CVEs from 2023
Total
6,102
critical
critical 240
high
high 1,530
medium
medium 1,393
low
low 32
% Critical
3.9%
% with KEV
2.7%
% with exploit
3.5%
Top products
- office 29
- office_long_term_servicing_channel 15
- 365_apps 14
- ftmg-esr50sxx 8
- ftmg-esn40sxx 8
- ftmg-esd25axx 8
- ftmg-esr40sxx 8
- ftmg-esd15axx 8
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-3758 | medium | — | 5.5 | 2y ago | RHSA-2024:3270: sssd security update (Moderate) | |||
| CVE-2023-39353 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-38473 | medium | — | 5.5 | 2y ago | RHSA-2023:7836: avahi security update (Moderate) | |||
| CVE-2023-7008 | medium | — | 5.5 | 2y ago | A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the u… | |||
| CVE-2023-42467 | medium | — | 5.5 | 2y ago | QEMU through 8.0.0 could trigger a division by zero in scsi_disk_reset in hw/scsi/scsi-disk.c because scsi_disk_emulate_mode_select does not prevent s->qdev.blocksize from being 256. This stops QEMU … | |||
| CVE-2023-1579 | medium | — | 5.5 | 2y ago | Moderate: mingw components security update | |||
| CVE-2023-47038 | medium | — | 5.5 | 2y ago | Moderate: perl security update | |||
| CVE-2023-49083 | medium | — | 5.5 | 2y ago | RHSA-2025:14553: python-cryptography security update (Moderate) | |||
| CVE-2023-31490 | medium | — | 5.5 | 2y ago | An issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function. | |||
| CVE-2023-54324 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: dm: fix a race condition in retrieve_deps There's a race condition in the multipath target when retrieve_deps races with multipat… | |||
| CVE-2023-43789 | medium | — | 5.5 | 2y ago | RHSA-2024:3022: motif security update (Moderate) | |||
| CVE-2023-6683 | medium | — | 5.5 | 2y ago | A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. The qemu_clipboard_request() function can be reached before vnc_server_cut_text_caps() was called and had the… | |||
| CVE-2023-40186 | medium | — | 5.5 | 2y ago | Moderate: freerdp security update | |||
| CVE-2023-53546 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, fix memory leak in mlx5dr_cmd_create_reformat_ctx when mlx5_cmd_exec failed in mlx5dr_cmd_create_reformat_ctx, the … | |||
| CVE-2023-6917 | medium | — | 5.5 | 2y ago | A vulnerability has been identified in the Performance Co-Pilot (PCP) package, stemming from the mixed privilege levels utilized by systemd services associated with PCP. While certain services operat… | |||
| CVE-2023-40475 | medium | — | 5.5 | 2y ago | RHSA-2024:3060: gstreamer1-plugins-bad-free security update (Moderate) | |||
| CVE-2023-37328 | medium | — | 5.5 | 2y ago | Moderate: gstreamer1-plugins-base security update | |||
| CVE-2023-54070 | medium | — | 5.5 | 2y ago | In the Linux kernel, the following vulnerability has been resolved: igb: clean up in all error paths when enabling SR-IOV After commit 50f303496d92 ("igb: Enable SR-IOV after reinit"), removing the… | |||
| CVE-2023-52144 | medium | 5.5 | 5.5 | 2y ago | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in RexTheme Product Feed Manager.This issue affects Product Feed Manager: from n/a through 7.3.15. | |||
| CVE-2023-29483 | medium | — | 5.5 | 2y ago | Moderate: python-dns security update | |||
| CVE-2023-50374 | medium | 5.5 | 5.5 | 2y ago | Server-Side Request Forgery (SSRF) vulnerability in NiteoThemes CMP – Coming Soon & Maintenance.This issue affects CMP – Coming Soon & Maintenance: from n/a through 4.1.10. | |||
| CVE-2023-52425 | medium | — | 5.5 | 2y ago | RHSA-2024:4259: xmlrpc-c security and bug fix update (Moderate) | |||
| CVE-2023-4244 | medium | — | 5.5 | 2y ago | A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Due to a race condition between nf_tables netlink control … | |||
| CVE-2023-22070 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21940 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22059 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22111 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21935 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22046 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-45285 | medium | — | 5.5 | 2y ago | Moderate: golang security update | |||
| CVE-2023-22005 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22113 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21972 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22048 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21976 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22084 | medium | — | 5.5 | 2y ago | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.43 and prior, 8.0.34 and prior and 8.1.0. Easily exploitable vulnerabilit… | |||
| CVE-2023-22007 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21977 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-45539 | medium | — | 5.5 | 2y ago | RHSA-2024:8849: haproxy security update (Moderate) | |||
| CVE-2023-40225 | medium | — | 5.5 | 2y ago | Moderate: haproxy security update | |||
| CVE-2023-21955 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21982 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21980 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22115 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21933 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-39326 | medium | — | 5.5 | 2y ago | Moderate: container-tools:rhel8 security update | |||
