CVE List - 2023 / January
Showing 1601 - 1700 of 2351 CVEs for January 2023 (Page 17 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2023-22912 | 2023-01-20 | An issue was discovered in MediaWiki before 1.35.9, 1.36.x through... |
| CVE-2023-22964 | 2023-01-20 | Zoho ManageEngine ServiceDesk Plus MSP before 10611, and 13x before... |
| CVE-2023-23010 | 2023-01-20 | Cross Site Scripting (XSS) vulnerability in Ecommerce-CodeIgniter-Bootstrap thru commit d5904379ca55014c5df34c67deda982c73dc7fe5... |
| CVE-2023-23012 | 2023-01-20 | Cross Site Scripting (XSS) vulnerability in craigrodway classroombookings 2.6.4 allows... |
| CVE-2023-23014 | 2023-01-20 | Cross Site Scripting (XSS) vulnerability in InventorySystem thru commit e08fbbe17902146313501ed0b5feba81d58f455c... |
| CVE-2023-23015 | 2023-01-20 | Cross Site Scripting (XSS) vulnerability in Kalkun 0.8.0 via username... |
| CVE-2023-23024 | 2023-01-20 | Book Store Management System v1.0 was discovered to contain a... |
| CVE-2023-23143 | 2023-01-20 | Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC... |
| CVE-2023-23144 | 2023-01-20 | Integer overflow vulnerability in function Q_DecCoordOnUnitSphere file bifs/unquantize.c in GPAC... |
| CVE-2023-23145 | 2023-01-20 | GPAC version 2.2-rev0-gab012bbfb-master was discovered to contain a memory leak... |
| CVE-2023-23488 | 2023-01-20 | The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is... |
| CVE-2023-23489 | 2023-01-20 | The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3,... |
| CVE-2023-23490 | 2023-01-20 | The Survey Maker WordPress Plugin, version < 3.1.2, is affected... |
| CVE-2023-23491 | 2023-01-20 | The Quick Event Manager WordPress Plugin, version < 9.7.5, is... |
| CVE-2023-23492 | 2023-01-20 | The Login with Phone Number WordPress Plugin, version < 1.4.2,... |
| CVE-2023-23596 | 2023-01-20 | jc21 NGINX Proxy Manager through 2.9.19 allows OS command injection.... |
| CVE-2023-24021 | 2023-01-20 | Incorrect handling of '\0' bytes in file uploads in ModSecurity... |
| CVE-2023-24025 | 2023-01-20 | CRYSTALS-DILITHIUM (in Post-Quantum Cryptography Selected Algorithms 2022) in PQClean d03da30... |
| CVE-2023-24026 | 2023-01-20 | In MISP 2.4.167, app/webroot/js/event-graph.js has an XSS vulnerability via an... |
| CVE-2023-24027 | 2023-01-20 | In MISP 2.4.167, app/webroot/js/action_table.js allows XSS via a network history... |
| CVE-2023-24028 | 2023-01-20 | In MISP 2.4.167, app/Controller/Component/ACLComponent.php has incorrect access control for the... |
| CVE-2023-23691 | 2023-01-20 | Dell EMC PV ME5, versions ME5.1.0.0.0 and ME5.1.0.1.0, contains a... |
| CVE-2022-40267 | 2023-01-20 | Authentication Bypass Vulnerability in Web Server Function on MELSEC Series |
| CVE-2021-39011 | 2023-01-20 | IBM Cloud Pak for Security information disclosure |
| CVE-2021-39089 | 2023-01-20 | IBM Cloud Pak for Security information disclosure |
| CVE-2023-22458 | 2023-01-20 | Integer overflow in multiple Redis commands can lead to denial-of-service |
| CVE-2022-35977 | 2023-01-20 | Integer overflow in certain command arguments can drive Redis to OOM panic |
| CVE-2022-41733 | 2023-01-20 | IBM InfoSphere Information Server denial of service |
| CVE-2022-1109 | 2023-01-20 | An incorrect default permissions vulnerability in Lenovo Leyun cloud music... |
| CVE-2023-23607 | 2023-01-20 | Unrestricted file upload leads to Remote Code Execution in erohtar/Dasherr |
