CVEs from 2023
Total
6,478
critical
critical 223
high
high 1,549
medium
medium 1,298
low
low 28
% Critical
3.4%
% with KEV
2.5%
% with exploit
3.0%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- registrationmagic 6
- codeready_linux_builder_for_ibm_z_systems_eus 6
- cbot_panel 6
- codeready_linux_builder_eus 6
- openstack_platform 6
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-5367 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server-Xwayland security update | |||
| CVE-2023-6377 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server-Xwayland security update | |||
| CVE-2023-6478 | medium | — | 5.5 | 2y ago | Moderate: xorg-x11-server-Xwayland security update | |||
| CVE-2023-40660 | medium | — | 5.5 | 3y ago | Moderate: opensc security update | |||
| CVE-2023-4535 | medium | — | 5.5 | 3y ago | Moderate: opensc security update | |||
| CVE-2023-40661 | medium | — | 5.5 | 3y ago | Moderate: opensc security update | |||
| CVE-2023-51384 | medium | 5.5 | 5.5 | 3y ago | In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS#11-hosted private keys, these const… | |||
| CVE-2023-36009 | medium | 5.5 | 5.5 | 3y ago | Microsoft Word Information Disclosure Vulnerability | |||
| CVE-2023-43804 | medium | — | 5.5 | 3y ago | Moderate: fence-agents security update | |||
| CVE-2023-39615 | medium | — | 5.5 | 3y ago | Moderate: libxml2 security update | |||
| CVE-2023-6460 | medium | 5.5 | 5.5 | 3y ago | Logging of the firestore key within nodejs-firestore | |||
| CVE-2023-44357 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attac… | |||
| CVE-2023-44348 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attac… | |||
| CVE-2023-44360 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attac… | |||
| CVE-2023-44361 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker c… | |||
| CVE-2023-44358 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attac… | |||
| CVE-2023-44339 | medium | 5.5 | 5.5 | 3y ago | Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attac… | |||
| CVE-2023-36049 | medium | — | 5.5 | 3y ago | Moderate: dotnet6.0 security update | |||
| CVE-2023-36558 | medium | — | 5.5 | 3y ago | Moderate: dotnet6.0 security update | |||
| CVE-2023-3301 | medium | — | 5.5 | 3y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |||
| CVE-2023-4042 | medium | — | 5.5 | 3y ago | A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as s… | |||
| CVE-2023-39321 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security update | |||
| CVE-2023-28642 | medium | — | 5.5 | 3y ago | Moderate: container-tools:rhel8 security and bug fix update | |||
| CVE-2023-28100 | medium | — | 5.5 | 3y ago | Moderate: flatpak security, bug fix, and enhancement update | |||
| CVE-2023-39322 | medium | — | 5.5 | 3y ago | Moderate: git-lfs security update | |||
| CVE-2023-3316 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-1786 | medium | — | 5.5 | 3y ago | Moderate: cloud-init security, bug fix, and enhancement update | |||
| CVE-2023-26966 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-34967 | medium | — | 5.5 | 3y ago | Moderate: samba security, bug fix, and enhancement update | |||
| CVE-2023-2731 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-31484 | medium | — | 5.5 | 3y ago | Moderate: perl-CPAN security update | |||
| CVE-2023-28879 | medium | — | 5.5 | 3y ago | In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, T… | |||
| CVE-2023-28101 | medium | — | 5.5 | 3y ago | Moderate: flatpak security, bug fix, and enhancement update | |||
