| 2023-01-17 | CVE-2018-14628 | An information leak vulnerability was discovered in Samba's LDAP server. | 4.3 |
| 2023-01-17 | CVE-2022-47318 | ruby-git versions prior to v1.13.0 allows a remote authenticated attacker to execute an arbitrary ruby code by having a user to load a repository containing a specially crafted filename to the product. | 8.0 |
| 2023-01-17 | CVE-2023-22298 | Open Redirect vulnerability in multiple products
Open redirect vulnerability in pgAdmin 4 versions prior to v6.14 allows a remote unauthenticated attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | 6.1 |
| 2023-01-14 | CVE-2023-23589 | The SafeSocks option in Tor before 0.4.7.13 has a logic error in which the unsafe SOCKS4 protocol can be used but not the safe SOCKS4a protocol, aka TROVE-2022-002. | 6.5 |
| 2023-01-12 | CVE-2023-23456 | Out-of-bounds Write vulnerability in multiple products
A heap-based buffer overflow issue was discovered in UPX in PackTmt::pack() in p_tmt.cpp file. | 5.5 |
| 2023-01-12 | CVE-2023-23457 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A Segmentation fault was found in UPX in PackLinuxElf64::invert_pt_dynamic() in p_lx_elf.cpp. | 5.5 |
| 2023-01-12 | CVE-2022-3437 | A heap-based buffer overflow vulnerability was found in Samba within the GSSAPI unwrap_des() and unwrap_des3() routines of Heimdal. | 6.5 |
| 2023-01-12 | CVE-2022-3592 | Link Following vulnerability in multiple products
A symlink following vulnerability was found in Samba, where a user can create a symbolic link that will make 'smbd' escape the configured share path. | 6.5 |
| 2023-01-12 | CVE-2022-47927 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. | 5.5 |
| 2023-01-11 | CVE-2023-22945 | Incorrect Authorization vulnerability in multiple products
In the GrowthExperiments extension for MediaWiki through 1.39, the growthmanagementorlist API allows blocked users (blocked in ApiManageMentorList) to enroll as mentors or edit any of their mentorship-related properties. | 4.3 |