Export limit exceeded: 10785 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10785 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-39371 | 1 Startrinity | 1 Softswitch | 2024-11-21 | 8.8 High |
| StarTrinity Softswitch version 2023-02-16 - Open Redirect (CWE-601) | ||||
| CVE-2023-39250 | 1 Dell | 3 Replay Manager For Vmware, Storage Integration Tools For Vmware, Storage Vsphere Client Plugin | 2024-11-21 | 7.8 High |
| Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions prior to 6.1.1 and Replay Manager for VMware (RMSV) versions prior to 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to retrieve an encryption key that could aid in further attacks. | ||||
| CVE-2023-39246 | 2 Dell, Microsoft | 4 Encryption, Endpoint Security Suite Enterprise, Security Management Server and 1 more | 2024-11-21 | 4.6 Medium |
| Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server version prior to 11.8.1 contain an Insecure Operation on Windows Junction Vulnerability during installation. A local malicious user could potentially exploit this vulnerability to create an arbitrary folder inside a restricted directory, leading to Privilege Escalation | ||||
| CVE-2023-39218 | 1 Zoom | 3 Rooms, Virtual Desktop Infrastructure, Zoom | 2024-11-21 | 6.1 Medium |
| Client-side enforcement of server-side security in Zoom clients before 5.14.10 may allow a privileged user to enable information disclosure via network access. | ||||
| CVE-2023-39214 | 1 Zoom | 3 Meeting Software Development Kit, Rooms, Zoom | 2024-11-21 | 7.6 High |
| Exposure of sensitive information in Zoom Client SDK's before 5.15.5 may allow an authenticated user to enable a denial of service via network access. | ||||
| CVE-2023-39155 | 1 Jenkins | 1 Chef Identity | 2024-11-21 | 5.3 Medium |
| Jenkins Chef Identity Plugin 2.0.3 and earlier does not mask the user.pem key form field, increasing the potential for attackers to observe and capture it. | ||||
| CVE-2023-39152 | 1 Jenkins | 1 Gradle | 2024-11-21 | 6.5 Medium |
| Always-incorrect control flow implementation in Jenkins Gradle Plugin 2.8 may result in credentials not being masked (i.e., replaced with asterisks) in the build log in some circumstances. | ||||
| CVE-2023-39058 | 1 The B Members Card Project | 1 The B Members Card | 2024-11-21 | 6.5 Medium |
| An information leak in THE_B_members card v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39056 | 1 Coffee-jumbo Project | 1 Coffee-jumbo | 2024-11-21 | 6.5 Medium |
| An information leak in Coffee-jumbo v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39049 | 1 Youmart-tokunaga Project | 1 Youmart-tokunaga | 2024-11-21 | 6.5 Medium |
| An information leak in youmart-tokunaga v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39046 | 1 Tonton-tei Waiting Project | 1 Tonton-tei Waiting | 2024-11-21 | 6.5 Medium |
| An information leak in TonTon-Tei_waiting Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39043 | 1 Ykc | 1 Tokushima Awayokocho | 2024-11-21 | 6.5 Medium |
| An information leak in YKC Tokushima_awayokocho Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39040 | 1 Cheese Cafe Line Project | 1 Cheese Cafe Line | 2024-11-21 | 6.5 Medium |
| An information leak in Cheese Cafe Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-39039 | 1 Camp Style Project Line Project | 1 Camp Style Project Line | 2024-11-21 | 6.5 Medium |
| An information leak in Camp Style Project Line v13.6.1 allows attackers to obtain the channel access token and send crafted messages. | ||||
| CVE-2023-38998 | 1 Opnsense | 1 Opnsense | 2024-11-21 | 6.1 Medium |
| An open redirect in the Login page of OPNsense Community Edition before 23.7 and Business Edition before 23.4.2 allows attackers to redirect a victim user to an arbitrary web site via a crafted URL. | ||||
| CVE-2023-38976 | 1 Weaviate | 1 Weaviate | 2024-11-21 | 7.5 High |
| An issue in weaviate v.1.20.0 allows a remote attacker to cause a denial of service via the handleUnbatchedGraphQLRequest function. | ||||
| CVE-2023-38955 | 1 Zkteco | 1 Bioaccess Ivs | 2024-11-21 | 7.5 High |
| ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to obtain sensitive information about all managed devices, including their IP addresses and device names. | ||||
| CVE-2023-38947 | 1 Wbce | 1 Wbce Cms | 2024-11-21 | 7.2 High |
| An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2023-38884 | 1 Os4ed | 1 Opensis | 2024-11-21 | 7.5 High |
| An Insecure Direct Object Reference (IDOR) vulnerability in the Community Edition version 9.0 of openSIS Classic allows an unauthenticated remote attacker to access any student's files by visiting '/assets/studentfiles/<studentId>-<filename>' | ||||
| CVE-2023-38872 | 1 Economizzer | 1 Economizzer | 2024-11-21 | 3.7 Low |
| An Insecure Direct Object Reference (IDOR) vulnerability in gugoan Economizzer commit 3730880 (April 2023) and v.0.9-beta1 allows any unauthenticated attacker to access cash book entry attachments of any other user, if they know the Id of the attachment. | ||||