| CVE-2023-28625 | medium | — | 5.5 | 3y ago | Moderate: mod_auth_openidc:2.3 security and bug fix update | |||
| CVE-2023-0836 | medium | — | 5.5 | 3y ago | Moderate: haproxy security and bug fix update | |||
| CVE-2023-34966 | medium | — | 5.5 | 3y ago | Moderate: samba security, bug fix, and enhancement update | |||
| CVE-2023-42669 | medium | — | 5.5 | 3y ago | Moderate: samba security update | |||
| CVE-2023-4091 | medium | — | 5.5 | 3y ago | Moderate: samba security update | |||
| CVE-2023-33460 | medium | — | 5.5 | 3y ago | Moderate: yajl security update | |||
| CVE-2023-26965 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-38710 | medium | — | 5.5 | 3y ago | An issue was discovered in Libreswan before 4.12. When an IKEv2 Child SA REKEY packet contains an invalid IPsec protocol ID number of 0 or 1, an error notify INVALID_SPI is sent back. The notify payl… | |||
| CVE-2023-38711 | medium | — | 5.5 | 3y ago | An issue was discovered in Libreswan before 4.12. When an IKEv1 Quick Mode connection configured with ID_IPV4_ADDR or ID_IPV6_ADDR receives an IDcr payload with ID_FQDN, a NULL pointer dereference ca… | |||
| CVE-2023-38712 | medium | — | 5.5 | 3y ago | An issue was discovered in Libreswan 3.x and 4.x before 4.12. When an IKEv1 ISAKMP SA Informational Exchange packet contains a Delete/Notify payload followed by further Notifies that act on the ISAKM… | |||
| CVE-2023-1183 | medium | — | 5.5 | 3y ago | A flaw was found in the Libreoffice package. An attacker can craft an odb containing a "database/script" file with a SCRIPT command where the contents of the file could be written to a new file whose… | |||
| CVE-2023-28450 | medium | — | 5.5 | 3y ago | Moderate: dnsmasq security and bug fix update | |||
| CVE-2023-31486 | medium | — | 5.5 | 3y ago | Moderate: perl-HTTP-Tiny security update | |||
| CVE-2023-3576 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |||
| CVE-2023-2856 | medium | — | 5.5 | 3y ago | Moderate: wireshark security update | |||
| CVE-2023-25809 | medium | — | 5.5 | 3y ago | Moderate: container-tools:4.0 security and bug fix update | |||
| CVE-2023-2952 | medium | — | 5.5 | 3y ago | Moderate: wireshark security update | |||
| CVE-2023-41105 | medium | — | 5.5 | 3y ago | Moderate: python3.11 security update | |||
| CVE-2023-0950 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2023-27561 | medium | — | 5.5 | 3y ago | Moderate: container-tools:4.0 security and bug fix update | |||
| CVE-2023-28370 | medium | — | 5.5 | 3y ago | Open redirect vulnerability in Tornado versions 6.3.1 and earlier allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having user acc… | |||
| CVE-2023-27371 | medium | — | 5.5 | 3y ago | Moderate: libmicrohttpd security update | |||
| CVE-2023-27536 | medium | — | 5.5 | 3y ago | Moderate: curl security update | |||
| CVE-2023-27534 | medium | — | 5.5 | 3y ago | Moderate: curl security update | |||
| CVE-2023-27533 | medium | — | 5.5 | 3y ago | Moderate: curl security update | |||
| CVE-2023-34968 | medium | — | 5.5 | 3y ago | Moderate: samba security, bug fix, and enhancement update | |||
| CVE-2023-2283 | medium | — | 5.5 | 3y ago | Moderate: libssh security update | |||
| CVE-2023-1667 | medium | — | 5.5 | 3y ago | Moderate: libssh security update | |||
| CVE-2023-34241 | medium | — | 5.5 | 3y ago | Moderate: cups security and bug fix update | |||
| CVE-2023-1981 | medium | — | 5.5 | 3y ago | Moderate: avahi security update | |||
