v.26.4.2314

High Severity Vulnerabilities

Found 13053 vulnerabilities at High severity.

Vulnerability Name

CVE

CWE

Severity

Envoy Proxy CVE-2023-27496 Vulnerability (CVE-2023-27496)

CVE-2023-27496

-

High

Apache HTTP Server Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') Vulnerability (CVE-2023-27522)

CVE-2023-27522

-

High

Nginx Out-of-bounds Read Vulnerability (CVE-2023-27727)

CVE-2023-27727

CWE-125

High

Nginx Out-of-bounds Read Vulnerability (CVE-2023-27728)

CVE-2023-27728

CWE-125

High

Nginx CVE-2023-27729 Vulnerability (CVE-2023-27729)

CVE-2023-27729

-

High

Nginx Out-of-bounds Read Vulnerability (CVE-2023-27730)

CVE-2023-27730

CWE-125

High

Jenkins Incorrect Authorization Vulnerability (CVE-2023-27899)

CVE-2023-27899

CWE-863

High

Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27900)

CVE-2023-27900

CWE-770

High

Jenkins Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-27901)

CVE-2023-27901

CWE-770

High

SharePoint CVE-2023-28288 Vulnerability (CVE-2023-28288)

CVE-2023-28288

-

High

Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-28329)

CVE-2023-28329

CWE-138

High

Moodle Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-28335)

CVE-2023-28335

CWE-352

High

Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2023-28625)

CVE-2023-28625

CWE-476

High

Apache Tomcat Off-by-one Error Vulnerability (CVE-2023-28709)

CVE-2023-28709

CWE-193

High

Ruby Inefficient Regular Expression Complexity Vulnerability (CVE-2023-28756)

CVE-2023-28756

CWE-1333

High

XWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2023-29208)

CVE-2023-29208

CWE-668

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29209)

CVE-2023-29209

CWE-94

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29210)

CVE-2023-29210

CWE-94

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29211)

CVE-2023-29211

CWE-94

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29212)

CVE-2023-29212

CWE-94

High

XWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-29213)

CVE-2023-29213

CWE-352

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29214)

CVE-2023-29214

CWE-94

High

Microsoft SQL Server CVE-2023-29349 Vulnerability (CVE-2023-29349)

CVE-2023-29349

-

High

Microsoft SQL Server CVE-2023-29356 Vulnerability (CVE-2023-29356)

CVE-2023-29356

-

High

XWiki Other Vulnerability (CVE-2023-29507)

CVE-2023-29507

-

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29509)

CVE-2023-29509

CWE-94

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29510)

CVE-2023-29510

CWE-138

High

XWiki Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') Vulnerability (CVE-2023-29511)

CVE-2023-29511

CWE-707

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29512)

CVE-2023-29512

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29514)

CVE-2023-29514

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29516)

CVE-2023-29516

CWE-138

High

XWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2023-29517)

CVE-2023-29517

CWE-200

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29518)

CVE-2023-29518

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29519)

CVE-2023-29519

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29521)

CVE-2023-29521

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29522)

CVE-2023-29522

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29523)

CVE-2023-29523

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29524)

CVE-2023-29524

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29525)

CVE-2023-29525

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29526)

CVE-2023-29526

CWE-138

High

XWiki Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-29527)

CVE-2023-29527

CWE-138

High

Opencart Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-2315)

CVE-2023-2315

CWE-22

High

PostgreSQL CVE-2023-2454 Vulnerability (CVE-2023-2454)

CVE-2023-2454

-

High

osTicket Improper Validation of Specified Quantity in Input Vulnerability (CVE-2023-30082)

CVE-2023-30082

CWE-1284

High

Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30130)

CVE-2023-30130

CWE-94

High

PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30151)

CVE-2023-30151

CWE-138

High

Craft CMS Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30179)

CVE-2023-30179

CWE-94

High

Dolibarr Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2023-30253)

CVE-2023-30253

CWE-138

High

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-30537)

CVE-2023-30537

CWE-94

High

Apache Traffic Server CVE-2023-30631 Vulnerability (CVE-2023-30631)

CVE-2023-30631

-

High

PrestaShop Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30839)

CVE-2023-30839

CWE-138

High

Moodle Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-30944)

CVE-2023-30944

CWE-138

High

IBM WebSEAL Other Vulnerability (CVE-2023-30997)

CVE-2023-30997

-

High

IBM WebSEAL Other Vulnerability (CVE-2023-30998)

CVE-2023-30998

-

High

Apache HTTP Server Out-of-bounds Read Vulnerability (CVE-2023-31122)

CVE-2023-31122

CWE-125

High

WordPress Ultimate Member Plugin Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2023-31216)

CVE-2023-31216

CWE-352

High

Perl Improper Certificate Validation Vulnerability (CVE-2023-31484)

CVE-2023-31484

CWE-295

High

Perl Improper Certificate Validation Vulnerability (CVE-2023-31486)

CVE-2023-31486

CWE-295

High

Microsoft SQL Server CVE-2023-32025 Vulnerability (CVE-2023-32025)

CVE-2023-32025

-

High

Microsoft SQL Server CVE-2023-32026 Vulnerability (CVE-2023-32026)

CVE-2023-32026

-

High

Microsoft SQL Server CVE-2023-32027 Vulnerability (CVE-2023-32027)

CVE-2023-32027

-

High

Microsoft SQL Server CVE-2023-32028 Vulnerability (CVE-2023-32028)

CVE-2023-32028

-

High

XWiki Incorrect Authorization Vulnerability (CVE-2023-32069)

CVE-2023-32069

CWE-863

High

IBMHttpServer Observable Discrepancy Vulnerability (CVE-2023-32342)

CVE-2023-32342

CWE-203

High

Craft CMS Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Vulnerability (CVE-2023-32679)

CVE-2023-32679

CWE-138

High

SharePoint CVE-2023-33130 Vulnerability (CVE-2023-33130)

CVE-2023-33130

-

High

SharePoint CVE-2023-33134 Vulnerability (CVE-2023-33134)

CVE-2023-33134

-

High

SharePoint CVE-2023-33157 Vulnerability (CVE-2023-33157)

CVE-2023-33157

-

High

SharePoint CVE-2023-33159 Vulnerability (CVE-2023-33159)

CVE-2023-33159

-

High

SharePoint CVE-2023-33160 Vulnerability (CVE-2023-33160)

CVE-2023-33160

-

High

SharePoint CVE-2023-33165 Vulnerability (CVE-2023-33165)

CVE-2023-33165

-

High

Dolibarr Files or Directories Accessible to External Parties Vulnerability (CVE-2023-33568)

CVE-2023-33568

CWE-552

High

Apache Traffic Server CVE-2023-33933 Vulnerability (CVE-2023-33933)

CVE-2023-33933

-

High

Liferay Portal Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)

CVE-2023-33945

CWE-138

High

Liferay DXP Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2023-33945)

CVE-2023-33945

CWE-138

High