| CVE-2023-22104 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22112 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22103 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21911 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22032 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22054 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22097 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22092 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22065 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22053 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22033 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22066 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22064 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21966 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22078 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21962 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22068 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22008 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21946 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21929 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22110 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21919 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21953 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22114 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22056 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21945 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21920 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22038 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-21947 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22058 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22057 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-22079 | medium | — | 5.5 | 2y ago | RHSA-2024:0894: mysql:8.0 security update (Moderate) | |||
| CVE-2023-5992 | medium | — | 5.5 | 2y ago | RHSA-2024:0967: opensc security update (Moderate) | |||
| CVE-2023-5676 | medium | — | 5.5 | 2y ago | RHSA-2024:0866: java-1.8.0-ibm security update (Moderate) | |||
| CVE-2023-28487 | medium | — | 5.5 | 2y ago | Sudo before 1.9.13 does not escape control characters in sudoreplay output. | |||
| CVE-2023-42465 | medium | — | 5.5 | 2y ago | Sudo before 1.9.15 might allow row hammer attacks (for authentication bypass or privilege escalation) because application logic sometimes is based on not equaling an error value (instead of equaling … | |||
| CVE-2023-28486 | medium | — | 5.5 | 2y ago | Sudo before 1.9.13 does not escape control characters in log messages. | |||
| CVE-2023-6135 | medium | — | 5.5 | 2y ago | Multiple NSS NIST curves were susceptible to a side-channel attack known as "Minerva". This attack could potentially allow an attacker to recover the private key. This vulnerability affects Firefox <… | |||
| CVE-2023-5981 | medium | — | 5.5 | 2y ago | RHSA-2024:0627: gnutls security update (Moderate) | |||
| CVE-2023-47235 | medium | — | 5.5 | 2y ago | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when a malformed BGP UPDATE message with an EOR is processed, because the presence of EOR does not lead to a treat-as-withdra… | |||
| CVE-2023-47234 | medium | — | 5.5 | 2y ago | An issue was discovered in FRRouting FRR through 9.0.1. A crash can occur when processing a crafted BGP UPDATE message with a MP_UNREACH_NLRI attribute and additional NLRI data (that lacks mandatory … | |||
| CVE-2023-4001 | medium | — | 5.5 | 2y ago | Moderate: grub2 security update | |||
| CVE-2023-38407 | medium | — | 5.5 | 2y ago | bgpd/bgp_label.c in FRRouting (FRR) before 8.5 attempts to read beyond the end of the stream during labeled unicast parsing. | |||
| CVE-2023-38406 | medium | — | 5.5 | 2y ago | bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow." | |||
| CVE-2023-42795 | medium | — | 5.5 | 2y ago | Incomplete Cleanup vulnerability in Apache Tomcat.When recycling various internal objects in Apache Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0… | |||
| CVE-2023-42794 | medium | — | 5.5 | 2y ago | Incomplete Cleanup vulnerability in Apache Tomcat. The internal fork of Commons FileUpload packaged with Apache Tomcat 9.0.70 through 9.0.80 and 8.5.85 through 8.5.93 included an unreleased, in pro… | |||
| CVE-2023-41080 | medium | — | 5.5 | 2y ago | URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 thro… | |||
| CVE-2023-45648 | medium | — | 5.5 | 2y ago | Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not c… | |||
| CVE-2023-7104 | medium | — | 5.5 | 2y ago | RHSA-2024:0253: sqlite security update (Moderate) | |||
| CVE-2023-38409 | medium | — | 5.5 | 2y ago | An issue was discovered in set_con2fb_map in drivers/video/fbdev/core/fbcon.c in the Linux kernel before 6.2.12. Because an assignment occurs only for the first vc, the fbcon_registered_fb and fbcon_… | |||
| CVE-2023-45803 | medium | — | 5.5 | 2y ago | Moderate: container-tools:rhel8 security update | |||
| CVE-2023-5388 | medium | — | 5.5 | 2y ago | Moderate: nss security update | |||
| CVE-2023-5455 | medium | — | 5.5 | 2y ago | RHSA-2024:0143: idm:DL1 security update (Moderate) | |||
| CVE-2023-6478 | medium | — | 5.5 | 3y ago | A flaw was found in xorg-server. A specially crafted request to RRChangeProviderProperty or RRChangeOutputProperty can trigger an integer overflow which may lead to a disclosure of sensitive informat… |