Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-40687 |
IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809. Published: December 03, 2023; 9:15:07 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-38727 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257. Published: December 03, 2023; 9:15:06 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-29258 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048. Published: December 03, 2023; 9:15:06 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-47701 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166. Published: December 03, 2023; 8:15:12 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-46167 |
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367. Published: December 03, 2023; 8:15:12 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-46174 |
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506. Published: December 01, 2023; 4:15:08 PM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-43021 |
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167. Published: December 01, 2023; 4:15:08 PM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-42022 |
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938. Published: December 01, 2023; 4:15:08 PM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-42019 |
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. Published: December 01, 2023; 4:15:08 PM -0500 |
V3.1: 5.9 MEDIUM V2.0:(not available) |
CVE-2023-42009 |
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265504. Published: December 01, 2023; 4:15:07 PM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-40699 |
IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161. Published: December 01, 2023; 4:15:07 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-43015 |
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064. Published: December 01, 2023; 3:15:07 PM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |
CVE-2023-38268 |
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585. Published: December 01, 2023; 3:15:07 PM -0500 |
V3.1: 8.8 HIGH V2.0:(not available) |
CVE-2023-45253 |
An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library. Published: December 01, 2023; 1:15:47 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-45252 |
DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges. Published: December 01, 2023; 1:15:47 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-4770 |
An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution. Published: November 30, 2023; 9:15:11 AM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-49322 |
Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. Published: November 26, 2023; 7:15:07 PM -0500 |
V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-49321 |
Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1. Published: November 26, 2023; 7:15:07 PM -0500 |
V3.1: 5.3 MEDIUM V2.0:(not available) |
CVE-2023-4595 |
An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca. Published: November 23, 2023; 8:15:12 AM -0500 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
CVE-2023-4594 |
Stored XSS vulnerability. This vulnerability could allow an attacker to store a malicious JavaScript payload via GET and POST methods on multiple parameters in the MailAdmin_dll.htm file. Published: November 23, 2023; 8:15:12 AM -0500 |
V3.1: 5.4 MEDIUM V2.0:(not available) |