VIR Vulnerability Intelligence Relay

CVEs from 2023

6,107 normalized CVEs published or assigned in this year.

Total
6,107
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%

Top vendors

Top products

  • office 29
  • office_long_term_servicing_channel 15
  • 365_apps 14
  • ftmg-esr50sxx 8
  • ftmg-esn40sxx 8
  • ftmg-esd25axx 8
  • ftmg-esr40sxx 8
  • ftmg-esd15axx 8

Top packages

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2023-5871 medium 5.5 2y ago Moderate: libnbd security update
CVE-2023-39350 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-4693 medium 5.5 2y ago Moderate: grub2 security update
CVE-2023-3758 medium 5.5 2y ago RHSA-2024:3270: sssd security update (Moderate)
CVE-2023-39351 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-39352 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-39356 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-40181 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-40188 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-40567 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-40569 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-41175 medium 5.5 2y ago Moderate: libtiff security update
CVE-2023-4874 medium 5.5 2y ago RHSA-2024:3058: mutt security update (Moderate)
CVE-2023-53150 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Pointer may be dereferenced Klocwork tool reported pointer 'rport' returned from call to function fc_bsg_to_rport(…
CVE-2023-40186 medium 5.5 2y ago Moderate: freerdp security update
CVE-2023-53371 medium 5.5 2y ago In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create The memory pointed to by the fs->any pointer is not freed in the er…
CVE-2023-38470 medium 5.5 2y ago RHSA-2023:7836: avahi security update (Moderate)
CVE-2023-38471 medium 5.5 2y ago RHSA-2023:7836: avahi security update (Moderate)
CVE-2023-52144 medium 5.5 5.5 2y ago Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15.
CVE-2023-29483 medium 5.5 2y ago Moderate: python-dns security update
CVE-2023-50374 medium 5.5 5.5 2y ago Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10.
CVE-2023-52425 medium 5.5 2y ago RHSA-2024:4259: xmlrpc-c security and bug fix update (Moderate)
CVE-2023-4244 medium 5.5 2y ago A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control …
CVE-2023-21911 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22056 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22038 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-45285 medium 5.5 2y ago Moderate: golang security update
CVE-2023-21977 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22048 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22057 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21953 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22058 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22112 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22114 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22115 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-39326 medium 5.5 2y ago Moderate: container-tools:rhel8 security update
CVE-2023-21976 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22084 medium 5.5 2y ago RHSA-2025:0739: mariadb:10.5 security update (Moderate)
CVE-2023-22032 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21945 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21955 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22059 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21940 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21947 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22007 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21935 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21933 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22079 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22070 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21920 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21980 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21919 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22054 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22097 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22092 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22065 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22053 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22033 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22066 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22064 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21966 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22078 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21962 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22068 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22104 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22008 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-40225 medium 5.5 2y ago Moderate: haproxy security update
CVE-2023-45539 medium 5.5 2y ago RHSA-2024:8849: haproxy security update (Moderate)
CVE-2023-22113 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22103 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22111 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21982 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21972 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22046 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22005 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-22110 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21929 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-21946 medium 5.5 2y ago RHSA-2024:0894: mysql:8.0 security update (Moderate)
CVE-2023-5992 medium 5.5 2y ago RHSA-2024:0967: opensc security update (Moderate)
CVE-2023-5676 medium 5.5 2y ago RHSA-2024:0866: java-1.8.0-ibm security update (Moderate)
CVE-2023-28486 medium 5.5 2y ago Sudo before 1.9.13 does not escape control characters in log messages.
CVE-2023-42465 medium 5.5 2y ago Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling …
CVE-2023-28487 medium 5.5 2y ago Sudo before 1.9.13 does not escape control characters in sudoreplay output.
CVE-2023-6135 medium 5.5 2y ago Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox <…
CVE-2023-5981 medium 5.5 2y ago RHSA-2024:0627: gnutls security update (Moderate)
CVE-2023-4001 medium 5.5 2y ago Moderate: grub2 security update
CVE-2023-42794 medium 5.5 2y ago Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in pro…
CVE-2023-41080 medium 5.5 2y ago Apache Tomcat Open Redirect vulnerability
CVE-2023-38409 medium 5.5 2y ago An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_…
CVE-2023-47235 medium 5.5 2y ago An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdra…
CVE-2023-47234 medium 5.5 2y ago An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory …
CVE-2023-38407 medium 5.5 2y ago bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing.
CVE-2023-38406 medium 5.5 2y ago bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow."
CVE-2023-45648 medium 5.5 2y ago Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not c…
CVE-2023-45803 medium 5.5 2y ago Moderate: container-tools:rhel8 security update
CVE-2023-42795 medium 5.5 2y ago Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0…
CVE-2023-7104 medium 5.5 2y ago RHSA-2024:0253: sqlite security update (Moderate)
CVE-2023-5388 medium 5.5 2y ago Moderate: nss security update
CVE-2023-5455 medium 5.5 2y ago RHSA-2024:0143: idm:DL1 security update (Moderate)
CVE-2023-5367 medium 5.5 3y ago A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty fu…