CVEs from 2023
Total
6,671
critical
critical 222
high
high 1,565
medium
medium 1,266
low
low 28
% Critical
3.3%
% with KEV
2.4%
% with exploit
2.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- registrationmagic 6
- codeready_linux_builder_for_ibm_z_systems_eus 6
- cbot_panel 6
- codeready_linux_builder_eus 6
- openstack_platform 6
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2023-30581 | medium | — | 5.5 | 3y ago | Moderate: nodejs security, bug fix, and enhancement update | |
| CVE-2023-30589 | medium | — | 5.5 | 3y ago | Moderate: nodejs security, bug fix, and enhancement update | |
| CVE-2023-30590 | medium | — | 5.5 | 3y ago | Moderate: nodejs security, bug fix, and enhancement update | |
| CVE-2023-3347 | medium | — | 5.5 | 3y ago | Moderate: samba security and bug fix update | |
| CVE-2023-30588 | medium | — | 5.5 | 3y ago | Moderate: nodejs security, bug fix, and enhancement update | |
| CVE-2023-22044 | medium | — | 5.5 | 3y ago | Moderate: java-17-openjdk security and bug fix update | |
| CVE-2023-25193 | medium | — | 5.5 | 3y ago | Moderate: harfbuzz security update | |
| CVE-2023-33162 | medium | 5.5 | 5.5 | 3y ago | Microsoft Excel Information Disclosure Vulnerability | |
| CVE-2023-36617 | medium | — | 5.5 | 3y ago | Moderate: ruby:3.1 security, bug fix, and enhancement update | |
| CVE-2023-26604 | medium | — | 5.5 | 3y ago | Moderate: systemd security and bug fix update | |
| CVE-2023-0465 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-0797 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0466 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-2700 | medium | — | 5.5 | 3y ago | Moderate: libvirt security update | |
| CVE-2023-0800 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0464 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-1255 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-2650 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-0795 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0798 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0801 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0803 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0796 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0804 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-2454 | medium | — | 5.5 | 3y ago | Moderate: postgresql:15 security update | |
| CVE-2023-0802 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0799 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-2455 | medium | — | 5.5 | 3y ago | Moderate: postgresql:15 security update | |
| CVE-2023-24540 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |
| CVE-2023-24536 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |
| CVE-2023-24537 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |
| CVE-2023-24534 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |
| CVE-2023-24538 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |
| CVE-2023-24539 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |
| CVE-2023-29400 | medium | — | 5.5 | 3y ago | Moderate: podman security, bug fix, and enhancement update | |
| CVE-2023-25563 | medium | — | 5.5 | 3y ago | Moderate: gssntlmssp security update | |
| CVE-2023-25565 | medium | — | 5.5 | 3y ago | Moderate: gssntlmssp security update | |
| CVE-2023-25564 | medium | — | 5.5 | 3y ago | Moderate: gssntlmssp security update | |
| CVE-2023-25567 | medium | — | 5.5 | 3y ago | Moderate: gssntlmssp security update | |
| CVE-2023-25566 | medium | — | 5.5 | 3y ago | Moderate: gssntlmssp security update | |
| CVE-2023-1018 | medium | — | 5.5 | 3y ago | Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update | |
| CVE-2023-30775 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-52340 | medium | — | 5.5 | 3y ago | The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading to a denial of service (network is unreachable errors) when… | |
| CVE-2023-23009 | medium | — | 5.5 | 3y ago | Moderate: libreswan security update | |
| CVE-2023-30086 | medium | — | 5.5 | 3y ago | Buffer Overflow vulnerability found in Libtiff V.4.0.7 allows a local attacker to cause a denial of service via the tiffcp function in tiffcp.c. | |
| CVE-2023-30774 | medium | — | 5.5 | 3y ago | Moderate: libtiff security update | |
| CVE-2023-0664 | medium | — | 5.5 | 3y ago | A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their p… | |
| CVE-2023-23920 | medium | — | 5.5 | 3y ago | Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | |
| CVE-2023-23918 | medium | — | 5.5 | 3y ago | Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | |
| CVE-2023-23936 | medium | — | 5.5 | 3y ago | Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | |
| CVE-2023-23919 | medium | — | 5.5 | 3y ago | Moderate: nodejs:18 security, bug fix, and enhancement update | |
| CVE-2023-27535 | medium | — | 5.5 | 3y ago | Moderate: curl security update | |
| CVE-2023-24807 | medium | — | 5.5 | 3y ago | Moderate: nodejs and nodejs-nodemon security, bug fix, and enhancement update | |
| CVE-2023-1017 | medium | — | 5.5 | 3y ago | Moderate: libtpms security update | |
| CVE-2023-0056 | medium | — | 5.5 | 3y ago | Moderate: haproxy security update | |
| CVE-2023-25725 | medium | — | 5.5 | 3y ago | Moderate: haproxy security update | |
| CVE-2023-23916 | medium | — | 5.5 | 3y ago | Moderate: curl security update | |
| CVE-2023-28756 | medium | — | 5.5 | 3y ago | Moderate: ruby security update | |
| CVE-2023-28755 | medium | — | 5.5 | 3y ago | Moderate: ruby security update | |
| CVE-2023-0778 | medium | — | 5.5 | 3y ago | Moderate: container-tools:4.0 security and bug fix update | |
| CVE-2023-23391 | medium | 5.5 | 5.5 | 3y ago | Office for Android Spoofing Vulnerability | |
| CVE-2023-0361 | medium | — | 5.5 | 3y ago | Moderate: gnutls security and bug fix update | |
| CVE-2023-0286 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-0216 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-0217 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-0401 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-0215 | medium | — | 5.5 | 3y ago | Moderate: openssl security and bug fix update | |
