Search Results (366572 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-23548 1 Checkmk 1 Checkmk 2024-11-21 5.4 Medium
Reflected XSS in business intelligence in Checkmk <2.2.0p8, <2.1.0p32, <2.0.0p38, <=1.6.0p30.
CVE-2023-23547 1 Milesight 2 Ur32l, Ur32l Firmware 2024-11-21 6.5 Medium
A directory traversal vulnerability exists in the luci2-io file-export mib functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to arbitrary file read. An attacker can send a network request to trigger this vulnerability.
CVE-2023-23546 1 Milesight 2 Ur32l, Ur32l Firmware 2024-11-21 4.2 Medium
A misconfiguration vulnerability exists in the urvpn_client functionality of Milesight UR32L v32.3.0.5. A specially-crafted man-in-the-middle attack can lead to increased privileges. An attacker can perform a man-in-the-middle attack to trigger this vulnerability.
CVE-2023-23528 1 Apple 3 Ipados, Iphone Os, Tvos 2024-11-21 6.5 Medium
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory.
CVE-2023-23513 1 Apple 1 Macos 2024-11-21 9.8 Critical
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7.3, macOS Ventura 13.2, macOS Monterey 12.6.3. Mounting a maliciously crafted Samba network share may lead to arbitrary code execution.
CVE-2023-23476 1 Ibm 2 Robotic Process Automation, Robotic Process Automation For Cloud Pak 2024-11-21 3.1 Low
IBM Robotic Process Automation 21.0.0 through 21.0.7.latest is vulnerable to unauthorized access to data due to insufficient authorization validation on some API routes. IBM X-Force ID: 245425.
CVE-2023-23473 1 Ibm 1 Infosphere Information Server 2024-11-21 5.3 Medium
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400.
CVE-2023-23468 2 Ibm, Redhat 2 Robotic Process Automation, Openshift 2024-11-21 5.1 Medium
IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500.
CVE-2023-23441 1 Hihonor 1 Magic Ui 2024-11-21 6 Medium
Some Honor products are affected by out of bounds read vulnerability, successful exploitation could cause information leak.
CVE-2023-23440 1 Hihonor 2 Lge-an00, Lge-an00 Firmware 2024-11-21 3.3 Low
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
CVE-2023-23439 1 Hihonor 2 Lge-an00, Lge-an00 Firmware 2024-11-21 4 Medium
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
CVE-2023-23438 1 Hihonor 2 Lge-an00, Lge-an00 Firmware 2024-11-21 4 Medium
Some Honor products are affected by incorrect privilege assignment vulnerability, successful exploitation could cause device service exceptions
CVE-2023-23437 1 Hihonor 1 Vmall 2024-11-21 3.3 Low
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak
CVE-2023-23434 1 Hihonor 1 Honorboardapp 2024-11-21 4 Medium
Some Honor products are affected by information leak vulnerability, successful exploitation could cause the information leak.
CVE-2023-23433 1 Hihonor 2 Nth-an00, Nth-an00 Firmware 2024-11-21 4 Medium
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.
CVE-2023-23431 1 Hihonor 2 Nth-an00, Nth-an00 Firmware 2024-11-21 7.3 High
Some Honor products are affected by signature management vulnerability, successful exploitation could cause the forged system file overwrite the correct system file.
CVE-2023-23426 1 Hihonor 2 Fri-an00, Fri-an00 Firmware 2024-11-21 6.6 Medium
Some Honor products are affected by file writing vulnerability, successful exploitation could cause information disclosure.
CVE-2023-23373 1 Qnap 1 Qusbcam2 2024-11-21 8.8 High
An OS command injection vulnerability has been reported to affect QUSBCam2. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: QUSBCam2 2.0.3 ( 2023/06/15 ) and later
CVE-2023-23372 1 Qnap 2 Qts, Quts Hero 2024-11-21 6.5 Medium
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h4.5.4.2476 build 20230728 and later
CVE-2023-23371 1 Qnap 1 Qvpn 2024-11-21 5.2 Medium
A cleartext transmission of sensitive information vulnerability has been reported to affect QVPN Device Client. If exploited, the vulnerability could allow local authenticated administrators to read sensitive data via unspecified vectors. We have already fixed the vulnerability in the following version: QVPN Windows 2.2.0.0823 and later