LiveActive security incident?Get immediate response
CVE archive

November 2023

Browse CVE records published in November 2023, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 2410 matching CVEs · Page 1 of 49.

Unknown · CVSS Not scored

CVE-2023-48193: Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrar...

Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict what code can be run by authorized users who are allowed to execute files.

Published Nov 28, 2023 · Updated Jul 9, 2026

High · CVSS 7.5

CVE-2023-48238: JWT Algorithm Confusion in json-web-token library

joaquimserafim/json-web-token is a javascript library use to interact with JSON Web Tokens (JWT) which are a compact URL-safe means of representing claims to be transferred between two parties. Versions prior to 4.0.0 are vulnerable to a JWT algorithm confusion attack. On line 86 of the 'index.js' file, the algorithm to use for verifying the signature of the JWT token is taken from the JWT token, which at that point is still unverified and thus shouldn't be trusted. To exploit this vulnerability, an attacker needs to craft a malicious JWT token containing the HS256 algorithm, signed with the public RSA key of the victim application. This attack will only work against this library is the RS256 algorithm is in use, however it is a best practice to use that algorithm. Version 4.0.0 fixes the issue.

Published Nov 17, 2023 · Updated Jun 8, 2026

Low · CVSS 3.1

CVE-2023-5963: Allocation of Resources Without Limits or Throttling in GitLab

An issue has been discovered in GitLab EE with Advanced Search affecting all versions from 13.9 to 16.3.6, 16.4 prior to 16.4.2 and 16.5 prior to 16.5.1 that could allow a denial of service in the Advanced Search function by chaining too many syntax operators.

Published Nov 6, 2023 · Updated Jun 4, 2026

Medium · CVSS 5.5

CVE-2023-20240: Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could...

Multiple vulnerabilities in Cisco Secure Client Software, formerly AnyConnect Secure Mobility Client, could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system. These vulnerabilities are due to an out-of-bounds memory read from Cisco Secure Client Software. An attacker could exploit these vulnerabilities by logging in to an affected device at the same time that another user is accessing Cisco Secure Client on the same system, and then sending crafted packets to a port on that local host. A successful exploit could allow the attacker to crash the VPN Agent service, causing it to be unavailable to all users of the system. To exploit these vulnerabilities, the attacker must have valid credentials on a multi-user system.

Published Nov 22, 2023 · Updated Jun 2, 2026

Low · CVSS 3.7

CVE-2023-5831: Insertion of Sensitive Information Into Sent Data in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.0 before 16.3.6, all versions starting from 16.4 before 16.4.2, and all versions starting from 16.5.0 before 16.5.1 which have the `super_sidebar_logged_out` feature flag enabled. Affected versions with this default-disabled feature flag enabled may unintentionally disclose GitLab version metadata to unauthorized actors.

Published Nov 6, 2023 · Updated Jun 2, 2026

High · CVSS 8.1

CVE-2023-4379: Incorrect Authorization in GitLab

An issue has been discovered in GitLab EE affecting all versions starting from 15.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. Code owner approval was not removed from merge requests when the target branch was updated.

Published Nov 9, 2023 · Updated Jun 2, 2026

Critical · CVSS 9.8

CVE-2023-2889: SQLi in Veon Computer's Service Tracking Software

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veon Computer Service Tracking Software allows SQL Injection. This issue affects Service Tracking Software: before crm 2.0.

Published Nov 22, 2023 · Updated May 22, 2026

Critical · CVSS 9.8

CVE-2023-3377: SQLi in Veribilim's Veribase

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Veribilim Software Computer Veribase allows SQL Injection. This issue affects Veribase: through 20231123.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published Nov 23, 2023 · Updated May 22, 2026

Critical · CVSS 9.8

CVE-2023-3631: SQLi in Medart Notification Panel

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Medart Health Services Medart Notification Panel allows SQL Injection. This issue affects Medart Notification Panel: through 20231123.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published Nov 23, 2023 · Updated May 22, 2026

Medium · CVSS 6.1

CVE-2023-4406: XSS in KC Group's E-Commerce Software

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KC Group E-Commerce Software allows Reflected XSS. This issue affects E-Commerce Software: through 20231123.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Published Nov 23, 2023 · Updated May 21, 2026

Medium · CVSS 5.4

CVE-2023-6011: Stored XSS in Geodi

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DECE Software Geodi allows Stored XSS. This issue affects Geodi: before 8.0.0.27396.

Published Nov 22, 2023 · Updated May 20, 2026

High · CVSS 7.1

CVE-2023-5921: Function Bypass in Geodi

Improper Enforcement of Behavioral Workflow vulnerability in DECE Software Geodi allows Functionality Bypass. This issue affects Geodi: before 8.0.0.27396.