| CVE-2023-22726 | 2023-01-20 | Unrestricted file upload leading to privilege escalation in act |
| CVE-2023-0052 | 2023-01-20 | SAUTER Controls Nova 200–220 Series Missing Authentication for Critical Function |
| CVE-2023-22742 | 2023-01-20 | libgit2 fails to verify SSH keys by default |
| CVE-2023-24040 | 2023-01-21 | dtprintinfo in Common Desktop Environment 1.6 has a bug in... |
| CVE-2020-36655 | 2023-01-21 | Yii Yii2 Gii before 2.2.2 allows remote attackers to execute... |
| CVE-2023-0433 | 2023-01-21 | Heap-based Buffer Overflow in vim/vim |
| CVE-2023-22617 | 2023-01-21 | A remote attacker might be able to cause infinite recursion... |
| CVE-2023-24038 | 2023-01-21 | The HTML-StripScripts module through 1.06 for Perl allows _hss_attval_style ReDoS... |
| CVE-2023-24039 | 2023-01-21 | A stack-based buffer overflow in ParseColors in libXm in Common... |
| CVE-2023-24042 | 2023-01-21 | A race condition in LightFTP through 2.2 allows an attacker... |
| CVE-2023-22884 | 2023-01-21 | Apache Airflow, Apache Airflow MySQL Provider: Arbitrary file read via MySQL provider in Apache Airflow |
| CVE-2023-24055 | 2023-01-22 | KeePass through 2.53 (in a default installation) allows an attacker,... |
| CVE-2023-0434 | 2023-01-22 | Improper Input Validation in pyload/pyload |
| CVE-2023-0435 | 2023-01-22 | Excessive Attack Surface in pyload/pyload |
| CVE-2023-24044 | 2023-01-22 | A Host Header Injection issue on the Login page of... |
| CVE-2023-24056 | 2023-01-22 | In pkgconf through 1.9.3, variable duplication can cause unbounded string... |
| CVE-2023-24058 | 2023-01-22 | Booked Scheduler 2.5.5 allows authenticated users to create and schedule... |
| CVE-2023-24059 | 2023-01-22 | Grand Theft Auto V for PC allows attackers to achieve... |
| CVE-2022-47065 | 2023-01-23 | TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was... |
| CVE-2023-21775 | 2023-01-23 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| CVE-2023-21795 | 2023-01-23 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2023-21796 | 2023-01-23 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2023-24068 | 2023-01-23 | Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows... |
| CVE-2023-24069 | 2023-01-23 | Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows... |
| CVE-2023-24070 | 2023-01-23 | app/View/AuthKeys/authkey_display.ctp in MISP through 2.4.167 has an XSS in authkey... |
| CVE-2023-24095 | 2023-01-23 | TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was... |
| CVE-2023-24099 | 2023-01-23 | TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was... |
| CVE-2021-43444 | 2023-01-23 | ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect... |
| CVE-2021-43445 | 2023-01-23 | ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect... |
| CVE-2021-43446 | 2023-01-23 | ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Cross... |
| CVE-2021-43447 | 2023-01-23 | ONLYOFFICE all versions as of 2021-11-08 is affected by Incorrect... |
| CVE-2021-43448 | 2023-01-23 | ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Improper... |
| CVE-2021-43449 | 2023-01-23 | ONLYOFFICE all versions as of 2021-11-08 is vulnerable to Server-Side... |
| CVE-2022-23005 | 2023-01-23 | Host Boot ROM Code Vulnerability in Systems Implementing UFS Boot Feature |
| CVE-2022-37718 | 2023-01-23 | The management portal component of JetNexus/EdgeNexus ADC 4.2.8 was discovered... |
