Total
679 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-41120 | 1 Enterprisedb | 1 Postgres Advanced Server | 2024-11-21 | 6.5 Medium |
| An issue was discovered in EnterpriseDB Postgres Advanced Server (EPAS) before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It permits an authenticated user to use DBMS_PROFILER to remove all accumulated profiling data on a system-wide basis, regardless of that user's permissions. | ||||
| CVE-2023-40788 | 1 Bladex | 1 Springblade | 2024-11-21 | 5.3 Medium |
| SpringBlade <=V3.6.0 is vulnerable to Incorrect Access Control due to incorrect configuration in the default gateway resulting in unauthorized access to error logs | ||||
| CVE-2023-3670 | 1 Codesys | 2 Development System, Scripting | 2024-11-21 | 7.3 High |
| In CODESYS Development System 3.5.9.0 to 3.5.17.0 and CODESYS Scripting 4.0.0.0 to 4.1.0.0 unsafe directory permissions would allow an attacker with local access to the workstation to place potentially harmful and disguised scripts that could be executed by legitimate users. | ||||
| CVE-2023-3455 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.1 Critical |
| Key management vulnerability on system. Successful exploitation of this vulnerability may affect service availability and integrity. | ||||
| CVE-2023-3299 | 1 Hashicorp | 1 Nomad | 2024-11-21 | 3.4 Low |
| HashiCorp Nomad Enterprise 1.2.11 up to 1.5.6, and 1.4.10 ACL policies using a block without a label generates unexpected results. Fixed in 1.6.0, 1.5.7, and 1.4.11. | ||||
| CVE-2023-3270 | 2 Sick, Sick Ag | 3 Icr890-4, Icr890-4 Firmware, Icr890-4 | 2024-11-21 | 8.6 High |
| Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system. | ||||
| CVE-2023-39974 | 1 Acymailing | 1 Acymailing | 2024-11-21 | 5.3 Medium |
| Exposure of Sensitive Information vulnerability in AcyMailing Enterprise component for Joomla. It allows unauthorized actors to get the number of subscribers in a specific list. | ||||
| CVE-2023-39383 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| Vulnerability of input parameters being not strictly verified in the AMS module. Successful exploitation of this vulnerability may compromise apps' data security. | ||||
| CVE-2023-39250 | 1 Dell | 3 Replay Manager For Vmware, Storage Integration Tools For Vmware, Storage Vsphere Client Plugin | 2024-11-21 | 7.8 High |
| Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. | ||||
| CVE-2023-39214 | 1 Zoom | 3 Meeting Software Development Kit, Rooms, Zoom | 2024-11-21 | 7.6 High |
| Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. | ||||
| CVE-2023-39155 | 1 Jenkins | 1 Chef Identity | 2024-11-21 | 5.3 Medium |
| Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it. | ||||
| CVE-2023-39058 | 1 The B Members Card Project | 1 The B Members Card | 2024-11-21 | 6.5 Medium |
| An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39056 | 1 Coffee-jumbo Project | 1 Coffee-jumbo | 2024-11-21 | 6.5 Medium |
| An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39049 | 1 Youmart-tokunaga Project | 1 Youmart-tokunaga | 2024-11-21 | 6.5 Medium |
| An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39046 | 1 Tonton-tei Waiting Project | 1 Tonton-tei Waiting | 2024-11-21 | 6.5 Medium |
| An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39043 | 1 Ykc | 1 Tokushima Awayokocho | 2024-11-21 | 6.5 Medium |
| An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39040 | 1 Cheese Cafe Line Project | 1 Cheese Cafe Line | 2024-11-21 | 6.5 Medium |
| An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39039 | 1 Camp Style Project Line Project | 1 Camp Style Project Line | 2024-11-21 | 6.5 Medium |
| An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-38955 | 1 Zkteco | 1 Bioaccess Ivs | 2024-11-21 | 7.5 High |
| ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names. | ||||
| CVE-2023-38830 | 1 Phpjabbers | 1 Yacht Listing Script | 2024-11-21 | 7.5 High |
| An information leak in PHPJabbers Yacht Listing Script v1.0 allows attackers to export clients' credit card numbers from the Reservations module. | ||||