2023 CVE Vulnerabilities
31,213 CVEs published in 2023.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2023-4624 | LOW | 2.4 | 0.5% | Aug 30, 2023 | Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08. |
| CVE-2023-0654 | LOW | 3.7 | 0.2% | Aug 29, 2023 | Due to a misconfiguration, the WARP Mobile Client (< 6.29) for Android was susceptible to a tapjacking attack. In the ev... |
| CVE-2023-38158 | LOW | 3.1 | 1.2% | Aug 21, 2023 | Microsoft Edge (Chromium-based) Information Disclosure Vulnerability |
| CVE-2023-39061 | LOW | 3.5 | 0.3% | Aug 21, 2023 | Cross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privilege... |
| CVE-2023-25647 | LOW | 3.3 | 0.2% | Aug 17, 2023 | There is a permission and access control vulnerability in some ZTE mobile phones. Due to improper access control, app... |
| CVE-2023-32453 | LOW | 3.9 | 0.2% | Aug 16, 2023 | Dell BIOS contains an improper authentication vulnerability. A malicious user with physical access to the system may po... |
| CVE-2023-39843 | LOW | 2.4 | 0.1% | Aug 15, 2023 | Missing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via bri... |
| CVE-2023-39842 | LOW | 2.4 | 0.1% | Aug 15, 2023 | Missing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned ... |
| CVE-2023-21278 | LOW | 3.3 | 0.1% | Aug 14, 2023 | In multiple locations, there is a possible way to obscure the microphone privacy indicator due to a logic error in the c... |
| CVE-2023-21232 | LOW | 3.3 | 0.1% | Aug 14, 2023 | In multiple locations, there is a possible way to retrieve sensor data without permissions due to a permissions bypass. ... |
| CVE-2023-4304 | LOW | 2.7 | 0.5% | Aug 11, 2023 | Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0. |
| CVE-2023-30700 | LOW | 3.3 | 0.1% | Aug 10, 2023 | PendingIntent hijacking vulnerability in SemWifiApTimeOutImpl in framework prior to SMR Aug-2023 Release 1 allows local ... |
| CVE-2023-30685 | LOW | 3.3 | 0.1% | Aug 10, 2023 | Improper access control vulnerability in Telecom prior to SMR Aug-2023 Release 1 allows local attakcers to change TTY mo... |
| CVE-2023-30684 | LOW | 3.3 | 0.1% | Aug 10, 2023 | Improper access control in Samsung Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call acceptRingingC... |
| CVE-2023-30683 | LOW | 3.3 | 0.1% | Aug 10, 2023 | Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call endCall API without pe... |
| CVE-2023-30682 | LOW | 3.3 | 0.1% | Aug 10, 2023 | Improper access control in Telecom prior to SMR Aug-2023 Release 1 allows local attackers to call silenceRinger API with... |
| CVE-2023-39341 | LOW | 3.3 | 0.3% | Aug 9, 2023 | "FFRI yarai", "FFRI yarai Home and Business Edition" and their OEM products handle exceptional conditions improperly, wh... |
| CVE-2023-39342 | LOW | 3.6 | 0.2% | Aug 8, 2023 | Dangerzone is software for converting potentially dangerous PDFs, office documents, or images to safe PDFs. The Dangerzo... |
| CVE-2023-39978 | LOW | 3.3 | 0.3% | Aug 8, 2023 | ImageMagick before 6.9.12-91 allows attackers to cause a denial of service (memory consumption) in Magick::Draw. |
| CVE-2023-38700 | LOW | 3.7 | 0.5% | Aug 4, 2023 | matrix-appservice-irc is a Node.js IRC bridge for Matrix. Prior to version 1.0.1, it was possible to craft an event such... |
| CVE-2023-3669 | LOW | 3.3 | 0.1% | Aug 3, 2023 | A missing Brute-Force protection in CODESYS Development System prior to 3.5.19.20 allows a local attacker to have unlimi... |
| CVE-2023-26979 | LOW | 3.1 | 0.2% | Aug 3, 2023 | Bluetens Electrostimulation Device BluetensQ device app version 4.3.15 is vulnerable to Man-in-the-middle attacks in the... |
| CVE-2023-26442 | LOW | 3.2 | 0.3% | Aug 2, 2023 | In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP redirects issued by th... |
| CVE-2023-26438 | LOW | 3.1 | 0.5% | Aug 2, 2023 | External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, inv... |
| CVE-2023-4016 | LOW | 3.3 | 0.2% | Aug 2, 2023 | Under some circumstances, this weakness allows a user who has access to run the “ps” utility on a machine, the ability t... |
Check if your code is affected by 2023 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now