| CVE-2022-37719 | 2023-01-23 | A Cross-Site Request Forgery (CSRF) in the management portal of... |
| CVE-2022-38725 | 2023-01-23 | An integer overflow in the RFC3164 parser in One Identity... |
| CVE-2022-40034 | 2023-01-23 | Cross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows... |
| CVE-2022-41505 | 2023-01-23 | An access control issue on TP-LInk Tapo C200 V1 devices... |
| CVE-2022-46639 | 2023-01-23 | A vulnerability in the descarga_etiqueta.php component of Correos Prestashop 1.7.x... |
| CVE-2022-46959 | 2023-01-23 | An issue in the component /admin/backups/work-dir of Sonic v1.0.4 allows... |
| CVE-2022-48281 | 2023-01-23 | processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based... |
| CVE-2023-0438 | 2023-01-23 | Cross-Site Request Forgery (CSRF) in modoboa/modoboa |
| CVE-2023-0440 | 2023-01-23 | Observable Discrepancy in healthchecks/healthchecks |
| CVE-2023-21719 | 2023-01-23 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability |
| CVE-2023-22630 | 2023-01-23 | IzyBat Orange casiers before 20221102_1 allows SQL Injection via a... |
| CVE-2023-22960 | 2023-01-23 | Lexmark products through 2023-01-10 have Improper Control of Interaction Frequency. |
| CVE-2023-23314 | 2023-01-23 | An arbitrary file upload vulnerability in the /api/upload component of... |
| CVE-2023-23560 | 2023-01-23 | In certain Lexmark products through 2023-01-12, SSRF can occur because... |
| CVE-2023-24096 | 2023-01-23 | TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was... |
| CVE-2023-24097 | 2023-01-23 | TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was... |
| CVE-2023-24098 | 2023-01-23 | TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was... |
| CVE-2022-4832 | 2023-01-23 | Store Locator WordPress < 1.4.9 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4625 | 2023-01-23 | Login Logout Menu < 1.4.0 - Contributor+ Stored XSS in Shortcode |
| CVE-2022-4760 | 2023-01-23 | OneClick Chat to Order < 1.0.4.2 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4672 | 2023-01-23 | WordPress Simple Shopping Cart < 4.6.2 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4629 | 2023-01-23 | Product Slider for WooCommerce < 2.6.4 - Contributor+ Stored XSS in Shortcode |
| CVE-2022-4668 | 2023-01-23 | Easy Appointments < 3.11.2 - Contributor+ Stored XSS in Shortcode |
| CVE-2022-4716 | 2023-01-23 | WP Popups < 2.1.4.8 - Contributor+ Stored XSS |
| CVE-2022-4346 | 2023-01-23 | All In One WP Security & Firewall < 5.1.3 - Configuration Leak |
| CVE-2022-4307 | 2023-01-23 | Pardakht Delkhah < 2.9.3 - Unauthenticated Stored XSS |
| CVE-2021-24881 | 2023-01-23 | Passster < 3.5.5.9 - Protection Bypass & Arbitrary Post Access |
| CVE-2022-4673 | 2023-01-23 | Rate my Post – WP Rating System < 3.3.9 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4624 | 2023-01-23 | GS Logo Slider < 3.3.8 - Contributor+ Stored XSS in Shortcode |
| CVE-2022-4576 | 2023-01-23 | Easy Bootstrap Shortcode <= 4.5.4 - Contributor+ Stored XSS |
| CVE-2022-4746 | 2023-01-23 | FluentAuth < 1.0.2 - Bypass blocks by IP Spoofing |
| CVE-2022-4443 | 2023-01-23 | BruteBank - WP Security & Firewall < 1.9 - Settings Update via CSRF |
| CVE-2022-4475 | 2023-01-23 | Collapse-O-Matic < 1.8.3 - Contributor+ Stored XSS |
| CVE-2022-4789 | 2023-01-23 | WPZOOM Portfolio < 1.2.2 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4675 | 2023-01-23 | Mongoose Page Plugin < 1.9.0 - Contributor+ Stored XSS via Shortcode |