| CVE-2023-32324 | medium | — | 5.5 | 3y ago | Moderate: cups security and bug fix update | |||
| CVE-2023-39976 | medium | — | 5.5 | 3y ago | Moderate: libqb security update | |||
| CVE-2023-28709 | medium | — | 5.5 | 3y ago | Moderate: tomcat security and bug fix update | |||
| CVE-2023-24998 | medium | — | 5.5 | 3y ago | Moderate: tomcat security and bug fix update | |||
| CVE-2023-28708 | medium | — | 5.5 | 3y ago | Moderate: tomcat security and bug fix update | |||
| CVE-2023-38559 | medium | — | 5.5 | 3y ago | A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file f… | |||
| CVE-2023-2255 | medium | — | 5.5 | 3y ago | Moderate: libreoffice security update | |||
| CVE-2023-23931 | medium | — | 5.5 | 3y ago | Moderate: python39:3.9 and python39-devel:3.9 security update | |||
| CVE-2023-2680 | medium | — | 5.5 | 3y ago | Moderate: qemu-kvm security, bug fix, and enhancement update | |||
| CVE-2023-3138 | medium | — | 5.5 | 3y ago | Moderate: libX11 security update | |||
| CVE-2023-35789 | medium | — | 5.5 | 3y ago | Moderate: librabbitmq security update | |||
| CVE-2023-2858 | medium | — | 5.5 | 3y ago | Moderate: wireshark security update | |||
| CVE-2023-3978 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |||
| CVE-2023-0668 | medium | — | 5.5 | 3y ago | Moderate: wireshark security update | |||
| CVE-2023-2855 | medium | — | 5.5 | 3y ago | Moderate: wireshark security update | |||
| CVE-2023-33285 | medium | — | 5.5 | 3y ago | Moderate: qt5 security and bug fix update | |||
| CVE-2023-32573 | medium | — | 5.5 | 3y ago | Moderate: qt5 security and bug fix update | |||
| CVE-2023-34410 | medium | — | 5.5 | 3y ago | Moderate: qt5 security and bug fix update | |||
| CVE-2023-1672 | medium | — | 5.5 | 3y ago | Moderate: tang security update | |||
| CVE-2023-37369 | medium | — | 5.5 | 3y ago | Moderate: qt5 security and bug fix update | |||
| CVE-2023-38197 | medium | — | 5.5 | 3y ago | Moderate: qt5 security and bug fix update | |||
| CVE-2023-26767 | medium | — | 5.5 | 3y ago | Moderate: liblouis security update | |||
| CVE-2023-3750 | medium | — | 5.5 | 3y ago | Moderate: libvirt security, bug fix, and enhancement update | |||
| CVE-2023-26768 | medium | — | 5.5 | 3y ago | Moderate: liblouis security update | |||
| CVE-2023-33204 | medium | — | 5.5 | 3y ago | Moderate: sysstat security and bug fix update | |||
| CVE-2023-26769 | medium | — | 5.5 | 3y ago | Moderate: liblouis security update | |||
| CVE-2023-27522 | medium | — | 5.5 | 3y ago | Moderate: httpd and mod_http2 security, bug fix, and enhancement update | |||
| CVE-2023-25173 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |||
| CVE-2023-0666 | medium | — | 5.5 | 3y ago | Moderate: wireshark security update | |||
| CVE-2023-39319 | medium | — | 5.5 | 3y ago | Moderate: podman security update | |||
| CVE-2023-39318 | medium | — | 5.5 | 3y ago | Moderate: podman security update | |||
| CVE-2023-3961 | medium | — | 5.5 | 3y ago | Moderate: samba security update | |||
| CVE-2023-39975 | medium | — | 5.5 | 3y ago | Moderate: krb5 security and bug fix update | |||
| CVE-2023-29491 | medium | — | 5.5 | 3y ago | Moderate: ncurses security and bug fix update | |||
| CVE-2023-36054 | medium | — | 5.5 | 3y ago | Moderate: krb5 security and bug fix update | |||
| CVE-2023-27538 | medium | — | 5.5 | 3y ago | Moderate: curl security update | |||
| CVE-2023-44271 | medium | — | 5.5 | 3y ago | Moderate: python-pillow security update |