iOS 17 ... | | |
| CVE-2023-42973 | Private Browsing tabs may be accessed without authentication. This issue is fixed in iOS 17 and iPad... | | |
| CVE-2023-42974 | A race condition was addressed with improved state handling. This issue is fixed in macOS Monterey 1... | | |
| CVE-2023-42977 | A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and iPad... | | |
| CVE-2023-42981 | Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issu... | | |
| CVE-2023-42982 | Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issu... | | |
| CVE-2023-42983 | Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issu... | |