| CVE-2023-21843 | medium | — | 5.5 | 3y ago | Moderate: java-11-openjdk security and bug fix update | |
| CVE-2023-21538 | medium | — | 5.5 | 3y ago | Moderate: .NET 6.0 security, bug fix, and enhancement update | |
| CVE-2023-2008 | medium | — | 5.5 | 4y ago | A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can re… | |
| CVE-2023-28410 | medium | — | 5.5 | 4y ago | Improper restriction of operations within the bounds of a memory buffer in some Intel(R) i915 Graphics drivers for linux before kernel version 6.2.10 may allow an authenticated user to potentially en… | |
| CVE-2023-4387 | medium | — | 5.5 | 4y ago | A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to… | |
| CVE-2023-1095 | medium | — | 5.5 | 4y ago | In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never plac… | |
| CVE-2023-21872 | medium | — | 5.5 | 4y ago | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high priv… | |
| CVE-2023-21866 | medium | — | 5.5 | 4y ago | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high priv… | |
| CVE-2023-30059 | medium | 5.4 | 5.4 | 16d ago | An insecure direct object reference in MK-Auth 23.01K4.9 allows attackers to access and send support calls for other users via manipulation of the chamado parameter through a crafted GET request. | |
| CVE-2023-32238 | medium | 5.4 | 5.4 | 5mo ago | Vulnerability in CodexThemes TheGem (Elementor), CodexThemes TheGem (WPBakery).This issue affects TheGem (Elementor): from n/a before 5.8.1.1; TheGem (WPBakery): from n/a before 5.8.1.1. | |
| CVE-2023-25445 | medium | 5.4 | 5.4 | 5mo ago | Missing Authorization vulnerability in HappyFiles HappyFiles Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HappyFiles Pro: from n/a through 1.8.1. | |
| CVE-2023-23729 | medium | 5.4 | 5.4 | 6mo ago | Missing Authorization vulnerability in Brainstorm Force Spectra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Spectra: from n/a through 2.3.0. | |
| CVE-2023-32240 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in Xtemos WoodMart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WoodMart: from n/a through 7.2.1. | |
| CVE-2023-47661 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in Dragfy Dragfy Addons for Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dragfy Addons for Elementor: from … | |
| CVE-2023-47225 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in KaizenCoders Short URL shorten-url allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Short URL: from n/a through <= 1.6… | |
| CVE-2023-47187 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in Labib Ahmed Animated Rotating Words css3-rotating-words allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Animated Rota… | |
| CVE-2023-46633 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in TCBarrett Glossary allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Glossary: from n/a through 3.1.2. | |
| CVE-2023-46616 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in NSquared Draw Attention allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Draw Attention: from n/a through 2.0.15. | |
| CVE-2023-46607 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in WP iCal Availability WP iCal Availability allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP iCal Availability: from … | |
| CVE-2023-46079 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in WP Royal Ashe Extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through 1.2.9. | |
| CVE-2023-45828 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in RumbleTalk RumbleTalk Live Group Chat rumbletalk-chat-a-chat-with-themes allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe… | |
| CVE-2023-45636 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in WebToffee WordPress Backup & Migration wp-migration-duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPr… | |
| CVE-2023-45631 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Image Gal… | |
| CVE-2023-45045 | medium | 5.4 | 5.4 | 1y ago | Missing Authorization vulnerability in krozero WP Custom Widget area wp-custom-widget-area allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Custom Widget … | |
| CVE-2023-44142 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Deepen Bajracharya Inactive Logout inactive-logout allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Inactive Logout: f… | |
| CVE-2023-41857 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in ClickToTweet.com Click To Tweet allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Click To Tweet: from n/a through 2.0.… | |
| CVE-2023-41688 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Mad Fish Digital Bulk NoIndex & NoFollow Toolkit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bulk NoIndex & NoFol… | |
| CVE-2023-41683 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Pechenki TelSender allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TelSender: from n/a through 1.14.11. | |
| CVE-2023-41671 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in tychesoftwares Abandoned Cart Lite for WooCommerce woocommerce-abandoned-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue… | |
| CVE-2023-40678 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Andrew Fiebert Simple URLs simple-urls allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple URLs: from n/a through … | |
| CVE-2023-40011 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in StylemixThemes Cost Calculator Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cost Calculator Builder: from … | |
| CVE-2023-38483 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in Dylan Blokhuis Instant CSS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Instant CSS: from n/a through 1.1.4. | |
| CVE-2023-38383 | medium | 5.4 | 5.4 | 2y ago | Missing Authorization vulnerability in OnTheGoSystems Language allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Language: from n/a through 1.2.1. |