CVE List - 2023 / January
Showing 1701 - 1800 of 2351 CVEs for January 2023 (Page 18 of 24)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2022-4570 | 2023-01-23 | Top 10 < 3.2.3 - Contributor+ Stored XSS |
| CVE-2022-4474 | 2023-01-23 | Easy Social Feed – Social Photos Gallery – Post Feed – Like Box < 6.4.0 - Contributor+ Stored XSS |
| CVE-2022-3811 | 2023-01-23 | EU Cookie Law <= 3.1.6 - Admin+ Stored XSS |
| CVE-2022-4383 | 2023-01-23 | CBX Petition for WordPress <= 1.0.3 - Unauthenticated SQLi |
| CVE-2022-4751 | 2023-01-23 | Word Balloon < 4.19.3 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4706 | 2023-01-23 | Genesis Columns Advanced < 2.0.4 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4545 | 2023-01-23 | Sitemap < 4.4 - Contributor+ Stored XSS |
| CVE-2022-4230 | 2023-01-23 | WP Statistics < 13.2.9 - Authenticated SQLi |
| CVE-2022-3425 | 2023-01-23 | Google Analyticator < 6.5.6 - Admin+ PHP Object Injection |
| CVE-2022-4509 | 2023-01-23 | Content Control < 1.1.10 - Contributor+ Stored XSS |
| CVE-2022-4548 | 2023-01-23 | Optimize images ALT Text (alt tag) & names for SEO using AI < 2.0.8 - Settings Update via CSRF |
| CVE-2022-4323 | 2023-01-23 | Google Analyticator < 6.5.6 - Admin+ PHP Object Injection |
| CVE-2022-4753 | 2023-01-23 | Print-O-Matic < 2.1.8 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4303 | 2023-01-23 | WP Limit Login Attempts <= 2.6.4 - IP Spoofing |
| CVE-2022-4790 | 2023-01-23 | WP Google My Business Auto Publish < 3.4 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4627 | 2023-01-23 | ShiftNav – Responsive Mobile Menu < 1.7.2 - Contributor+ Stored XSS in Shortcode |
| CVE-2022-4467 | 2023-01-23 | Search & Filter < 1.2.16 - Contributor+ Stored XSS |
| CVE-2022-4758 | 2023-01-23 | 10WebMapBuilder < 1.0.72 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4693 | 2023-01-23 | User Verification < 1.0.94 - Authentication Bypass |
| CVE-2022-4017 | 2023-01-23 | Booster for WooCommerce - Multiple CSRF |
| CVE-2022-4650 | 2023-01-23 | HashBar – WordPress Notification Bar < 1.3.6 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-4715 | 2023-01-23 | Structured Content < 1.5.1 - Contributor+ Stored XSS in Shortcode |
| CVE-2022-4305 | 2023-01-23 | Login as User or Customer < 3.3 - Unauthenticated Privilege Escalation to Admin |
| CVE-2022-4485 | 2023-01-23 | Page-list < 5.3 - Contributor+ Stored XSS |
| CVE-2022-4542 | 2023-01-23 | Compact WP Audio Player < 1.9.8 - Contributor+ Stored XSS |
| CVE-2021-24837 | 2023-01-23 | Passster < 3.5.5.8 - Contributor+ Stored Cross-Site Scripting |
| CVE-2022-4718 | 2023-01-23 | Landing Page Builder < 1.4.9.9 - Contributor+ Cross-Site Scripting via Shortcode |
| CVE-2022-4775 | 2023-01-23 | GeoDirectory < 2.2.22 - Contributor+ Stored XSS via Shortcode |
| CVE-2022-0316 | 2023-01-23 | Multiple themes - Unauthenticated Arbitrary File Upload |
| CVE-2022-1890 | 2023-01-23 | A buffer overflow in the ReadyBootDxe driver in some Lenovo... |
| CVE-2022-1891 | 2023-01-23 | A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo... |
| CVE-2022-1892 | 2023-01-23 | A buffer overflow in the SystemBootManagerDxe driver in some Lenovo... |
| CVE-2022-3430 | 2023-01-23 | A potential vulnerability in the WMI Setup driver on some... |
| CVE-2023-0446 | 2023-01-23 | The My YouTube Channel plugin for WordPress is vulnerable to... |
