Search
14,626 CVEs · Low severity
CVEs (14,626, showing first 500)
Only the first 500 CVEs (by current sort) are shown when searching without a keyword. Add a search term above to narrow the results.
Showing 376–400 of 14,626 (capped at 500)
| CVE ID | Severity | Patch | CVSS ↓ | Published | Description |
|---|---|---|---|---|---|
| CVE-2023-32973 | LOW | Patched | 3.8 | 2023-10-13 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow a… |
| CVE-2023-32971 | LOW | Patched | 3.8 | 2023-10-06 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow a… |
| CVE-2023-32972 | LOW | Patched | 3.8 | 2023-10-06 | A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow a… |
| CVE-2023-5159 | LOW | Patched | 3.8 | 2023-09-29 | Mattermost fails to properly verify the permissions when managing/updating a bot allowing a User Manager role with user edit permissions to manage/update bots. |
| CVE-2023-39265 | LOW | Patched | 3.8 | 2023-09-06 | Apache Superset would allow for SQLite database connections to be incorrectly registered when an attacker uses alternative driver names like sqlite+pysqlite or by using dat… |
| CVE-2022-38076 | LOW | Patched | 3.8 | 2023-08-11 | Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege v… |
| CVE-2023-4304 | LOW | Patched | 3.8 | 2023-08-11 | Business Logic Errors in GitHub repository froxlor/froxlor prior to 2.0.22,2.1.0. |
| CVE-2023-39954 | LOW | Patched | 3.8 | 2023-08-10 | user_oidc provides the OIDC connect user backend for Nextcloud, an open-source cloud platform. Starting in version 1.0.0 and prior to version 1.3.3, an attacker that obtain… |
| CVE-2023-30704 | LOW | Patched | 3.8 | 2023-08-10 | Improper Authorization vulnerability in Samsung Internet prior to version 22.0.0.35 allows physical attacker access downloaded files in Secret Mode without user authentication. |
| CVE-2023-37857 | LOW | Patched | 3.8 | 2023-08-09 | In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic ke… |
| CVE-2023-3488 | LOW | Patched | 3.8 | 2023-07-28 | Uninitialized buffer in GBL parser in Silicon Labs GSDK v4.3.0 and earlier allows attacker to leak data from Secure stack via malformed GBL file. |
| CVE-2023-25185 | LOW | Patched | 3.8 | 2023-06-16 | An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network solution internal fault was found in Nokia Single RAN software releases. Cer… |
| CVE-2023-2434 | LOW | Patched | 3.8 | 2023-05-31 | The Nested Pages plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'reset' function in versions up to, and including,… |
| CVE-2023-29128 | LOW | 3.8 | 2023-05-09 | A vulnerability has been identified in SIMATIC Cloud Connect 7 CC712 (All versions >= V2.0 < V2.1), SIMATIC Cloud Connect 7 CC716 (All versions >= V2.0 < V2.1). The filenam… | |
| CVE-2023-27892 | LOW | Patched | 3.8 | 2023-05-02 | Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() … |
| CVE-2022-23721 | LOW | Patched | 3.8 | 2023-04-25 | PingID integration for Windows login prior to 2.9 does not handle duplicate usernames, which can lead to a username collision when two people with the same username are pro… |
| CVE-2023-21988 | LOW | Patched | 3.8 | 2023-04-18 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8.… |
| CVE-2022-43772 | LOW | Patched | 3.8 | 2023-04-03 | Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.0 and 9.3.0.1, including 8.3.x with the Big Data Plugin expose the username and password of cluster… |
| CVE-2023-23677 | LOW | Patched | 3.8 | 2023-03-30 | Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix GTmetrix for WordPress plugin <= 0.4.5 versions. |
| CVE-2023-1541 | LOW | Patched | 3.8 | 2023-03-21 | Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. |
| CVE-2023-1367 | LOW | Patched | 3.8 | 2023-03-13 | Code Injection in GitHub repository alextselegidis/easyappointments prior to 1.5.0. |
| CVE-2023-1045 | LOW | 3.8 | 2023-02-26 | A vulnerability was found in MuYuCMS 2.2. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin.php/accessory/filesdel.h… | |
| CVE-2022-38056 | LOW | Patched | 3.8 | 2023-02-16 | Improper neutralization in the Intel(R) EMA software before version 1.8.1.0 may allow a privileged user to potentially enable escalation of privilege via network access. |
| CVE-2023-23854 | LOW | 3.8 | 2023-02-14 | SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, does not perform necessary authorization checks for an authen… | |
| CVE-2023-21885 | LOW | Patched | 3.8 | 2023-01-18 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6.… |