Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21811 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2023-02-23 | N/A | 7.5 HIGH |
| Windows iSCSI Service Denial of Service Vulnerability | |||||
| CVE-2023-22934 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2023-02-23 | N/A | 8.0 HIGH |
| In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘pivot’ search processing language (SPL) command lets a search bypass [SPL safeguards for risky commands](https://docs.splunk.com/Documentation/Splunk/latest/Security/SPLsafeguards) using a saved search job. The vulnerability requires an authenticated user to craft the saved job and a higher privileged user to initiate a request within their browser. The vulnerability affects instances with Splunk Web enabled. | |||||
| CVE-2023-25161 | 1 Nextcloud | 1 Nextcloud Server | 2023-02-23 | N/A | 5.3 MEDIUM |
| Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Nextcloud Server and Nextcloud Enterprise Server prior to versions 25.0.1 24.0.8, and 23.0.12 missing rate limiting on password reset functionality. This could result in service slowdown, storage overflow, or cost impact when using external email services. Users should upgrade to Nextcloud Server 25.0.1, 24.0.8, or 23.0.12 or Nextcloud Enterprise Server 25.0.1, 24.0.8, or 23.0.12 to receive a patch. No known workarounds are available. | |||||
| CVE-2023-21809 | 1 Microsoft | 1 Defender Security Intelligence Updates | 2023-02-23 | N/A | 7.8 HIGH |
| Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | |||||
| CVE-2023-21806 | 1 Microsoft | 1 Power Bi Report Server | 2023-02-23 | N/A | 8.2 HIGH |
| Power BI Report Server Spoofing Vulnerability | |||||
| CVE-2023-21804 | 1 Microsoft | 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more | 2023-02-23 | N/A | 7.8 HIGH |
| Windows Graphics Component Elevation of Privilege Vulnerability | |||||
| CVE-2023-21805 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2023-02-23 | N/A | 7.8 HIGH |
| Windows MSHTML Platform Remote Code Execution Vulnerability | |||||
| CVE-2023-21803 | 1 Microsoft | 7 Windows 10, Windows 10 1607, Windows 10 1809 and 4 more | 2023-02-23 | N/A | 9.8 CRITICAL |
| Windows iSCSI Discovery Service Remote Code Execution Vulnerability | |||||
| CVE-2023-21802 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2023-02-23 | N/A | 7.8 HIGH |
| Windows Media Remote Code Execution Vulnerability | |||||
| CVE-2023-21800 | 1 Microsoft | 1 Windows Server 2008 | 2023-02-23 | N/A | 7.8 HIGH |
| Windows Installer Elevation of Privilege Vulnerability | |||||
| CVE-2023-21704 | 1 Microsoft | 1 Sql Server | 2023-02-23 | N/A | 7.8 HIGH |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-21701 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2023-02-23 | N/A | 7.5 HIGH |
| Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability | |||||
| CVE-2023-21702 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2023-02-23 | N/A | 7.5 HIGH |
| Windows iSCSI Service Denial of Service Vulnerability | |||||
| CVE-2023-21703 | 1 Microsoft | 2 Azure Data Box Gateway, Azure Stack Edge | 2023-02-23 | N/A | 7.2 HIGH |
| Azure Data Box Gateway Remote Code Execution Vulnerability | |||||
| CVE-2023-21700 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2023-02-23 | N/A | 7.5 HIGH |
| Windows iSCSI Discovery Service Denial of Service Vulnerability | |||||
| CVE-2023-21699 | 1 Microsoft | 10 Windows 10, Windows 10 1607, Windows 10 1809 and 7 more | 2023-02-23 | N/A | 5.3 MEDIUM |
| Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | |||||
| CVE-2023-21697 | 1 Microsoft | 10 Windows 10, Windows 10 1607, Windows 10 1809 and 7 more | 2023-02-23 | N/A | 5.5 MEDIUM |
| Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability | |||||
| CVE-2023-21694 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2023-02-23 | N/A | 6.8 MEDIUM |
| Windows Fax Service Remote Code Execution Vulnerability | |||||
| CVE-2023-21695 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2023-02-23 | N/A | 8.8 HIGH |
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | |||||
| CVE-2022-3891 | 1 Pixelite | 1 Wp Fullcalendar | 2023-02-22 | N/A | 5.3 MEDIUM |
| The WP FullCalendar WordPress plugin before 1.5 does not ensure that the post retrieved via an AJAX action is public and can be accessed by the user making the request, allowing unauthenticated attackers to get the content of arbitrary posts, including draft/private as well as password-protected ones. | |||||