CVEs from 2023
Total
6,441
critical
critical 221
high
high 1,481
medium
medium 1,383
low
low 30
% Critical
3.4%
% with KEV
2.5%
% with exploit
3.3%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- registrationmagic 6
- codeready_linux_builder_for_ibm_z_systems_eus 6
- cbot_panel 6
- codeready_linux_builder_eus 6
- openstack_platform 6
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-33162 | medium | 5.5 | 5.5 | 3y ago | Microsoft Excel Information Disclosure Vulnerability | |||
| CVE-2023-36617 | medium | — | 5.5 | 3y ago | RHSA-2024:4499: ruby security update (Moderate) | |||
| CVE-2023-26604 | medium | — | 5.5 | 3y ago | RHSA-2023:3837: systemd security and bug fix update (Moderate) | |||
| CVE-2023-2454 | medium | — | 5.5 | 3y ago | RHSA-2023:5269: postgresql:15 security update (Moderate) | |||
| CVE-2023-2700 | medium | — | 5.5 | 3y ago | RHSA-2023:3822: virt:rhel and virt-devel:rhel security and bug fix update (Moderate) | |||
| CVE-2023-0465 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-0466 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-1255 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-2650 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-0795 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-0800 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-0801 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-0799 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-0464 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-0802 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-0803 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-28466 | medium | — | 5.5 | 3y ago | RHSA-2023:3847: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-0796 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-0797 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-0798 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-2455 | medium | — | 5.5 | 3y ago | RHSA-2023:5269: postgresql:15 security update (Moderate) | |||
| CVE-2023-0804 | medium | — | 5.5 | 3y ago | RHSA-2023:5353: libtiff security update (Moderate) | |||
| CVE-2023-31130 | medium | — | 5.5 | 3y ago | RHSA-2023:7207: c-ares security update (Moderate) | |||
| CVE-2023-24538 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24539 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-29400 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24540 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24536 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24534 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-24537 | medium | — | 5.5 | 3y ago | RHSA-2023:6939: container-tools:rhel8 security and bug fix update (Moderate) | |||
| CVE-2023-25563 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-25567 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-25565 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-25564 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-25566 | medium | — | 5.5 | 3y ago | RHSA-2023:3097: gssntlmssp security update (Moderate) | |||
| CVE-2023-0664 | medium | — | 5.5 | 3y ago | A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their p… | |||
| CVE-2023-30775 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-1018 | medium | — | 5.5 | 3y ago | RHSA-2023:2757: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-23009 | medium | — | 5.5 | 3y ago | RHSA-2023:3095: libreswan security and bug fix update (Moderate) | |||
| CVE-2023-23936 | medium | — | 5.5 | 3y ago | RHSA-2023:1583: nodejs:18 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-24807 | medium | — | 5.5 | 3y ago | RHSA-2023:1583: nodejs:18 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-30086 | medium | — | 5.5 | 3y ago | Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. | |||
| CVE-2023-23919 | medium | — | 5.5 | 3y ago | RHSA-2023:1583: nodejs:18 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-1017 | medium | — | 5.5 | 3y ago | Moderate: libtpms security update | |||
| CVE-2023-30774 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-27535 | medium | — | 5.5 | 3y ago | RHSA-2023:3106: curl security and bug fix update (Moderate) | |||
| CVE-2023-52340 | medium | — | 5.5 | 3y ago | RHSA-2024:3138: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-23916 | medium | — | 5.5 | 3y ago | RHSA-2023:1140: curl security update (Moderate) | |||
| CVE-2023-0056 | medium | — | 5.5 | 3y ago | Moderate: haproxy security update | |||
| CVE-2023-25725 | medium | — | 5.5 | 3y ago | Moderate: haproxy security update | |||
| CVE-2023-1393 | medium | — | 5.5 | 3y ago | RHSA-2023:6917: xorg-x11-server-Xwayland security and bug fix update (Moderate) | |||
| CVE-2023-28756 | medium | — | 5.5 | 3y ago | RHSA-2024:3500: ruby:3.0 security update (Moderate) | |||
| CVE-2023-28755 | medium | — | 5.5 | 3y ago | RHSA-2024:4499: ruby security update (Moderate) | |||
| CVE-2023-0778 | medium | — | 5.5 | 3y ago | RHSA-2023:2802: container-tools:4.0 security and bug fix update (Moderate) | |||
| CVE-2023-23391 | medium | 5.5 | 5.5 | 3y ago | Office for Android Spoofing Vulnerability | |||
| CVE-2023-27539 | medium | — | 5.5 | 3y ago | RHSA-2023:3082: pcs security and bug fix update (Moderate) | |||
| CVE-2023-0361 | medium | — | 5.5 | 3y ago | RHSA-2023:1569: gnutls security and bug fix update (Moderate) | |||
| CVE-2023-27530 | medium | — | 5.5 | 3y ago | RHSA-2023:3082: pcs security and bug fix update (Moderate) | |||
| CVE-2023-0216 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-0494 | medium | — | 5.5 | 3y ago | RHSA-2023:2806: xorg-x11-server security and bug fix update (Moderate) | |||
