U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*
There are 5,795 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2023-40687

IBM DB2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted RUNSTATS command on an 8TB table. IBM X-Force ID: 264809.

Published: December 03, 2023; 9:15:07 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-38727

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted SQL statement. IBM X-Force ID: 262257.

Published: December 03, 2023; 9:15:06 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-29258

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1, and 11.5 is vulnerable to a denial of service through a specially crafted federated query on specific federation objects. IBM X-Force ID: 252048.

Published: December 03, 2023; 9:15:06 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-47701

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query. IBM X-Force ID: 266166.

Published: December 03, 2023; 8:15:12 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-46167

IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.5 federated server is vulnerable to a denial of service when a specially crafted cursor is used. IBM X-Force ID: 269367.

Published: December 03, 2023; 8:15:12 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-46174

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506.

Published: December 01, 2023; 4:15:08 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-43021

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167.

Published: December 01, 2023; 4:15:08 PM -0500
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2023-42022

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265938.

Published: December 01, 2023; 4:15:08 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-42019

IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

Published: December 01, 2023; 4:15:08 PM -0500
V3.1: 5.9 MEDIUM
V2.0:(not available)
CVE-2023-42009

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 265504.

Published: December 01, 2023; 4:15:07 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-40699

IBM InfoSphere Information Server 11.7 could allow a remote attacker to cause a denial of service due to improper input validation. IBM X-Force ID: 265161.

Published: December 01, 2023; 4:15:07 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-43015

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064.

Published: December 01, 2023; 3:15:07 PM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)
CVE-2023-38268

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585.

Published: December 01, 2023; 3:15:07 PM -0500
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2023-45253

An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library.

Published: December 01, 2023; 1:15:47 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-45252

DLL Hijacking vulnerability in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, due to the installation of the service in a directory that grants write privileges to standard users, allows attackers to manipulate files, execute arbitrary code, and escalate privileges.

Published: December 01, 2023; 1:15:47 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-4770

An uncontrolled search path element vulnerability has been found on 4D and 4D server Windows executables applications, affecting version 19 R8 100218. This vulnerability consists in a DLL hijacking by replacing x64 shfolder.dll in the installation path, causing an arbitrary code execution.

Published: November 30, 2023; 9:15:11 AM -0500
V3.1: 7.8 HIGH
V2.0:(not available)
CVE-2023-49322

Certain WithSecure products allow a Denial of Service because there is an unpack handler crash that can lead to a scanning engine crash. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

Published: November 26, 2023; 7:15:07 PM -0500
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2023-49321

Certain WithSecure products allow a Denial of Service because scanning a crafted file takes a long time, and causes the scanner to hang. This affects WithSecure Client Security 15, WithSecure Server Security 15, WithSecure Email and Server Security 15, WithSecure Elements Endpoint Protection 17 and later, WithSecure Client Security for Mac 15, WithSecure Elements Endpoint Protection for Mac 17 and later, WithSecure Linux Security 64 12.0, WithSecure Linux Protection 12.0, and WithSecure Atlant 1.0.35-1.

Published: November 26, 2023; 7:15:07 PM -0500
V3.1: 5.3 MEDIUM
V2.0:(not available)
CVE-2023-4595

An information exposure vulnerability has been found, the exploitation of which could allow a remote user to retrieve sensitive information stored on the server such as credential files, configuration files, application files, etc., simply by appending any of the following parameters to the end of the URL: %00 %0a, %20, %2a, %a0, %aa, %c0 and %ca.

Published: November 23, 2023; 8:15:12 AM -0500
V3.1: 6.5 MEDIUM
V2.0:(not available)
CVE-2023-4594

Stored XSS vulnerability. This vulnerability could allow an attacker to store a malicious JavaScript payload via GET and POST methods on multiple parameters in the MailAdmin_dll.htm file.

Published: November 23, 2023; 8:15:12 AM -0500
V3.1: 5.4 MEDIUM
V2.0:(not available)