CVEs from 2023
Total
6,664
critical
critical 222
high
high 1,548
medium
medium 1,277
low
low 23
% Critical
3.3%
% with KEV
2.4%
% with exploit
2.5%
Top vendors
- redhat 120
- microsoft 76
- f5 43
- cisco 26
- automattic 19
- cbot 12
- brainstormforce 11
- gvectors 10
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- openstack_platform 6
- codeready_linux_builder_for_ibm_z_systems_eus 6
- registrationmagic 6
- codeready_linux_builder_eus 6
- cbot_panel 6
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2023-31490 | medium | — | 5.5 | 2y ago | Moderate: frr security update | |
| CVE-2023-41081 | medium | — | 5.5 | 2y ago | Moderate: mod_jk and mod_proxy_cluster security update | |
| CVE-2023-39198 | medium | — | 5.5 | 2y ago | A race condition was found in the QXL driver in the Linux kernel. The qxl_mode_dumb_create() function dereferences the qobj returned by the qxl_gem_object_create_with_handle(), but the handle is the … | |
| CVE-2023-39194 | medium | — | 5.5 | 2y ago | A flaw was found in the XFRM subsystem in the Linux kernel. The specific flaw exists within the processing of state filters, which can result in a read past the end of an allocated buffer. This flaw … | |
| CVE-2023-39193 | medium | — | 5.5 | 2y ago | A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows a local privileged (CAP_NET_ADMIN) attacker to trigger an ou… | |
| CVE-2023-5380 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server security update | |
| CVE-2023-4875 | medium | — | 5.5 | 2y ago | Moderate: mutt security update | |
| CVE-2023-6228 | medium | — | 5.5 | 2y ago | Moderate: libtiff security update | |
| CVE-2023-41360 | medium | — | 5.5 | 2y ago | Moderate: frr security update | |
| CVE-2023-39354 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |
| CVE-2023-31122 | medium | — | 5.5 | 2y ago | Moderate: httpd security update | |
| CVE-2023-40181 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |
| CVE-2023-52144 | medium | 5.5 | 5.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15. | |
| CVE-2023-29483 | medium | — | 5.5 | 2y ago | Moderate: python-dns security update | |
| CVE-2023-50374 | medium | 5.5 | 5.5 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10. | |
| CVE-2023-52425 | medium | — | 5.5 | 2y ago | libexpat through 2.5.0 allows a denial of service (resource consumption) because many full reparsings are required in the case of a large token for which multiple buffer fills are needed. | |
| CVE-2023-4244 | medium | — | 5.5 | 2y ago | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control … | |
| CVE-2023-22079 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22033 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21947 | medium | — | 5.5 | 2y ago | Moderate: mysql:8.0 security update | |
| CVE-2023-22111 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21911 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22058 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22038 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22059 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21972 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21953 | medium | — | 5.5 | 2y ago | Moderate: mysql:8.0 security update | |
| CVE-2023-21955 | medium | — | 5.5 | 2y ago | Moderate: mysql:8.0 security update | |
| CVE-2023-22115 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21940 | medium | — | 5.5 | 2y ago | Moderate: mysql:8.0 security update | |
| CVE-2023-22103 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21962 | medium | — | 5.5 | 2y ago | Moderate: mysql:8.0 security update | |
| CVE-2023-22065 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22110 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21933 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22056 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22070 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22048 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22053 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22066 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22097 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22068 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22112 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22114 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21920 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-39326 | medium | — | 5.5 | 2y ago | Moderate: toolbox security update | |
| CVE-2023-22084 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21929 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21977 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22064 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22007 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21966 | medium | — | 5.5 | 2y ago | Moderate: mysql:8.0 security update | |
| CVE-2023-22057 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21945 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22046 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22005 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-45539 | medium | — | 5.5 | 2y ago | Moderate: haproxy security update | |
| CVE-2023-22104 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21946 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22032 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21982 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22008 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22092 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22113 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21935 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22054 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21976 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-22078 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21980 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-21919 | medium | — | 5.5 | 2y ago | Moderate: mysql security update | |
| CVE-2023-40225 | medium | — | 5.5 | 2y ago | Moderate: haproxy security update | |
| CVE-2023-45285 | medium | — | 5.5 | 2y ago | Moderate: golang security update | |
| CVE-2023-5992 | medium | — | 5.5 | 2y ago | Moderate: opensc security update | |
| CVE-2023-28487 | medium | — | 5.5 | 2y ago | Moderate: sudo security update | |
| CVE-2023-28486 | medium | — | 5.5 | 2y ago | Moderate: sudo security update | |
| CVE-2023-42465 | medium | — | 5.5 | 2y ago | Moderate: sudo security update | |
| CVE-2023-6135 | medium | — | 5.5 | 2y ago | Moderate: nss security update | |
| CVE-2023-6816 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server security update | |
| CVE-2023-5981 | medium | — | 5.5 | 2y ago | Moderate: gnutls security update | |
| CVE-2023-47235 | medium | — | 5.5 | 2y ago | Moderate: frr security update | |
| CVE-2023-4001 | medium | — | 5.5 | 2y ago | Moderate: grub2 security update | |
| CVE-2023-42794 | medium | — | 5.5 | 2y ago | Apache Tomcat Incomplete Cleanup vulnerability | |
| CVE-2023-38406 | medium | — | 5.5 | 2y ago | Moderate: frr security update | |
| CVE-2023-45648 | medium | — | 5.5 | 2y ago | Apache Tomcat Improper Input Validation vulnerability | |
| CVE-2023-41080 | medium | — | 5.5 | 2y ago | Apache Tomcat Open Redirect vulnerability | |
| CVE-2023-7104 | medium | — | 5.5 | 2y ago | Moderate: sqlite security update | |
| CVE-2023-47234 | medium | — | 5.5 | 2y ago | Moderate: frr security update | |
| CVE-2023-38409 | medium | — | 5.5 | 2y ago | An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_… | |
| CVE-2023-38407 | medium | — | 5.5 | 2y ago | Moderate: frr security update | |
| CVE-2023-42795 | medium | — | 5.5 | 2y ago | Apache Tomcat Incomplete Cleanup vulnerability | |
| CVE-2023-45803 | medium | — | 5.5 | 2y ago | Moderate: python-urllib3 security update | |
| CVE-2023-5455 | medium | — | 5.5 | 2y ago | Moderate: idm:DL1 security update | |
| CVE-2023-5367 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server-Xwayland security update | |
| CVE-2023-6478 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server security update | |
| CVE-2023-6377 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server security update | |
| CVE-2023-40660 | medium | — | 5.5 | 3y ago | Moderate: opensc security update | |
| CVE-2023-4535 | medium | — | 5.5 | 3y ago | Moderate: opensc security update | |
| CVE-2023-40661 | medium | — | 5.5 | 3y ago | Moderate: opensc security update | |
| CVE-2023-51384 | medium | 5.5 | 5.5 | 3y ago | In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these const… | |
| CVE-2023-36009 | medium | 5.5 | 5.5 | 3y ago | Microsoft Word Information Disclosure Vulnerability |