| CVE-2023-0217 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-0401 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |||
| CVE-2023-21843 | medium | — | 5.5 | 3y ago | RHSA-2023:0208: java-1.8.0-openjdk security and bug fix update (Moderate) | |||
| CVE-2023-21538 | medium | — | 5.5 | 3y ago | RHSA-2023:0079: .NET 6.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-28410 | medium | — | 5.5 | 4y ago | Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially en… | |||
| CVE-2023-2008 | medium | — | 5.5 | 4y ago | A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can re… | |||
| CVE-2023-4387 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-53181 | medium | — | 5.5 | 4y ago | RHSA-2022:7683: kernel security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-30441 | medium | — | 5.5 | 4y ago | RHSA-2022:6735: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2023-21950 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-21872 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-21866 | medium | — | 5.5 | 4y ago | RHSA-2022:7119: mysql:8.0 security, bug fix, and enhancement update (Moderate) | |||
| CVE-2023-30059 | medium | 5.4 | 5.4 | 18d ago | An insecure direct object reference in MK-Auth 23.01K4.9 allows attackers to access and send support calls for other users via manipulation of the chamado parameter through a crafted GET request. | |||
| CVE-2023-32238 | medium | 5.4 | 5.4 | 5mo ago | Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects TheGem (Elementor): from n/a before 5.8.1.1; TheGem (WPBakery): from n/a before 5.8.1.1. | |||
| CVE-2023-25445 | medium | 5.4 | 5.4 | 5mo ago | Missing Authorization vulnerability in HappyFiles HappyFiles Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a through 1.8.1. | |||
| CVE-2023-23729 | medium | 5.4 | 5.4 | 6mo ago | Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0. | |||
| CVE-2023-32240 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1. | |||
| CVE-2023-47661 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in Dragfy Dragfy Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dragfy Addons for Elementor: from … | |||
| CVE-2023-47225 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in KaizenCoders Short URL shorten-url allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Short URL: from n/a through <= 1.6… | |||
| CVE-2023-47187 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words css3-rotating-words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rota… | |||
| CVE-2023-46633 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2. | |||
| CVE-2023-46616 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15. | |||
| CVE-2023-46607 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in WP iCal Availability WP iCal Availability allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP iCal Availability: from … | |||
| CVE-2023-46079 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through 1.2.9. | |||
| CVE-2023-45828 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe… | |||
| CVE-2023-45636 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPr… | |||
| CVE-2023-45631 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Image Gal… | |||
| CVE-2023-45045 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in krozero WP Custom Widget area wp-custom-widget-area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget … | |||
| CVE-2023-44142 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: f… | |||
| CVE-2023-41857 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in ClickToTweet.com Click To Tweet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Click To Tweet: from n/a through 2.0.… | |||
| CVE-2023-41688 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFol… | |||
| CVE-2023-41683 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Pechenki TelSender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TelSender: from n/a through 1.14.11. | |||
| CVE-2023-41671 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in tychesoftwares Abandoned Cart Lite for WooCommerce woocommerce-abandoned-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue… | |||
| CVE-2023-40678 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Andrew Fiebert Simple URLs simple-urls allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple URLs: from n/a through … | |||
| CVE-2023-40011 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in StylemixThemes Cost Calculator Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator Builder: from … | |||
| CVE-2023-38483 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Dylan Blokhuis Instant CSS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Instant CSS: from n/a through 1.1.4. | |||
| CVE-2023-38383 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in OnTheGoSystems Language allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Language: from n/a through 1.2.1. | |||
| CVE-2023-37989 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Easyship Easyship WooCommerce Shipping Rates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easyship WooCommerce Shi… | |||
| CVE-2023-36680 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Iulia Cazan Image Regenerate & Select Crop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Regenerate & Select … | |||
| CVE-2023-36526 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Inqsys Technology Duplicate Post Page Menu & Custom Post Type allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Duplica… |