Published Nov 22, 2023 · Updated May 20, 2026

High · CVSS 7.5

CVE-2023-6118: Path Traversal in Neutron IP Camera

Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1.

Published Nov 23, 2023 · Updated May 20, 2026

High · CVSS 7.5

CVE-2023-6150: Information Disclosure in Eskom E-municipality

Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users. This issue affects e-municipality module: before v.105.

Published Nov 28, 2023 · Updated May 20, 2026

High · CVSS 7.5

CVE-2023-6151: Information Disclosure in Eskom E-municipality

Incorrect Use of Privileged APIs vulnerability in ESKOM Computer e-municipality module allows Collect Data as Provided by Users. This issue affects e-municipality module: before v.105.

Published Nov 28, 2023 · Updated May 20, 2026

High · CVSS 8.8

CVE-2023-6201: Command Injection in Univera Panorama Framework

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Univera Computer System Panorama allows Command Injection. This issue affects Panorama: before 8.0.

Published Nov 28, 2023 · Updated May 20, 2026

Unknown · CVSS Not scored

CVE-2023-52920: bpf: support non-r10 register spill/fill to/from stack in precision tracking

In the Linux kernel, the following vulnerability has been resolved: bpf: support non-r10 register spill/fill to/from stack in precision tracking Use instruction (jump) history to record instructions that performed register spill/fill to/from stack, regardless if this was done through read-only r10 register, or any other register after copying r10 into it *and* potentially adjusting offset. To make this work reliably, we push extra per-instruction flags into instruction history, encoding stack slot index (spi) and stack frame number in extra 10 bit flags we take away from prev_idx in instruction history. We don't touch idx field for maximum performance, as it's checked most frequently during backtracking. This change removes basically the last remaining practical limitation of precision backtracking logic in BPF verifier. It fixes known deficiencies, but also opens up new opportunities to reduce number of verified states, explored in the subsequent patches. There are only three differences in selftests' BPF object files according to veristat, all in the positive direction (less states). File Program Insns (A) Insns (B) Insns (DIFF) States (A) States (B) States (DIFF) -------------------------------------- ------------- --------- --------- ------------- ---------- ---------- ------------- test_cls_redirect_dynptr.bpf.linked3.o cls_redirect 2987 2864 -123 (-4.12%) 240 231 -9 (-3.75%) xdp_synproxy_kern.bpf.linked3.o syncookie_tc 82848 82661 -187 (-0.23%) 5107 5073 -34 (-0.67%) xdp_synproxy_kern.bpf.linked3.o syncookie_xdp 85116 84964 -152 (-0.18%) 5162 5130 -32 (-0.62%) Note, I avoided renaming jmp_history to more generic insn_hist to minimize number of lines changed and potential merge conflicts between bpf and bpf-next trees. Notice also cur_hist_entry pointer reset to NULL at the beginning of instruction verification loop. This pointer avoids the problem of relying on last jump history entry's insn_idx to determine whether we already have entry for current instruction or not. It can happen that we added jump history entry because current instruction is_jmp_point(), but also we need to add instruction flags for stack access. In this case, we don't want to entries, so we need to reuse last added entry, if it is present. Relying on insn_idx comparison has the same ambiguity problem as the one that was fixed recently in [0], so we avoid that. [0] https://patchwork.kernel.org/project/netdevbpf/patch/20231110002638.4168352-3-andrii@kernel.org/

Published Nov 5, 2024 · Updated May 17, 2026

Medium · CVSS 4.3

CVE-2023-47233: The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in th...

The brcm80211 component in the Linux kernel through 6.5.10 has a brcmf_cfg80211_detach use-after-free in the device unplugging (disconnect the USB by hotplug) code. For physically proximate attackers with local access, this "could be exploited in a real world scenario." This is related to brcmf_cfg80211_escan_timeout_worker in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c.

Published Nov 3, 2023 · Updated May 12, 2026

Medium · CVSS 4.3

CVE-2023-6121: Kernel: nvme: info leak due to out-of-bounds read in nvmet_ctrl_find_get

An out-of-bounds read vulnerability was found in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a remote attacker to send a crafted TCP packet, triggering a heap-based buffer overflow that results in kmalloc data being printed and potentially leaked to the kernel ring buffer (dmesg).

Published Nov 16, 2023 · Updated May 12, 2026

Medium · CVSS 5.3

CVE-2023-5678: Excessive time spent in DH check / generation with large Q parameter value

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow. Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service. While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters. Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q. An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack. DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate(). Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application. The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

Published Nov 6, 2023 · Updated May 12, 2026