| 2023-10-27 | CVE-2023-46604 | The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. | 9.8 |
| 2023-10-25 | CVE-2023-5730 | Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. | 9.8 |
| 2023-10-11 | CVE-2023-44981 | Authorization Bypass Through User-Controlled Key vulnerability in Apache ZooKeeper. | 9.1 |
| 2023-09-27 | CVE-2023-5176 | Out-of-bounds Write vulnerability in multiple products
Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. | 9.8 |
| 2023-09-20 | CVE-2023-42464 | Type Confusion vulnerability in multiple products
A Type Confusion vulnerability was found in the Spotlight RPC functions in afpd in Netatalk 3.1.x before 3.1.17. | 9.8 |
| 2023-09-20 | CVE-2019-19450 | XML Injection (aka Blind XPath Injection) vulnerability in multiple products
paraparser in ReportLab before 3.5.31 allows remote code execution because start_unichar in paraparser.py evaluates untrusted user input in a unichar element in a crafted XML document with '<unichar code="' followed by arbitrary Python code, a similar issue to CVE-2019-17626. | 9.8 |
| 2023-08-31 | CVE-2023-40181 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. | 9.1 |
| 2023-08-31 | CVE-2023-40186 | Integer Overflow or Wraparound vulnerability in multiple products
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. | 9.8 |
| 2023-08-31 | CVE-2023-40188 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. | 9.1 |
| 2023-08-31 | CVE-2023-40567 | FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. | 9.8 |