2023 CVE Vulnerabilities
31,213 CVEs published in 2023.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2023-40134 | LOW | 3.3 | 0.1% | Oct 27, 2023 | In isFullScreen of FillUi.java, there is a possible way to view another user's images due to a confused deputy. This cou... |
| CVE-2023-40127 | LOW | 3.3 | 0.2% | Oct 27, 2023 | In multiple locations, there is a possible way to access screenshots due to a confused deputy. This could lead to local ... |
| CVE-2023-42857 | LOW | 3.3 | 0.3% | Oct 25, 2023 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma ... |
| CVE-2023-40405 | LOW | 3.3 | 0.3% | Oct 25, 2023 | A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sonoma ... |
| CVE-2023-5752 | LOW | 3.3 | 0.5% | Oct 25, 2023 | When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Me... |
| CVE-2023-41960 | LOW | 3.3 | 0.2% | Oct 25, 2023 | The vulnerability allows an unprivileged(untrusted) third-party application to interact with a content-provider unsafely... |
| CVE-2023-45809 | LOW | 2.7 | 0.5% | Oct 19, 2023 | Wagtail is an open source content management system built on Django. A user with a limited-permission editor account for... |
| CVE-2023-45145 | LOW | 3.6 | 0.4% | Oct 18, 2023 | Redis is an in-memory database that persists on disk. On startup, Redis begins listening on a Unix socket before adjusti... |
| CVE-2023-38546 | LOW | 3.7 | 6.2% | Oct 18, 2023 | This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of c... |
| CVE-2023-22128 | LOW | 3.1 | 0.3% | Oct 17, 2023 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). Supported versions that are affe... |
| CVE-2023-22113 | LOW | 2.7 | 0.8% | Oct 17, 2023 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions... |
| CVE-2023-22075 | LOW | 2.4 | 0.4% | Oct 17, 2023 | Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected... |
| CVE-2023-22074 | LOW | 2.4 | 0.9% | Oct 17, 2023 | Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected... |
| CVE-2023-22025 | LOW | 3.7 | 0.9% | Oct 17, 2023 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java S... |
| CVE-2023-4089 | LOW | 2.7 | 0.5% | Oct 17, 2023 | On affected Wago products an remote attacker with administrative privileges can access files to which he has already acc... |
| CVE-2023-45659 | LOW | 2.8 | 0.2% | Oct 17, 2023 | Engelsystem is a shift planning system for chaos events. If a users' password is compromised and an attacker gained acc... |
| CVE-2023-45152 | LOW | 2.3 | 0.3% | Oct 17, 2023 | Engelsystem is a shift planning system for chaos events. A Blind SSRF in the "Import schedule" functionality makes it po... |
| CVE-2023-43814 | LOW | 3.7 | 0.3% | Oct 16, 2023 | Discourse is an open source platform for community discussion. Attackers with details specific to a poll in a topic can ... |
| CVE-2023-45147 | LOW | 3.1 | 0.3% | Oct 16, 2023 | Discourse is an open source community platform. In affected versions any user can create a topic and add arbitrary custo... |
| CVE-2023-5449 | LOW | 3.3 | 0.2% | Oct 13, 2023 | A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature wh... |
| CVE-2023-41263 | LOW | 3.7 | 0.4% | Oct 12, 2023 | An issue was discovered in Plixer Scrutinizer before 19.3.1. It exposes debug logs to unauthenticated users at the /debu... |
| CVE-2023-45143 | LOW | 3.5 | 1.2% | Oct 12, 2023 | Undici is an HTTP/1.1 client written from scratch for Node.js. Prior to version 5.26.2, Undici already cleared Authoriza... |
| CVE-2023-37939 | LOW | 3.3 | 0.2% | Oct 10, 2023 | An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClient for Windows 7.2.0, ... |
| CVE-2023-30735 | LOW | 3.3 | 0.1% | Oct 4, 2023 | Improper Preservation of Permissions vulnerability in SAssistant prior to version 8.7 allows local attackers to access b... |
| CVE-2023-30732 | LOW | 3.3 | 0.2% | Oct 4, 2023 | Improper access control in system property prior to SMR Oct-2023 Release 1 allows local attacker to get CPU serial numbe... |
Check if your code is affected by 2023 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now