2023 CVE Vulnerabilities
31,213 CVEs published in 2023.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2023-48226 | LOW | 3.5 | 0.8% | Nov 21, 2023 | OpenReplay is a self-hosted session replay suite. In version 1.14.0, due to lack of validation Name field - Account Sett... |
| CVE-2023-47072 | LOW | 3.3 | 0.4% | Nov 17, 2023 | Adobe After Effects version 24.0.2 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Point... |
| CVE-2023-47060 | LOW | 3.3 | 0.3% | Nov 16, 2023 | Adobe Premiere Pro version 24.0 (and earlier) and 23.6 (and earlier) are affected by an Access of Uninitialized Pointer ... |
| CVE-2023-30954 | LOW | 3.7 | 0.3% | Nov 15, 2023 | The Gotham video-application-server service contained a race condition which would cause it to not apply certain acls ne... |
| CVE-2023-23549 | LOW | 2.7 | 0.6% | Nov 15, 2023 | Improper Input Validation in Checkmk <2.2.0p15, <2.1.0p37, <=2.0.0p39 allows priviledged attackers to cause partial deni... |
| CVE-2023-46121 | LOW | 3.7 | 0.3% | Nov 15, 2023 | yt-dlp is a youtube-dl fork with additional features and fixes. The Generic Extractor in yt-dlp is vulnerable to an atta... |
| CVE-2023-22329 | LOW | 3.5 | 0.3% | Nov 14, 2023 | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potential... |
| CVE-2023-22313 | LOW | 2.3 | 0.2% | Nov 14, 2023 | Improper buffer restrictions in some Intel(R) QAT Library software before version 22.07.1 may allow a privileged user to... |
| CVE-2023-20519 | LOW | 3.3 | 0.2% | Nov 14, 2023 | A Use-After-Free vulnerability in the management of an SNP guest context page may allow a malicious hypervisor to masque... |
| CVE-2023-45585 | LOW | 3.3 | 0.2% | Nov 14, 2023 | An insertion of sensitive information into log file vulnerability [CWE-532] in FortiSIEM version 7.0.0, version 6.7.6 an... |
| CVE-2023-36016 | LOW | 3.4 | 1.3% | Nov 14, 2023 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability |
| CVE-2023-6109 | LOW | 3.7 | 0.4% | Nov 14, 2023 | The YOP Poll plugin for WordPress is vulnerable to a race condition in all versions up to, and including, 6.5.26. This i... |
| CVE-2023-47614 | LOW | 3.3 | 0.2% | Nov 10, 2023 | A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Telit Cinterion BGS5, Teli... |
| CVE-2023-45816 | LOW | 3.3 | 0.3% | Nov 10, 2023 | Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the `stable` branch and version... |
| CVE-2023-5543 | LOW | 3.3 | 0.2% | Nov 9, 2023 | When duplicating a BigBlueButton activity, the original meeting ID was also duplicated instead of using a new ID for the... |
| CVE-2023-5551 | LOW | 3.3 | 0.3% | Nov 9, 2023 | Separate Groups mode restrictions were not honoured in the forum summary report, which would display users from other gr... |
| CVE-2023-47111 | LOW | 3.7 | 0.5% | Nov 8, 2023 | ZITADEL provides identity infrastructure. ZITADEL provides administrators the possibility to define a `Lockout Policy` w... |
| CVE-2023-26221 | LOW | 3.9 | 0.2% | Nov 8, 2023 | The Spotfire Connectors component of TIBCO Software Inc.'s Spotfire Analyst, Spotfire Server, and Spotfire for AWS Marke... |
| CVE-2023-42552 | LOW | 3.3 | 0.2% | Nov 7, 2023 | Implicit intent hijacking vulnerability in Firewall application prior to versions 12.1.00.24 in Android 11, 13.1.00.16 i... |
| CVE-2023-42542 | LOW | 3.3 | 0.2% | Nov 7, 2023 | Improper access control vulnerability in Samsung Push Service prior to 3.4.10 allows local attackers to get register ID ... |
| CVE-2023-4535 | LOW | 3.8 | 0.5% | Nov 6, 2023 | An out-of-bounds read vulnerability was found in OpenSC packages within the MyEID driver when handling symmetric key enc... |
| CVE-2023-5920 | LOW | 3.3 | 0.2% | Nov 2, 2023 | Mattermost Desktop for MacOS fails to utilize the secure keyboard input functionality provided by macOS, allowing for ot... |
| CVE-2023-37833 | LOW | 2.7 | 0.4% | Oct 31, 2023 | Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits tha... |
| CVE-2023-43295 | LOW | 3.5 | 0.2% | Oct 31, 2023 | Cross Site Request Forgery vulnerability in Click Studios (SA) Pty Ltd Passwordstate v.Build 9785 and before allows a lo... |
| CVE-2023-5862 | LOW | 3.3 | 0.3% | Oct 31, 2023 | Missing Authorization in GitHub repository hamza417/inure prior to Build95. |
Check if your code is affected by 2023 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now