| CVE-2022-3432 | 2023-01-23 | A potential vulnerability in a driver used during manufacturing process... |
| CVE-2023-0447 | 2023-01-23 | The My YouTube Channel plugin for WordPress is vulnerable to... |
| CVE-2022-4816 | 2023-01-23 | A denial-of-service vulnerability has been identified in Lenovo Safecenter that... |
| CVE-2023-22721 | 2023-01-23 | WordPress Oi Yandex.Maps for WordPress Plugin <= 3.2.7 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23687 | 2023-01-23 | WordPress Youtube shortcode Plugin <= 1.8.5 is vulnerable to Cross Site Scripting (XSS) |
| CVE-2023-23824 | 2023-01-23 | WordPress WP TopBar Plugin <= 5.36 is vulnerable to SQL Injection |
| CVE-2023-22483 | 2023-01-23 | cmark-gfm Quadratic complexity bugs may lead to a denial of service |
| CVE-2023-22484 | 2023-01-23 | Inefficient Quadratic complexity bug in handle_pointy_brace may lead to a denial of service |
| CVE-2022-4554 | 2023-01-24 | Reflected XSS B2B Dealer Ordering System |
| CVE-2023-0471 | 2023-01-24 | Use after free in WebTransport in Google Chrome prior to... |
| CVE-2023-0472 | 2023-01-24 | Use after free in WebRTC in Google Chrome prior to... |
| CVE-2023-0473 | 2023-01-24 | Type Confusion in ServiceWorker API in Google Chrome prior to... |
| CVE-2023-0474 | 2023-01-24 | Use after free in GuestView in Google Chrome prior to... |
| CVE-2023-24451 | 2023-01-24 | A missing permission check in Jenkins Cisco Spark Notifier Plugin... |
| CVE-2021-28510 | 2023-01-24 | For certain systems running EOS, a Precision Time Protocol (PTP) packet of a management/signaling message with an invalid Type-Length-Value (TLV) causes the PTP agent to restart. Repeated restarts of the service will make the service unavailable. |
| CVE-2022-20213 | 2023-01-24 | In ApplicationsDetailsActivity of AndroidManifest.xml, there is a possible DoS due... |
| CVE-2022-20214 | 2023-01-24 | In Car Settings app, the toggle button in Modify system... |
| CVE-2022-20215 | 2023-01-24 | In onCreate of MasterClearConfirmFragment.java, there is a possible factory reset... |
| CVE-2022-20235 | 2023-01-24 | The PowerVR GPU kernel driver maintains an "Information Page" used... |
| CVE-2022-20456 | 2023-01-24 | In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to... |
| CVE-2022-20458 | 2023-01-24 | The logs of sensitive information (PII) or hardware identifier should... |
| CVE-2022-20461 | 2023-01-24 | In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of... |
| CVE-2022-20489 | 2023-01-24 | In many functions of AutomaticZenRule.java, there is a possible failure... |
| CVE-2022-20490 | 2023-01-24 | In multiple functions of AutomaticZenRule.java, there is a possible failure... |
| CVE-2022-20492 | 2023-01-24 | In many functions of AutomaticZenRule.java, there is a possible failure... |
| CVE-2022-20493 | 2023-01-24 | In Condition of Condition.java, there is a possible way to... |
| CVE-2022-20494 | 2023-01-24 | In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS... |
| CVE-2022-26329 | 2023-01-24 | File existence disclosue vulnerability in IDM plugin |
| CVE-2022-27507 | 2023-01-24 | Authenticated denial of service |
| CVE-2022-27508 | 2023-01-24 | Unauthenticated denial of service |
| CVE-2022-3478 | 2023-01-24 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2022-3482 | 2023-01-24 | An improper access control issue in GitLab CE/EE affecting all... |
