• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2023-0512
2023-02-06
N/A
7.8 HIGH
Divide By Zero in GitHub repository vim/vim prior to 9.0.1247.
CVE-2023-0509
2023-02-07
N/A
7.4 HIGH
Improper Certificate Validation in GitHub repository pyload/pyload prior to 0.5.0b3.dev44.
CVE-2023-0493
2023-02-03
N/A
8.8 HIGH
Improper Neutralization of Equivalent Special Elements in GitHub repository btcpayserver/btcpayserver prior to 1.7.5.
CVE-2023-0492
2023-02-21
N/A
N/A
The GS Products Slider for WooCommerce WordPress plugin before 1.5.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
CVE-2023-0488
2023-02-07
N/A
5.4 MEDIUM
Cross-site Scripting (XSS) - Stored in GitHub repository pyload/pyload prior to 0.5.0b3.dev42.
CVE-2023-0482
2023-02-21
N/A
N/A
In RESTEasy the insecure File.createTempFile() is used in the DataSourceProvider, FileProvider and Mime4JWorkaround classes which creates temp files with insecure permissions that could be read by a local user.
CVE-2023-0476
2023-02-06
N/A
6.5 MEDIUM
A LDAP injection vulnerability exists in Tenable.sc due to improper validation of user-supplied input before returning it to users. An authenticated attacker could generate data in Active Directory using the application account through blind LDAP injection.
CVE-2023-0475
Go-getter, Hashicorp
Boundary, Consul, Consul_docker_image, Consul_template, Go-getter, Go-slug, Nomad, Packer, Sentinel, Terraform
2023-02-16
N/A
N/A
HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0.
CVE-2023-0474
2023-02-06
N/A
8.8 HIGH
Use after free in GuestView in Google Chrome prior to 109.0.5414.119 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a Chrome web app. (Chromium security severity: Medium)
CVE-2023-0473
2023-02-06
N/A
8.8 HIGH
Type Confusion in ServiceWorker API in Google Chrome prior to 109.0.5414.119 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
« Previous 1 … 11,228 11,229 11,230 11,231 11,232 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE