The NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. The NVD includes databases of security checklist references, security-related software flaws, product names, and impact metrics.
For information on how to the cite the NVD, including the database's Digital Object Identifier (DOI), please consult NIST's Public Data Repository.
-
CVE-2023-48237 - Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it may be possible to overflow the size of integer. Impact is low, user interaction is required and a c... read CVE-2023-48237
Published: November 16, 2023; 6:15:09 PM -0500V3.1: 4.3 MEDIUM
-
CVE-2023-48231 - Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond crashing the application has not been shown to be viable. This issue has been addressed in commit `25a... read CVE-2023-48231
Published: November 16, 2023; 6:15:08 PM -0500V3.1: 4.3 MEDIUM
-
CVE-2023-4218 - In Eclipse IDE versions < 2023-09 (4.29) some files with xml content are parsed vulnerable against all sorts of XXE attacks. The user just needs to open any evil project or update an open project with a vulnerable file (for example for review a fo... read CVE-2023-4218
Published: November 09, 2023; 4:15:08 AM -0500V3.1: 5.0 MEDIUM
-
CVE-2023-39544 - CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
Published: November 17, 2023; 1:15:33 AM -0500V3.1: 8.8 HIGH
-
CVE-2023-39545 - CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
Published: November 17, 2023; 1:15:33 AM -0500V3.1: 8.8 HIGH
-
CVE-2023-39546 - CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
Published: November 17, 2023; 1:15:33 AM -0500V3.1: 8.8 HIGH
-
CVE-2023-39548 - CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
Published: November 17, 2023; 1:15:34 AM -0500V3.1: 8.8 HIGH
-
CVE-2023-48235 - Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens in the existing overflow check, because the line number becomes negative and LONG_MAX - lnum will... read CVE-2023-48235
Published: November 16, 2023; 6:15:09 PM -0500V3.1: 4.3 MEDIUM
-
CVE-2023-39547 - CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command.
Published: November 17, 2023; 1:15:34 AM -0500V3.1: 8.8 HIGH
-
CVE-2023-36008 - Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Published: November 16, 2023; 3:15:28 PM -0500V3.1: 6.6 MEDIUM
-
CVE-2023-48111 - Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
Published: November 20, 2023; 3:15:07 PM -0500V3.1: 7.5 HIGH
-
CVE-2023-48110 - Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the urls parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
Published: November 20, 2023; 3:15:07 PM -0500V3.1: 7.5 HIGH
-
CVE-2023-48109 - Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow via the deviceId parameter in the function saveParentControlInfo . This vulnerability allows attackers to cause a Denial of Service (DoS) attack
Published: November 20, 2023; 3:15:07 PM -0500V3.1: 7.5 HIGH
-
CVE-2023-3116 - in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information or rewrite sensitive file through incorrect default permissions.
Published: November 20, 2023; 7:15:07 AM -0500V3.1: 7.1 HIGH
-
CVE-2023-42774 - in OpenHarmony v3.2.2 and prior versions allow a local attacker get confidential information through incorrect default permissions.
Published: November 20, 2023; 7:15:08 AM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-43612 - in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary file read and write through improper preservation of permissions.
Published: November 20, 2023; 7:15:08 AM -0500V3.1: 7.8 HIGH
-
CVE-2023-46100 - in OpenHarmony v3.2.2 and prior versions allow a local attacker get sensitive buffer information through use of uninitialized resource.
Published: November 20, 2023; 7:15:08 AM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-46705 - in OpenHarmony v3.2.2 and prior versions allow a local attacker causes system information leak through type confusion.
Published: November 20, 2023; 7:15:08 AM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-47217 - in OpenHarmony v3.2.2 and prior versions allow a local attacker cause DOS through buffer overflow.
Published: November 20, 2023; 7:15:08 AM -0500V3.1: 5.5 MEDIUM
-
CVE-2023-6045 - in OpenHarmony v3.2.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through type confusion.
Published: November 20, 2023; 7:15:09 AM -0500V3.1: 7.8 HIGH
Legal Disclaimer:
Here is where you can read the NVD legal disclaimer.