| CVE-2022-3572 | 2023-01-24 | A cross-site scripting issue has been discovered in GitLab CE/EE... |
| CVE-2022-3740 | 2023-01-24 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2022-3820 | 2023-01-24 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2022-38774 | 2023-01-24 | An issue was discovered in the quarantine feature of Elastic... |
| CVE-2022-38775 | 2023-01-24 | An issue was discovered in the rollback feature of Elastic... |
| CVE-2022-3902 | 2023-01-24 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2022-40036 | 2023-01-24 | An issue was discovered in Rawchen blog-ssm v1.0 allows an... |
| CVE-2022-40037 | 2023-01-24 | An issue discovered in Rawchen blog-ssm v1.0 allows remote attacker... |
| CVE-2022-4054 | 2023-01-24 | An issue has been discovered in GitLab affecting all versions... |
| CVE-2022-4092 | 2023-01-24 | An issue has been discovered in GitLab EE affecting all... |
| CVE-2022-45639 | 2023-01-24 | OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows... |
| CVE-2022-47040 | 2023-01-24 | An issue in ASKEY router RTF3505VW-N1 BR_SV_g000_R3505VMN1001_s32_7 allows attackers to... |
| CVE-2022-47042 | 2023-01-24 | MCMS v5.2.10 and below was discovered to contain an arbitrary... |
| CVE-2022-47100 | 2023-01-24 | A vulnerability in Sengled Smart bulb 0x0000024 allows attackers to... |
| CVE-2022-48199 | 2023-01-24 | SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute... |
| CVE-2023-0394 | 2023-01-24 | A NULL pointer dereference flaw was found in rawv6_push_pending_frames in... |
| CVE-2023-0411 | 2023-01-24 | Excessive loops in multiple dissectors in Wireshark 4.0.0 to 4.0.2... |
| CVE-2023-0412 | 2023-01-24 | TIPC dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0... |
| CVE-2023-0413 | 2023-01-24 | Dissection engine bug in Wireshark 4.0.0 to 4.0.2 and 3.6.0... |
| CVE-2023-0414 | 2023-01-24 | Crash in the EAP dissector in Wireshark 4.0.0 to 4.0.2... |
| CVE-2023-0415 | 2023-01-24 | iSCSI dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0... |
| CVE-2023-0416 | 2023-01-24 | GNW dissector crash in Wireshark 4.0.0 to 4.0.2 and 3.6.0... |
| CVE-2023-0417 | 2023-01-24 | Memory leak in the NFS dissector in Wireshark 4.0.0 to... |
| CVE-2023-0444 | 2023-01-24 | A privilege escalation vulnerability exists in Delta Electronics InfraSuite Device... |
| CVE-2023-0448 | 2023-01-24 | The WP Helper Lite WordPress plugin, in versions < 4.3,... |
| CVE-2023-20904 | 2023-01-24 | In getTrampolineIntent of SettingsActivity.java, there is a possible launch of... |
| CVE-2023-20905 | 2023-01-24 | In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of... |
| CVE-2023-20908 | 2023-01-24 | In several functions of SettingsState.java, there is a possible system... |
| CVE-2023-20912 | 2023-01-24 | In onActivityResult of AvatarPickerActivity.java, there is a possible way to... |
| CVE-2023-20913 | 2023-01-24 | In onCreate of PhoneAccountSettingsActivity.java and related files, there is a... |
| CVE-2023-20915 | 2023-01-24 | In addOrReplacePhoneAccount of PhoneAccountRegistrar.java, there is a possible way to... |
| CVE-2023-20916 | 2023-01-24 | In getMainActivityLaunchIntent of LauncherAppsService.java, there is a possible way to... |
| CVE-2023-20919 | 2023-01-24 | In getStringsForPrefix of Settings.java, there is a possible prevention of... |
| CVE-2023-20920 | 2023-01-24 | In queue of UsbRequest.java, there is a possible way to... |